I suspect I got it from uTorrent. Please help!
Here is my OTL log:
OTL logfile created on: 6/2/2011 8:46:11 PM - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Main\Downloads
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.12 Gb Total Physical Memory | 2.09 Gb Available Physical Memory | 66.79% Memory free
6.24 Gb Paging File | 5.09 Gb Available in Paging File | 81.57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 228.13 Gb Total Space | 65.51 Gb Free Space | 28.72% Space Free | Partition Type: NTFS
Computer Name: MAIN-PC | User Name: Main | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/06/02 20:45:50 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Main\Downloads\OTL.exe
PRC - [2011/05/29 09:11:28 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/05/01 21:00:40 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/04/28 03:06:10 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/03/28 15:41:12 | 001,242,504 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2011/03/16 18:40:37 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/02/26 01:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/01/10 15:23:29 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011/01/07 22:06:12 | 000,803,432 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2011/01/07 20:48:56 | 000,378,984 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/09/11 23:46:03 | 002,969,496 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
PRC - [2010/01/14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2010/01/04 08:07:50 | 000,069,632 | ---- | M] (Creative Labs) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
PRC - [2009/07/13 21:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/13 21:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2007/05/28 12:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2007/04/06 12:06:58 | 000,057,344 | ---- | M] (ZSMCSNAP) -- C:\Windows\ZSSnp211.exe
PRC - [2006/08/18 17:58:14 | 000,049,152 | ---- | M] () -- C:\Windows\Domino.exe
========== Modules (SafeList) ==========
MOD - [2011/06/02 20:45:50 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Main\Downloads\OTL.exe
MOD - [2010/08/21 01:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2011/06/02 20:02:32 | 003,457,112 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_ba2d301.dll -- (Akamai)
SRV - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/04/28 03:06:10 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/03/28 15:41:12 | 001,242,504 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011/03/23 23:41:12 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/03/16 18:40:37 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/01/07 20:48:56 | 000,378,984 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/05/10 03:00:15 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/01/04 08:07:50 | 000,069,632 | ---- | M] (Creative Labs) [Auto | Running] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe -- (Creative Labs Licensing Service)
SRV - [2009/09/14 15:35:00 | 003,597,136 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/05/28 12:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
========== Driver Services (SafeList) ==========
DRV - [2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/03/16 18:40:38 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/01/10 15:23:53 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/01/07 23:27:00 | 010,467,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/11/11 19:10:50 | 000,122,984 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2010/08/20 13:21:55 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/06/17 15:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/02/03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009/07/13 21:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/13 21:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009/07/13 21:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/13 19:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/13 19:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/13 19:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/07/13 18:02:50 | 000,211,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2009/02/13 12:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2007/12/13 11:17:58 | 001,472,000 | ---- | M] (ZSMC.Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ZS211.sys -- (ZSMC30x)
