Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

help

Started by TZB , Apr 02 2011 08:58 PM

  • Please log in to reply

#1
TZB
Posted 02 April 2011 - 08:58 PM

TZB

    Member

  • Member
  • PipPip
  • 66 posts
i think my computer had a virus, it is running very slow lately and whenever i visit two website with google chrome using new tab, it will turn white screen and says it is not responding. and the internet conectivity sign at my task bar put no internet with a cross but i actually have internet. my speaker also suddenly stop working. and also my facebook account was hacked not long ago when i feel my computer getting slower

heres my log


mOTL logfile created on: 4/3/2011 10:56:24 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\CPU\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 46.00% Memory free
4.00 Gb Paging File | 2.00 Gb Available in Paging File | 63.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.66 Gb Total Space | 423.74 Gb Free Space | 91.00% Space Free | Partition Type: NTFS
Drive E: | 1.88 Gb Total Space | 1.88 Gb Free Space | 100.00% Space Free | Partition Type: FAT
Drive G: | 14.89 Gb Total Space | 13.09 Gb Free Space | 87.91% Space Free | Partition Type: FAT32

Computer Name: CPU-PC | User Name: CPU | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/03 10:54:58 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\CPU\Desktop\OTL.exe
PRC - [2011/03/29 00:01:12 | 003,278,232 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
PRC - [2011/03/17 01:15:46 | 000,382,272 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
PRC - [2011/03/17 01:15:04 | 000,842,048 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
PRC - [2011/03/03 22:55:11 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010/11/23 19:21:18 | 000,130,000 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Safe Web Lite\Engine\1.2.0.6\ccSvcHst.exe
PRC - [2010/05/25 07:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
PRC - [2009/09/24 14:41:58 | 000,434,176 | ---- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
PRC - [2009/04/30 12:23:26 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
PRC - [2008/09/14 14:30:00 | 000,385,024 | ---- | M] () -- C:\Program Files (x86)\Time Stopper\Time Stopper.exe


========== Modules (SafeList) ==========

MOD - [2011/04/03 10:54:58 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\CPU\Desktop\OTL.exe
MOD - [2011/02/11 06:11:36 | 000,034,208 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\idmmkb.dll
MOD - [2010/11/20 04:55:10 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/11/11 15:36:38 | 000,282,616 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2010/11/11 15:36:38 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2010/10/28 03:14:30 | 000,357,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2010/06/29 10:49:27 | 000,128,752 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/03/23 20:51:38 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/03/22 16:19:57 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)
SRV - [2011/03/03 22:55:11 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/01/10 07:16:00 | 003,979,656 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)
SRV - [2010/11/23 19:21:18 | 000,130,000 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton Safe Web Lite\Engine\1.2.0.6\ccSvcHst.exe -- (NSL)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/04/30 12:23:26 | 000,090,112 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/03/28 16:47:05 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:64bit: - [2011/03/28 16:47:05 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2011/03/28 10:46:40 | 000,146,568 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:64bit: - [2011/03/21 19:44:48 | 000,526,392 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011/01/21 07:36:02 | 000,413,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/11/20 06:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:32:48 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/11/20 06:32:48 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 04:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/10/24 22:25:38 | 000,072,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2010/08/25 20:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/08/24 10:29:54 | 000,041,040 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2010/08/24 10:29:32 | 000,057,936 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2010/08/24 10:29:10 | 000,063,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2010/08/24 10:28:24 | 000,030,800 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV:64bit: - [2010/07/21 17:59:28 | 000,045,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2010/02/17 11:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2010/02/17 11:23:05 | 000,012,360 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2009/12/30 11:21:24 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009/08/18 15:20:00 | 000,180,280 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mkd3kfnt.sys -- (Mkd3kfNt)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 13:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/12 14:37:00 | 000,106,040 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Mkd2Nadr.sys -- (Mkd2Nadr)
DRV:64bit: - [2009/02/11 13:25:02 | 000,006,784 | ---- | M] (SweetLow) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidusbf.sys -- (hidusbf)
DRV:64bit: - [2008/10/21 09:22:44 | 000,145,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017unic.sys -- (s0017unic) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM)
DRV:64bit: - [2008/10/21 09:22:44 | 000,128,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017obex.sys -- (s0017obex)
DRV:64bit: - [2008/10/21 09:22:44 | 000,034,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017nd5.sys -- (s0017nd5) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS)
DRV:64bit: - [2008/10/21 09:22:42 | 000,152,616 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017mdm.sys -- (s0017mdm)
DRV:64bit: - [2008/10/21 09:22:42 | 000,133,160 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017mgmt.sys -- (s0017mgmt) Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM)
DRV:64bit: - [2008/10/21 09:22:42 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017mdfl.sys -- (s0017mdfl)
DRV:64bit: - [2008/10/21 09:22:40 | 000,113,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017bus.sys -- (s0017bus) Sony Ericsson Device 0017 driver (WDM)
DRV:64bit: - [2008/01/09 12:28:20 | 000,034,032 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\seehcri.sys -- (seehcri)
DRV:64bit: - [2005/03/29 02:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004/12/30 14:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\CPU\Desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://xin.msn.com/?...rd=1&lang=en-sg
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C9 47 52 98 D7 BF CB 01 [binary data]
IE - HKCU\..\URLSearchHook: {ef13cf4f-2753-470c-88d2-b10effbc2092} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{203FB6B2-2E1E-4474-863B-4C483ECCE78E}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_1.2.0.6\coFFNST\ [2011/01/29 10:42:12 | 000,000,000 | ---D | M]