DRV - [2007/12/10 19:15:34 | 000,480,128 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vvftav211.sys -- (vvftav211)
DRV - [2007/06/29 14:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2007/04/09 10:50:34 | 000,009,600 | ---- | M] (Waytech Development, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UsbFltr.sys -- (UsbFltr)
DRV - [2006/01/04 16:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\monfilt.sys -- (monfilt)
DRV - [2005/05/25 18:34:00 | 000,158,464 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTUSFSYN.SYS -- (CTUSFSYN)
DRV - [2005/01/10 19:15:00 | 000,138,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTSFM2K.SYS -- (ctsfm2k)
DRV - [2005/01/10 19:15:00 | 000,106,496 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTOSS2K.SYS -- (ossrv)
DRV - [2004/06/17 11:41:16 | 000,386,688 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TNET1130.sys -- (TNET1130)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://broadband.zoomtown.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://broadband.zoomtown.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 64 A9 BA E3 0F CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: [email protected]:1.60
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.2.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.4
FF - prefs.js..extensions.enabledItems: {F7E39698-7E13-42E3-BE46-E4C50FD7CE6A}:1.9.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170633FE}:0.4.5.15
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 8118
FF - prefs.js..network.proxy.no_proxies_on: "127.0.0.1"
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 9050
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.ssl_port: 8118
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/01 21:00:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/01 21:00:41 | 000,000,000 | ---D | M]
[2010/01/04 07:57:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Main\AppData\Roaming\Mozilla\Extensions
[2011/06/01 23:50:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Main\AppData\Roaming\Mozilla\Firefox\Profiles\49c9ar72.default\extensions
[2011/05/16 00:58:39 | 000,000,000 | ---D | M] (4chan) -- C:\Users\Main\AppData\Roaming\Mozilla\Firefox\Profiles\49c9ar72.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}
[2011/04/16 01:05:04 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Main\AppData\Roaming\Mozilla\Firefox\Profiles\49c9ar72.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/04/21 13:38:35 | 000,000,000 | ---D | M] (Torbutton) -- C:\Users\Main\AppData\Roaming\Mozilla\Firefox\Profiles\49c9ar72.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2011/04/16 01:05:03 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Main\AppData\Roaming\Mozilla\Firefox\Profiles\49c9ar72.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011/04/16 01:05:06 | 000,000,000 | ---D | M] ("Exif Viewer") -- C:\Users\Main\AppData\Roaming\Mozilla\Firefox\Profiles\49c9ar72.default\extensions\[email protected]
[2011/03/10 19:35:19 | 000,000,000 | ---D | M] ("MailCatch: Temporary Emails") -- C:\Users\Main\AppData\Roaming\Mozilla\Firefox\Profiles\49c9ar72.default\extensions\[email protected]
[2011/04/16 05:46:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/01/14 20:27:02 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/05/14 09:30:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/10/20 00:43:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/17 22:39:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/04/16 05:46:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/04/06 22:43:23 | 000,000,000 | ---D | M] (XULRunner) -- C:\USERS\MAIN\APPDATA\LOCAL\{F7E39698-7E13-42E3-BE46-E4C50FD7CE6A}
[2009/12/31 05:05:32 | 000,040,960 | ---- | M] (BYOND) -- C:\Program Files\Mozilla Firefox\plugins\npbyond.dll
[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
O1 HOSTS File: ([2011/05/15 22:39:55 | 000,000,988 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 serial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 www.alcohol-soft.com
O1 - Hosts: 127.0.0.1 images.alcohol-soft.com
O1 - Hosts: 127.0.0.1 trial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 alcohol-soft.com
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Domino] C:\Windows\Domino.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [ZSSnp211] C:\Windows\ZSSnp211.exe (ZSMCSNAP)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {297DE2B6-509A-4B36-93C5-A65276606900} http://www.in.honda....AX/RraainAX.CAB (RRAAINAX_02.RRAAINAX)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{33d95443-cfec-11df-a4f4-001676c80551}\Shell - "" = AutoRun
O33 - MountPoints2\{33d95443-cfec-11df-a4f4-001676c80551}\Shell\AutoRun\command - "" = G:\install.exe
O33 - MountPoints2\{4964d05f-6731-11e0-a1da-001676c80551}\Shell - "" = AutoRun
O33 - MountPoints2\{4964d05f-6731-11e0-a1da-001676c80551}\Shell\AutoRun\command - "" = E:\autorun.exe
O33 - MountPoints2\{9152f09d-ac7f-11df-a9de-001676c80551}\Shell - "" = AutoRun
O33 - MountPoints2\{9152f09d-ac7f-11df-a9de-001676c80551}\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\{979f7f50-5e9e-11df-9378-001676c80551}\Shell - "" = AutoRun
O33 - MountPoints2\{979f7f50-5e9e-11df-9378-001676c80551}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/06/02 20:37:16 | 000,000,000 | ---D | C] -- C:\Users\Main\Desktop\GooredFix Backups
[2011/06/01 19:12:30 | 001,431,344 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Main\Desktop\TDSSKiller.exe
[2011/06/01 18:52:42 | 000,000,000 | ---D | C] -- C:\Users\Main\AppData\Local\{D8F3F5B3-9CD7-4AB4-8946-5102B470FDAB}
[2011/05/22 21:52:18 | 000,000,000 | ---D | C] -- C:\Users\Main\AppData\Local\{A6FA2437-3C97-47D3-B575-FEB4307C995F}
[2011/05/22 07:17:31 | 000,000,000 | ---D | C] -- C:\Users\Main\AppData\Local\{298F816F-B892-4C81-B879-F71387163022}
[2011/05/21 05:29:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dawntide
[2011/05/21 05:28:57 | 000,000,000 | ---D | C] -- C:\Games
[2011/05/21 05:28:57 | 000,000,000 | ---D | C] -- C:\Users\Main\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dawntide
[2011/05/19 17:30:48 | 000,000,000 | ---D | C] -- C:\Users\Main\AppData\Local\{447E767C-60B3-44A4-B7E1-EF0C3E710030}
[2011/05/18 04:54:42 | 000,000,000 | ---D | C] -- C:\Users\Main\AppData\Local\{E20B8CEC-7CB9-4BC6-8978-A3EBFC62273A}
[2011/05/15 22:41:26 | 000,000,000 | ---D | C] -- C:\Users\Main\Desktop\images
[2011/05/15 22:40:30 | 000,000,000 | ---D | C] -- C:\Users\Main\Documents\Alcohol 120%
[2011/05/12 23:24:52 | 000,000,000 | ---D | C] -- C:\Users\Main\AppData\Local\{0BEF690C-1F7C-47E4-8B08-01F13D73DF17}
[2011/05/12 00:59:35 | 000,000,000 | ---D | C] -- C:\Users\Main\AppData\Local\{E3604EFD-A352-4B08-B2E3-A5220ADA73BE}
[2011/05/10 08:15:35 | 000,000,000 | ---D | C] -- C:\Users\Main\AppData\Local\{E87AD888-AD36-44F9-BC19-4096F22C2870}
[2011/05/08 21:07:36 | 000,000,000 | ---D | C] -- C:\Users\Main\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AC3Filter
[2011/05/08 21:07:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter
[2011/05/08 21:07:35 | 000,000,000 | ---D | C] -- C:\Program Files\AC3Filter
[2011/05/08 18:55:18 | 000,000,000 | ---D | C] -- C:\Users\Main\AppData\Local\{2B356DB7-6851-42EC-99CE-DC7452372890}
[2011/05/05 18:39:24 | 000,000,000 | ---D | C] -- C:\Users\Main\AppData\Local\{D9291BAE-E24B-4C94-A3A6-0A6430887FF9}
[2011/05/04 14:52:23 | 000,000,000 | ---D | C] -- C:\Users\Main\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GOG.com
[2011/05/04 08:13:03 | 000,000,000 | ---D | C] -- C:\Users\Main\AppData\Local\{921F6CE2-76CB-4E01-9401-B7A44EED7FB2}
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/06/02 20:45:58 | 000,013,440 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/02 20:45:58 | 000,013,440 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/02 20:38:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/02 20:38:20 | 2515,046,400 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/30 14:14:47 | 000,003,251 | ---- | M] () -- C:\Users\Main\Desktop\186481_100001307994074_4451990_q.jpg