[2011/04/03 08:02:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\CPU\AppData\Roaming\Mozilla\Extensions
[2011/02/14 22:22:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\CPU\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Norton Safe Web Lite BHO) - {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\1.2.0.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Safe Web Lite) - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\1.2.0.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Safe Web Lite) - {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\1.2.0.6\CoIEPlg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe ARM] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [DAEMON Tools Pro Agent] C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [Sony Ericsson PC Suite] C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.syste...ri_4.4.21.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/01/28 00:29:20 | 000,000,151 | ---- | M] () - G:\Autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/04/03 10:54:54 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\CPU\Desktop\OTL.exe
[2011/04/03 10:23:02 | 000,000,000 | ---D | C] -- C:\Users\CPU\AppData\Local\ElevatedDiagnostics
[2011/04/03 08:55:22 | 000,000,000 | ---D | C] -- C:\Users\CPU\AppData\Roaming\TVU networks
[2011/04/03 08:55:22 | 000,000,000 | ---D | C] -- C:\ProgramData\TVU networks
[2011/04/03 08:54:43 | 000,000,000 | ---D | C] -- C:\TempDVD
[2011/04/03 08:54:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dvdSanta
[2011/04/03 08:54:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\dvdSanta
[2011/04/02 20:12:37 | 000,000,000 | -HSD | C] -- C:\Program Files (x86)\MTW
[2011/04/02 19:39:33 | 000,000,000 | ---D | C] -- C:\Users\CPU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/04/02 09:34:42 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2011/04/02 09:16:51 | 000,000,000 | ---D | C] -- C:\ProgramData\!SASCORE
[2011/04/02 09:16:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011/04/02 09:16:36 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/04/02 09:14:17 | 000,000,000 | ---D | C] -- C:\Users\CPU\AppData\Roaming\SUPERAntiSpyware.com
[2011/04/02 09:14:17 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011/04/02 09:13:13 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2011/04/02 08:20:37 | 000,000,000 | ---D | C] -- C:\Users\CPU\AppData\Roaming\IDM
[2011/04/02 08:20:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2011/04/02 08:20:31 | 000,000,000 | ---D | C] -- C:\Users\CPU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2011/04/02 08:20:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Internet Download Manager
[2011/03/30 17:49:21 | 000,000,000 | ---D | C] -- C:\Users\CPU\AppData\Roaming\Adobe
[2011/03/29 19:42:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011/03/29 18:54:46 | 000,000,000 | ---D | C] -- C:\Users\CPU\Desktop\Adobe SouthBooth CS5 Portable
[2011/03/29 18:10:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xenocode
[2011/03/28 17:12:12 | 000,000,000 | ---D | C] -- C:\Users\CPU\Documents\Sony Ericsson
[2011/03/28 16:47:05 | 000,027,176 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\ggsemc.sys
[2011/03/28 16:47:05 | 000,013,352 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\ggflt.sys
[2011/03/28 10:51:15 | 000,146,568 | ---- | C] (Tonec Inc.) -- C:\Windows\SysNative\drivers\idmwfp.sys
[2011/03/27 08:40:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011/03/27 08:40:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2011/03/27 08:24:46 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpeE4B4.dll
[2011/03/27 08:24:39 | 000,034,032 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\seehcri.sys
[2011/03/27 08:24:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Avanquest
[2011/03/27 08:20:52 | 000,000,000 | ---D | C] -- C:\Users\CPU\AppData\Local\Sony Ericsson
[2011/03/27 08:19:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avanquest update
[2011/03/27 08:19:04 | 000,000,000 | ---D | C] -- C:\ProgramData\BVRP Software
[2011/03/27 08:17:58 | 000,145,960 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s0017unic.sys
[2011/03/27 08:17:58 | 000,128,552 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s0017obex.sys
[2011/03/27 08:17:58 | 000,034,856 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s0017nd5.sys
[2011/03/27 08:17:58 | 000,015,912 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s0017whnt.sys
[2011/03/27 08:17:58 | 000,015,912 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s0017wh.sys