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/05/25 20:54:58 | 000,657,196 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/05/25 20:54:58 | 000,114,582 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/05/25 07:10:16 | 001,431,344 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Main\Desktop\TDSSKiller.exe
[2011/05/21 05:29:37 | 000,001,604 | ---- | M] () -- C:\Users\Main\Application Data\Microsoft\Internet Explorer\Quick Launch\Dawntide.lnk
[2011/05/21 05:29:36 | 000,001,580 | ---- | M] () -- C:\Users\Main\Desktop\Dawntide.lnk
[2011/05/21 05:29:35 | 000,413,696 | ---- | M] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/05/30 14:14:46 | 000,003,251 | ---- | C] () -- C:\Users\Main\Desktop\186481_100001307994074_4451990_q.jpg
[2011/05/21 05:29:37 | 000,001,604 | ---- | C] () -- C:\Users\Main\Application Data\Microsoft\Internet Explorer\Quick Launch\Dawntide.lnk
[2011/05/21 05:29:36 | 000,001,580 | ---- | C] () -- C:\Users\Main\Desktop\Dawntide.lnk
[2011/05/08 21:07:37 | 000,380,928 | ---- | C] () -- C:\Windows\System32\ac3filter.acm
[2011/04/09 17:03:34 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011/04/06 22:43:25 | 000,000,120 | ---- | C] () -- C:\Users\Main\AppData\Local\Syaxuleboduyev.dat
[2011/04/06 22:43:25 | 000,000,000 | ---- | C] () -- C:\Users\Main\AppData\Local\Thomalosac.bin
[2010/12/20 02:00:15 | 000,049,152 | ---- | C] () -- C:\Windows\Domino.exe
[2010/12/18 22:47:30 | 000,000,008 | ---- | C] () -- C:\Users\Main\AppData\Roaming\DofusAppId0_3
[2010/12/18 22:18:41 | 000,000,008 | ---- | C] () -- C:\Users\Main\AppData\Roaming\DofusAppId0_1
[2010/12/18 22:15:51 | 000,000,169 | ---- | C] () -- C:\Users\Main\AppData\Roaming\D2Info0
[2010/12/18 22:15:51 | 000,000,008 | ---- | C] () -- C:\Users\Main\AppData\Roaming\DofusAppId0_2
[2010/12/13 00:27:15 | 000,000,038 | ---- | C] () -- C:\Windows\cedt.INI
[2010/12/11 21:49:31 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/11/06 20:29:41 | 000,000,001 | ---- | C] () -- C:\Windows\System32\SI.bin
[2010/08/08 21:10:21 | 000,111,928 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2010/08/08 21:10:03 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2010/08/08 21:10:02 | 002,373,712 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2010/08/08 06:28:50 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2010/07/23 01:11:48 | 000,000,036 | ---- | C] () -- C:\Users\Main\AppData\Local\housecall.guid.cache
[2010/06/12 00:33:08 | 000,084,912 | ---- | C] () -- C:\Windows\System32\drivers\FwRad17.bin
[2010/06/12 00:33:08 | 000,083,320 | ---- | C] () -- C:\Windows\System32\drivers\FwRad16.bin
[2010/05/31 03:21:39 | 000,000,028 | ---- | C] () -- C:\Windows\v2d.INI
[2010/05/17 10:08:14 | 000,007,603 | ---- | C] () -- C:\Users\Main\AppData\Local\Resmon.ResmonCfg
[2010/04/24 18:50:03 | 000,000,020 | ---- | C] () -- C:\Windows\GKLauncherInfo.ini
[2010/01/04 08:07:30 | 000,022,629 | ---- | C] () -- C:\Windows\System32\CiFilter.ini
[2009/07/14 00:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 00:33:53 | 000,285,880 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 22:05:48 | 000,657,196 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/13 22:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/13 22:05:48 | 000,114,582 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/13 22:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/13 22:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/13 22:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 20:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009/07/13 19:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/07/08 21:03:02 | 000,058,880 | ---- | C] () -- C:\Windows\System32\bdmpegv.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/07/18 16:51:16 | 005,304,320 | ---- | C] () -- C:\Windows\System32\digiSealApi.dll
========== LOP Check ==========
[2010/03/07 19:09:45 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\.minecraft
[2010/08/30 23:51:52 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\.purple