[2011/03/27 08:17:57 | 000,152,616 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s0017mdm.sys
[2011/03/27 08:17:57 | 000,133,160 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s0017mgmt.sys
[2011/03/27 08:17:57 | 000,113,704 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s0017bus.sys
[2011/03/27 08:17:57 | 000,019,496 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s0017mdfl.sys
[2011/03/27 08:17:57 | 000,014,888 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s0017cmnt.sys
[2011/03/27 08:17:57 | 000,014,888 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s0017cm.sys
[2011/03/27 08:17:57 | 000,013,864 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s0017cr.sys
[2011/03/27 08:17:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony Ericsson
[2011/03/27 08:17:51 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2011/03/27 08:17:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Ericsson
[2011/03/27 08:17:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony Ericsson
[2011/03/27 08:17:42 | 000,000,000 | ---D | C] -- C:\Users\CPU\AppData\Roaming\InstallShield
[2011/03/26 19:37:19 | 000,000,000 | ---D | C] -- C:\PFiles
[2011/03/22 17:39:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SoftnyxGame
[2011/03/22 17:24:38 | 000,000,000 | ---D | C] -- C:\Users\CPU\AppData\Local\Xilisoft
[2011/03/22 16:57:01 | 000,000,000 | ---D | C] -- C:\Users\CPU\AppData\Roaming\Xilisoft
[2011/03/22 16:45:55 | 000,000,000 | ---D | C] -- C:\Users\CPU\AppData\Roaming\dvdcss
[2011/03/22 16:38:00 | 000,000,000 | ---D | C] -- C:\Users\CPU\Documents\FFOutput
[2011/03/22 16:37:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreeTime
[2011/03/21 20:00:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2011/03/21 20:00:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011/03/21 19:58:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2011/03/21 19:58:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2011/03/21 19:58:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2011/03/21 19:58:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2011/03/21 19:55:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2011/03/21 19:54:14 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2011/03/21 19:54:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2011/03/21 19:53:39 | 000,000,000 | ---D | C] -- C:\Users\CPU\AppData\Local\Microsoft Help
[2011/03/21 19:53:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2011/03/21 19:53:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011/03/21 19:53:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011/03/21 19:53:01 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2011/03/21 19:44:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro
[2011/03/21 19:44:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Pro
[2011/03/21 19:44:00 | 000,000,000 | ---D | C] -- C:\Users\CPU\AppData\Roaming\DAEMON Tools Pro
[2011/03/21 19:44:00 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Pro
[2011/03/21 19:23:34 | 000,000,000 | ---D | C] -- C:\!~dvdAuthorTempDir~
[2011/03/19 18:31:07 | 000,031,800 | ---- | C] (VS Revo Group) -- C:\Windows\SysNative\drivers\revoflt.sys
[2011/03/19 18:31:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
[2011/03/19 18:31:05 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2011/03/17 15:57:35 | 000,000,000 | ---D | C] -- C:\Users\CPU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011/03/17 14:20:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011/03/17 14:18:49 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2011/03/17 12:06:09 | 000,000,000 | ---D | C] -- C:\Users\CPU\AppData\Roaming\DMCache
[2011/03/17 11:53:49 | 000,000,000 | ---D | C] -- C:\Users\CPU\AppData\Roaming\SystemRequirementsLab
[2011/03/17 11:52:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011/03/17 11:52:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2011/03/16 15:27:32 | 000,180,280 | ---- | C] (AhnLab, Inc.) -- C:\Windows\SysNative\drivers\mkd3kfnt.sys
[2011/03/16 15:27:32 | 000,106,040 | ---- | C] (AhnLab, Inc.) -- C:\Windows\SysNative\drivers\Mkd2Nadr.sys
[2011/03/16 15:26:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AhnLab
[2011/03/16 11:55:45 | 000,000,000 | -HSD | C] -- C:\Users\CPU\Documents\DotaToolKit files
[2011/03/08 17:07:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III
[2011/03/08 17:07:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Warcraft III
[2011/03/08 17:07:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2011/03/08 16:41:44 | 000,000,000 | ---D | C] -- C:\Users\CPU\AppData\Local\Danat's Projects