[2010/01/04 12:22:27 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\acccore
[2010/12/18 22:15:53 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\app
[2011/05/03 16:49:34 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\com.gog.downloader.87F90EC6C28C7E479115BE2E026DB87A08BC420D.1
[2010/08/20 13:32:55 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\DAEMON Tools Lite
[2010/12/18 22:56:58 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Dofus 2
[2010/12/18 22:15:51 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2010/12/18 22:47:30 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Dofus-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2010/12/18 22:18:41 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2010/01/08 23:20:40 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Downloaded Installations
[2010/03/15 16:47:34 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Facebook
[2010/11/06 20:59:31 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\GameRanger
[2010/11/06 20:34:05 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\GetRightToGo
[2010/05/31 03:41:38 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\gtk-2.0
[2011/04/27 01:38:11 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\ImgBurn
[2011/04/11 03:00:10 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Keavir
[2010/08/22 01:02:49 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Leadertech
[2010/12/29 18:39:48 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\LolClient
[2011/03/06 20:46:06 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\NeopleLauncherDFO
[2011/01/01 21:38:53 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Notepad++
[2010/01/19 15:48:35 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\OpenOffice.org
[2010/12/18 22:15:53 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2011/05/19 20:47:27 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\RIFT
[2010/01/04 08:49:34 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\runic games
[2011/05/19 20:50:00 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Three Rings Design
[2010/01/04 22:30:53 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Trillian
[2010/05/22 20:48:57 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\TuneUp Software
[2010/07/27 03:36:42 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Unity
[2011/06/02 20:39:08 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\uTorrent
[2011/04/13 19:32:07 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Wela
[2010/11/26 19:46:21 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Windows Live Writer
[2011/05/22 07:16:12 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Files - Unicode (All) ==========
[2010/09/15 20:33:26 | 000,000,000 | ---D | M](C:\Users\Main\Documents\?? ???) -- C:\Users\Main\Documents\넥슨 플러그
[2010/09/15 20:33:26 | 000,000,000 | ---D | C](C:\Users\Main\Documents\?? ???) -- C:\Users\Main\Documents\넥슨 플러그
========== Alternate Data Streams ==========
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:C8B8CEBD
< End of report >
OTL Extras logfile created on: 6/2/2011 8:46:11 PM - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Main\Downloads
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.12 Gb Total Physical Memory | 2.09 Gb Available Physical Memory | 66.79% Memory free
6.24 Gb Paging File | 5.09 Gb Available in Paging File | 81.57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 228.13 Gb Total Space | 65.51 Gb Free Space | 28.72% Space Free | Partition Type: NTFS
Computer Name: MAIN-PC | User Name: Main | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00BA866C-F2A2-4BB9-A308-3DFA695B6F7C}" = Java DB 10.5.3.0
"{00F93853-D9D3-4795-A89E-84CCBA0205C9}" = Microsoft IntelliPoint 8.0
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07DEC7A1-F8D2-4DBB-900B-A2F9302647BB}" = WlanUtility
"{0A2C5854-557E-48C8-835A-3B9F074BDCAA}" = Python 2.5
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{20071984-5EB1-4881-8EDB-082532ACEC6D}" = Heroes of Might and Magic V
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2656D0AB-9EA4-4C58-A117-635F3CED8B93}" = Microsoft UI Engine