========== Files - Modified Within 30 Days ==========

[2011/04/03 10:54:58 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\CPU\Desktop\OTL.exe
[2011/04/03 10:44:36 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/04/03 10:44:36 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/04/03 10:37:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/04/03 10:37:10 | 1521,786,880 | -HS- | M] () -- C:\hiberfil.sys
[2011/04/03 09:01:13 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2216369010-1191736313-1491870293-1001UA.job
[2011/04/03 08:54:39 | 000,001,011 | ---- | M] () -- C:\Users\CPU\Desktop\dvdSanta.lnk
[2011/04/02 19:39:38 | 000,001,933 | ---- | M] () -- C:\Users\CPU\Desktop\WinRAR.lnk
[2011/04/02 18:55:18 | 000,729,688 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/04/02 18:55:18 | 000,626,040 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/04/02 18:55:18 | 000,107,316 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/04/02 16:01:00 | 000,000,846 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2216369010-1191736313-1491870293-1001Core.job
[2011/04/02 09:16:50 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/04/01 20:41:28 | 000,001,441 | ---- | M] () -- C:\Users\CPU\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/03/28 16:52:57 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggflt_01007.Wdf
[2011/03/28 16:52:56 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggsemc_01007.Wdf
[2011/03/28 16:47:05 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\ggsemc.sys
[2011/03/28 16:47:05 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\ggflt.sys
[2011/03/28 10:46:40 | 000,146,568 | ---- | M] (Tonec Inc.) -- C:\Windows\SysNative\drivers\idmwfp.sys
[2011/03/27 08:40:42 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/03/27 08:24:50 | 000,002,218 | ---- | M] () -- C:\Users\Public\Desktop\Sony Ericsson PC Suite 6.0.lnk
[2011/03/27 08:24:46 | 000,148,736 | ---- | M] (Avanquest Software) -- C:\ProgramData\hpeE4B4.dll
[2011/03/26 20:02:38 | 000,002,389 | ---- | M] () -- C:\Users\CPU\Desktop\Google Chrome.lnk
[2011/03/26 15:13:32 | 000,002,115 | ---- | M] () -- C:\Users\CPU\Desktop\Daemon.lnk
[2011/03/26 09:55:43 | 000,001,352 | ---- | M] () -- C:\Users\CPU\Documents\AutoHotkey.ahk
[2011/03/22 17:42:01 | 000,002,116 | ---- | M] () -- C:\Users\CPU\Desktop\WolfTeamIS.lnk
[2011/03/22 16:19:57 | 000,008,192 | ---- | M] () -- C:\Windows\SysWow64\srvany.exe
[2011/03/21 22:51:23 | 000,418,048 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/03/21 19:44:48 | 000,526,392 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys
[2011/03/19 18:31:08 | 000,001,101 | ---- | M] () -- C:\Users\CPU\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2011/03/19 18:31:08 | 000,001,077 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2011/03/19 16:22:00 | 000,002,207 | ---- | M] () -- C:\Users\CPU\Desktop\Revo.lnk
[2011/03/11 22:04:08 | 000,000,816 | ---- | M] () -- C:\Windows\tasks\hpwebreg_CN0CN3J5GJ05HW.job
[2011/03/08 17:14:40 | 000,001,098 | ---- | M] () -- C:\Users\Public\Desktop\Warcraft III - The Frozen Throne.lnk
[2011/03/08 17:09:26 | 000,001,053 | ---- | M] () -- C:\Users\Public\Desktop\Warcraft III.lnk
[2011/03/07 23:11:04 | 000,189,480 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011/03/07 23:11:04 | 000,189,480 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/03/05 14:02:42 | 000,000,999 | ---- | M] () -- C:\Windows\SysWow64\ST4UNST.000