"{26A24AE4-039D-4CA4-87B4-2F83216016F0}" = Java 6 Update 16
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java 6 Update 24
"{2BEB102E-F9CD-4881-984B-E288F66FD394}" = Quake Live Mozilla Plugin
"{2EE74385-D170-4EA5-8A59-02105BB99807}" = Ace of Spades
"{32A3A4F4-B792-11D6-A78A-00B0D0160180}" = Java SE Development Kit 6 Update 18
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3AB4E8CB-3321-4D43-8A59-885338A6EBF9}" = STATISTICA 8.0.725.0 CS
"{3C0619B4-4A2C-4244-8077-488E420DF907}" = FINAL FANTASY XI: Chains of Promathia
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C6B103A-1CDD-B3F2-5E8C-A2E5AAA6B555}" = GOG.com Downloader
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{44D02D8B-FFB3-4245-8D26-68D10B4C4023}" = ZSMC USB PC Camera (ZS0211)
"{47004155-7376-403E-89E9-4C9F44AAF0D0}" = PlayOnline Viewer & Tetra Master
"{491DFBAA-77EF-4B06-8676-2FC66EEE049A}" = LogMeIn Hamachi
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{56B4002F-671C-49F4-984C-C760FE3806B5}" = Microsoft SQL Server VSS Writer
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5B037ED7-0755-48D4-9554-808E5AF50F17}" = FINAL FANTASY XI: Wings of the Goddess
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{678F6475-D227-432A-94FF-806178A34520}" = FINAL FANTASY XI
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6B24CD79-E011-4A47-98D7-BAA23BAF6957}" = GunBound Thor's Hammer
"{6FC76C41-8C1D-4B43-85E7-0BAA2002F1BE}" = FINAL FANTASY XI: Rise of the Zilart
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C363CB9-9F31-4349-8491-762C42D3FDFB}" = CambridgeSoft Desktop Inventory 12.0
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A1E1083D-249D-483C-AD92-CDCFA230A4C7}" = STATISTICA CambridgeSoft Integration
"{A5DD7359-5EB4-4D35-BBAF-E6A88269790B}" = League of Legends
"{A606C6FF-12E7-40BE-B777-D8F360FF00CD}" = FINAL FANTASY XI: Treasures of Aht Urhgan
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.4
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 266.58
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.1.13.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B59BF1B9-0269-4C5F-B172-48DFF4923B77}" = MySpeed v3.6.7
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client
"{C325F588-D6B1-4A7F-B6A2-914C75DDA348}" = Morrowind
"{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CD377501-9BBE-493A-BCC1-4C8BCB4C44E0}_is1" = SliderDock
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D06EF6C2-62D8-4308-897E-B20FE81712B4}" = CambridgeSoft ChemBioOffice Ultra 2010
"{D10227CA-792C-4517-872A-8AF5DB472D48}" = PCSpim
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DB3C800B-081B-4146-B4E3-EFB5B77AA913}" = TES Construction Set
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E145D9BE-D521-4527-A85D-2B2D47725506}" = CambridgeSoft ChemScript 12.0
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E6B87DC4-2B3D-4483-ADFF-E483BF718991}" = OpenOffice.org 3.1
"{E773E0B9-6ABE-4F9E-816C-56B2DD8613B9}" = CambridgeSoft Activation Client
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ECE4289B-68C8-4D30-9C65-84CC2052CCFF}" = CambridgeSoft BioAssay 12.0
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F596E368-2A1D-4896-AB37-C81BFA4DD011}" = CambridgeSoft ENotebook 12.0.1
"{FCD9CD52-7222-4672-94A0-A722BA702FD0}" = Dell Resource CD
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"AC3Filter" = AC3Filter (remove only)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Akamai" = Akamai NetSession Interface
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"Build Your Own Net Dream" = Build Your Own Net Dream (remove only)
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"com.gog.downloader.87F90EC6C28C7E479115BE2E026DB87A08BC420D.1" = GOG.com Downloader
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2009-09-09
"Crimson Editor SVN286" = Crimson Editor SVN286
"Dawntide" = Dawntide (remove only)
"DiscJuggler" = DiscJuggler
"GTK 2.0" = GTK+ Runtime 2.14.7 rev a (remove only)
"GunBound Sky Season 1" = GunBound Sky Season 1
"GunBound Thor's Hammer" = GunBound Thor's Hammer
"HydraIRC" = HydraIRC
"ImgBurn" = ImgBurn
"InstallShield_{3C0619B4-4A2C-4244-8077-488E420DF907}" = FINAL FANTASY XI: Chains of Promathia
"InstallShield_{47004155-7376-403E-89E9-4C9F44AAF0D0}" = PlayOnline Viewer & Tetra Master
"InstallShield_{5B037ED7-0755-48D4-9554-808E5AF50F17}" = FINAL FANTASY XI: Wings of the Goddess
"InstallShield_{678F6475-D227-432A-94FF-806178A34520}" = FINAL FANTASY XI
"InstallShield_{6FC76C41-8C1D-4B43-85E7-0BAA2002F1BE}" = FINAL FANTASY XI: Rise of the Zilart
"InstallShield_{A606C6FF-12E7-40BE-B777-D8F360FF00CD}" = FINAL FANTASY XI: Treasures of Aht Urhgan
"InstallShield_{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters
"Interwise Participant" = Interwise Participant
"LogMeIn Hamachi" = LogMeIn Hamachi
"Mabinogi" = Mabinogi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200
"MestReNova LITE" = MestReNova LITE 5.2.5-4731
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.6.17)" = Mozilla Firefox (3.6.17)
"Neverwinter Nights Diamond Edition_is1" = Neverwinter Nights Diamond Edition
"Neverwinter Nights Kingmaker" = BioWare Premium Module: Neverwinter Nights Kingmaker
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Pidgin" = Pidgin
"Polipo" = Polipo 1.0.4.1
"PunkBusterSvc" = PunkBuster Services
"S.T.A.L.K.E.R. - Shadow of Chernobyl_is1" = S.T.A.L.K.E.R. - Shadow of Chernobyl [v1.0005]
"SAMB_ADVMB_FILTER_DRV" = Sound Blaster ADVANCED MB Drivers
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"StarCraft II" = StarCraft II
"STATNOVAPDF_is1" = STATNOVAPDF (novaPDF Professional Server 5.4 printer)
"Steam App 1250" = Killing Floor
"Steam App 17520" = Synergy
"Steam App 20900" = The Witcher: Enhanced Edition
"Steam App 240" = Counter-Strike: Source
"Steam App 39000" = Moonbase Alpha
"Steam App 41500" = Torchlight
"Steam App 440" = Team Fortress 2
"Steam App 6910" = Deus Ex: Game of the Year Edition
"Steam App 6920" = Deus Ex: Invisible War
"Steam App 8980" = Borderlands
"StepMania" = StepMania 3.9a (remove only)
"Tor" = Tor 0.2.1.24
"Total Video2Dvd 3.12_is1" = Total Video2Dvd 3.12
"Ultima Online Second Age" = Ultima Online Second Age 5.0.8.3
"UO Auto-Map" = UO Auto-Map 8.3.0.0
"uTorrent" = µTorrent
"Vidalia" = Vidalia 0.2.7
"VLC media player" = VLC media player 1.0.5
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"ZoomTown Install Kit" = ZoomTown Install Kit 10.0.0.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"GameRanger" = GameRanger
"UnityWebPlayer" = Unity Web Player
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 5/18/2011 11:07:37 PM | Computer Name = Main-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Terraria.exe, version: 1.0.0.0, time stamp:
0x4dd2b71f Faulting module name: KERNELBASE.dll, version: 6.1.7600.16385, time stamp:
0x4a5bdaae Exception code: 0xe0434352 Fault offset: 0x00009617 Faulting process id:
0xb68 Faulting application start time: 0x01cc15d1e839546f Faulting application path:
C:\Users\Main\Desktop\rpgdemo\Terra\Terraria\Terraria.exe Faulting module path:
C:\Windows\system32\KERNELBASE.dll Report Id: 25fad6d6-81c5-11e0-93f1-001676c80551
Error - 5/18/2011 11:07:42 PM | Computer Name = Main-PC | Source = .NET Runtime | ID = 1026
Description =
Error - 5/18/2011 11:07:42 PM | Computer Name = Main-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Terraria.exe, version: 1.0.0.0, time stamp:
0x4dd2b71f Faulting module name: KERNELBASE.dll, version: 6.1.7600.16385, time stamp:
0x4a5bdaae Exception code: 0xe0434352 Fault offset: 0x00009617 Faulting process id:
0x6cc Faulting application start time: 0x01cc15d1eafd87dd Faulting application path:
C:\Users\Main\Desktop\rpgdemo\Terra\Terraria\Terraria.exe Faulting module path:
C:\Windows\system32\KERNELBASE.dll Report Id: 28c21790-81c5-11e0-93f1-001676c80551
Error - 5/21/2011 5:29:23 AM | Computer Name = Main-PC | Source = MsiInstaller | ID = 1013
Description =
Error - 6/1/2011 6:33:21 PM | Computer Name = Main-PC | Source = Avira AntiVir | ID = 4109
Description = The engine file has been modified or destroyed! Returned error code:
0x9
Error - 6/1/2011 6:33:21 PM | Computer Name = Main-PC | Source = Avira AntiVir | ID = 4117
Description = The keyfile contains no valid license. The service will be stopped!