========== Files Created - No Company Name ==========

[2011/04/03 08:54:39 | 000,001,011 | ---- | C] () -- C:\Users\CPU\Desktop\dvdSanta.lnk
[2011/04/02 19:39:38 | 000,001,933 | ---- | C] () -- C:\Users\CPU\Desktop\WinRAR.lnk
[2011/04/02 09:16:50 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/03/28 16:52:57 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggflt_01007.Wdf
[2011/03/28 16:52:56 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggsemc_01007.Wdf
[2011/03/27 08:40:42 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/03/27 08:40:41 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011/03/27 08:24:50 | 000,002,218 | ---- | C] () -- C:\Users\Public\Desktop\Sony Ericsson PC Suite 6.0.lnk
[2011/03/26 15:13:32 | 000,002,115 | ---- | C] () -- C:\Users\CPU\Desktop\Daemon.lnk
[2011/03/26 09:55:43 | 000,001,352 | ---- | C] () -- C:\Users\CPU\Documents\AutoHotkey.ahk
[2011/03/22 17:42:01 | 000,002,116 | ---- | C] () -- C:\Users\CPU\Desktop\WolfTeamIS.lnk
[2011/03/22 16:20:16 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe
[2011/03/21 19:25:59 | 000,526,392 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys
[2011/03/19 18:31:08 | 000,001,101 | ---- | C] () -- C:\Users\CPU\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2011/03/19 18:31:08 | 000,001,077 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2011/03/19 16:22:00 | 000,002,207 | ---- | C] () -- C:\Users\CPU\Desktop\Revo.lnk
[2011/03/17 15:57:37 | 000,002,389 | ---- | C] () -- C:\Users\CPU\Desktop\Google Chrome.lnk
[2011/03/17 15:56:45 | 000,000,898 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2216369010-1191736313-1491870293-1001UA.job
[2011/03/17 15:56:44 | 000,000,846 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2216369010-1191736313-1491870293-1001Core.job
[2011/03/08 17:11:52 | 000,001,098 | ---- | C] () -- C:\Users\Public\Desktop\Warcraft III - The Frozen Throne.lnk
[2011/03/08 17:07:04 | 000,001,053 | ---- | C] () -- C:\Users\Public\Desktop\Warcraft III.lnk
[2011/03/05 14:02:23 | 000,000,999 | ---- | C] () -- C:\Windows\SysWow64\ST4UNST.000
[2011/02/22 22:48:09 | 000,189,480 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/02/22 22:48:07 | 003,360,624 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011/02/22 22:48:07 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/01/29 16:43:40 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/01/29 10:16:58 | 000,730,638 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/08/25 20:34:30 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2010/08/25 20:34:30 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2010/08/25 20:34:30 | 000,104,796 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2010/08/25 19:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010/08/25 19:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2009/07/13 22:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 19:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 19:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 17:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 16:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 14:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 14:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2011/02/10 20:29:33 | 000,000,000 | ---D | M] -- C:\Users\CPU\AppData\Roaming\Auslogics
[2011/03/21 19:49:00 | 000,000,000 | ---D | M] -- C:\Users\CPU\AppData\Roaming\DAEMON Tools Pro
[2011/04/03 10:36:21 | 000,000,000 | ---D | M] -- C:\Users\CPU\AppData\Roaming\DMCache
[2011/02/16 21:52:35 | 000,000,000 | ---D | M] -- C:\Users\CPU\AppData\Roaming\GetRightToGo
[2011/04/02 09:13:53 | 000,000,000 | ---D | M] -- C:\Users\CPU\AppData\Roaming\IDM
[2011/02/08 18:22:01 | 000,000,000 | ---D | M] -- C:\Users\CPU\AppData\Roaming\Leadertech
[2011/02/03 10:53:08 | 000,000,000 | ---D | M] -- C:\Users\CPU\AppData\Roaming\SwitchVid
[2011/03/17 11:53:49 | 000,000,000 | ---D | M] -- C:\Users\CPU\AppData\Roaming\SystemRequirementsLab
[2011/02/07 22:54:38 | 000,000,000 | ---D | M] -- C:\Users\CPU\AppData\Roaming\Visan
[2011/04/02 08:13:04 | 000,000,000 | ---D | M] -- C:\Users\CPU\AppData\Roaming\Xilisoft
[2011/03/27 18:59:08 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >


heres the extras



OTL Extras logfile created on: 4/3/2011 10:59:52 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\CPU\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 43.00% Memory free
4.00 Gb Paging File | 2.00 Gb Available in Paging File | 61.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.66 Gb Total Space | 423.74 Gb Free Space | 91.00% Space Free | Partition Type: NTFS
Drive E: | 1.88 Gb Total Space | 1.88 Gb Free Space | 100.00% Space Free | Partition Type: FAT
Drive G: | 14.89 Gb Total Space | 13.09 Gb Free Space | 87.91% Space Free | Partition Type: FAT32

Computer Name: CPU-PC | User Name: CPU | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{5848A26C-E4BC-4A13-AA8D-810BA344475A}" = HP Deskjet 1050 J410 series Product Improvement Study
"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-1000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-1000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-1000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2010
"{90140000-0044-0409-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-1000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-1000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{BB94D541-A747-4A5D-B0ED-72FA5C158EA5}" = HP Deskjet 1050 J410 series Basic Device Software
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{E77543EE-6FB5-4FF6-AB70-635392C8C756}" = Microsoft Security Client
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Revo Uninstaller Pro Retail zoo_is1" = Revo Uninstaller Pro 2.5.0
"sp6" = Logitech SetPoint 6.20
"WinRAR archiver" = WinRAR 4.00 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java™ 6 Update 24
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.009.00
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}" = HP Deskjet 1050 J410 series Help
"{679F739E-5C76-4A41-B562-F9392156B6DD}" = System Requirements Lab CYRI
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{87686C21-8A15-4b4d-A3F1-11141D9BE094}" = Battlefield Play4Free
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X (10.0.1)
"{C1646F6E-A8AE-4C6B-AE4D-11E03970F0F2}" = Sudden Attack SEA
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AhnLab Online Security" = AhnLab Online Security
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"DAEMON Tools Pro" = DAEMON Tools Pro
"dvdSanta 4.00 - Create Your Own DVD Movies!_is1" = dvdSanta 4.00
"HP Photo Creations" = HP Photo Creations
"Internet Download Manager" = Internet Download Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"NST" = Norton Safe Web Lite
"PunkBusterSvc" = PunkBuster Services
"ST4UNST #1" = Visual Basic 4 Runtime Files
"ST4UNST #2" = Runtime Files Pack 3
"Steam App 13140" = America's Army 3
"Time Stopper3.00" = Time Stopper
"Update Engine" = Sony Ericsson Update Engine
"Warcraft III" = Warcraft III
"WolfTeam International_is1" = WolfTeam International