Error - 6/1/2011 6:51:01 PM | Computer Name = Main-PC | Source = Avira AntiVir | ID = 4109
Description = The engine file has been modified or destroyed! Returned error code:
0x9
Error - 6/1/2011 6:51:01 PM | Computer Name = Main-PC | Source = Avira AntiVir | ID = 4117
Description = The keyfile contains no valid license. The service will be stopped!
Error - 6/1/2011 8:35:10 PM | Computer Name = Main-PC | Source = Avira AntiVir | ID = 4109
Description = The engine file has been modified or destroyed! Returned error code:
0x9
Error - 6/1/2011 8:35:10 PM | Computer Name = Main-PC | Source = Avira AntiVir | ID = 4117
Description = The keyfile contains no valid license. The service will be stopped!
[ Media Center Events ]
Error - 6/30/2010 12:29:01 PM | Computer Name = Main-PC | Source = MCUpdate | ID = 0
Description = 12:29:00 PM - Error connecting to the internet. 12:29:00 PM - Unable
to contact server..
Error - 6/30/2010 1:29:36 PM | Computer Name = Main-PC | Source = MCUpdate | ID = 0
Description = 1:29:36 PM - Error connecting to the internet. 1:29:36 PM - Unable
to contact server..
Error - 6/30/2010 1:29:42 PM | Computer Name = Main-PC | Source = MCUpdate | ID = 0
Description = 1:29:41 PM - Error connecting to the internet. 1:29:41 PM - Unable
to contact server..
Error - 6/30/2010 2:29:47 PM | Computer Name = Main-PC | Source = MCUpdate | ID = 0
Description = 2:29:47 PM - Error connecting to the internet. 2:29:47 PM - Unable
to contact server..
Error - 6/30/2010 2:29:53 PM | Computer Name = Main-PC | Source = MCUpdate | ID = 0
Description = 2:29:52 PM - Error connecting to the internet. 2:29:52 PM - Unable
to contact server..
Error - 6/30/2010 3:29:58 PM | Computer Name = Main-PC | Source = MCUpdate | ID = 0
Description = 3:29:58 PM - Error connecting to the internet. 3:29:58 PM - Unable
to contact server..
Error - 6/30/2010 3:30:04 PM | Computer Name = Main-PC | Source = MCUpdate | ID = 0
Description = 3:30:03 PM - Error connecting to the internet. 3:30:03 PM - Unable
to contact server..
Error - 7/2/2010 6:47:17 PM | Computer Name = Main-PC | Source = MCUpdate | ID = 0
Description = 6:47:17 PM - Error connecting to the internet. 6:47:17 PM - Unable
to contact server..
Error - 7/2/2010 6:47:24 PM | Computer Name = Main-PC | Source = MCUpdate | ID = 0
Description = 6:47:22 PM - Error connecting to the internet. 6:47:22 PM - Unable
to contact server..
Error - 8/5/2010 12:20:17 AM | Computer Name = Main-PC | Source = MCUpdate | ID = 0
Description = 12:20:07 AM - Error connecting to the internet. 12:20:07 AM - Unable
to contact server..
[ System Events ]
Error - 6/1/2011 7:19:34 PM | Computer Name = Main-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 6/1/2011 7:19:34 PM | Computer Name = Main-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 6/1/2011 7:19:34 PM | Computer Name = Main-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 6/1/2011 7:19:34 PM | Computer Name = Main-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 6/1/2011 7:19:34 PM | Computer Name = Main-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 6/1/2011 7:19:34 PM | Computer Name = Main-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 6/1/2011 8:35:14 PM | Computer Name = Main-PC | Source = Service Control Manager | ID = 7034
Description = The SQL Server VSS Writer service terminated unexpectedly. It has
done this 1 time(s).
Error - 6/1/2011 8:35:14 PM | Computer Name = Main-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Null
Error - 6/2/2011 8:38:46 PM | Computer Name = Main-PC | Source = Service Control Manager | ID = 7034
Description = The SQL Server VSS Writer service terminated unexpectedly. It has
done this 1 time(s).
Error - 6/2/2011 8:38:48 PM | Computer Name = Main-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Null
< End of report >
Edited by Arpanet, 02 June 2011 - 06:56 PM.