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"0638265cfb8124a6" = AA2Deploy
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/3/2011 1:48:50 PM | Computer Name = CPU-PC | Source = VSS | ID = 8193
Description =

Error - 4/3/2011 1:48:50 PM | Computer Name = CPU-PC | Source = System Restore | ID = 8193
Description =

Error - 4/3/2011 1:49:23 PM | Computer Name = CPU-PC | Source = VSS | ID = 22
Description =

Error - 4/3/2011 1:49:23 PM | Computer Name = CPU-PC | Source = VSS | ID = 8193
Description =

Error - 4/3/2011 1:49:23 PM | Computer Name = CPU-PC | Source = System Restore | ID = 8193
Description =

Error - 4/3/2011 1:49:45 PM | Computer Name = CPU-PC | Source = VSS | ID = 22
Description =

Error - 4/3/2011 1:49:45 PM | Computer Name = CPU-PC | Source = VSS | ID = 8193
Description =

Error - 4/3/2011 1:49:45 PM | Computer Name = CPU-PC | Source = System Restore | ID = 8193
Description =

Error - 4/3/2011 1:50:17 PM | Computer Name = CPU-PC | Source = VSS | ID = 22
Description =

Error - 4/3/2011 1:50:17 PM | Computer Name = CPU-PC | Source = VSS | ID = 8193
Description =

[ System Events ]
Error - 3/27/2011 12:25:18 PM | Computer Name = CPU-PC | Source = Application Popup | ID = 1060
Description = \??\C:\Program Files (x86)\Asiasoft Online\SuddenAttackSEA\Game has
been blocked from loading due to incompatibility with this system. Please contact
your software vendor for a compatible version of the driver.

Error - 3/27/2011 12:25:23 PM | Computer Name = CPU-PC | Source = Service Control Manager | ID = 7000
Description = The NPPTNT2 service failed to start due to the following error: %%2

Error - 3/27/2011 12:40:35 PM | Computer Name = CPU-PC | Source = Application Popup | ID = 1060
Description = \??\C:\Program Files (x86)\Asiasoft Online\SuddenAttackSEA\Game has
been blocked from loading due to incompatibility with this system. Please contact
your software vendor for a compatible version of the driver.

Error - 3/27/2011 12:40:37 PM | Computer Name = CPU-PC | Source = Service Control Manager | ID = 7000
Description = The NPPTNT2 service failed to start due to the following error: %%2

Error - 3/27/2011 4:04:15 PM | Computer Name = CPU-PC | Source = Application Popup | ID = 1060
Description = \??\C:\Program Files (x86)\Asiasoft Online\SuddenAttackSEA\Game has
been blocked from loading due to incompatibility with this system. Please contact
your software vendor for a compatible version of the driver.

Error - 3/27/2011 4:04:20 PM | Computer Name = CPU-PC | Source = Service Control Manager | ID = 7000
Description = The NPPTNT2 service failed to start due to the following error: %%2

Error - 3/27/2011 4:42:50 PM | Computer Name = CPU-PC | Source = Microsoft Antimalware | ID = 3002
Description = %%860 Real-Time Protection feature has encountered an error and failed.

Feature:
%%835 Error Code: 0x80004005 Error description: Unspecified error Reason: %%842

Error - 3/28/2011 1:18:34 AM | Computer Name = CPU-PC | Source = WMPNetworkSvc | ID = 866300
Description =

Error - 3/30/2011 5:23:55 PM | Computer Name = CPU-PC | Source = Microsoft Antimalware | ID = 3002
Description = %%860 Real-Time Protection feature has encountered an error and failed.

Feature:
%%835 Error Code: 0x80004005 Error description: Unspecified error Reason: %%842

Error - 3/31/2011 5:58:27 PM | Computer Name = CPU-PC | Source = Microsoft Antimalware | ID = 3002
Description = %%860 Real-Time Protection feature has encountered an error and failed.

Feature:
%%835 Error Code: 0x80004005 Error description: Unspecified error Reason: %%842


< End of report >

Edited by TZB, 02 April 2011 - 09:04 PM.

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP