Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

"Win 7 Antivirus 2012 - Unregistred Version"

Started by roadran , Dec 20 2011 10:17 AM

  • Please log in to reply

#1
roadran
Posted 20 December 2011 - 10:17 AM

roadran

    Member

  • Member
  • PipPipPip
  • 142 posts
Anyone that can help me please do. I've tried many things, I had to do two system restores, and then I had a No Mbr error. Which I fixed also. I am tired and sick of this virus and many other things!

OTL:

OTL logfile created on: 12/20/2011 11:11:25 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Kenny Diep\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.74 Gb Total Physical Memory | 1.95 Gb Available Physical Memory | 52.16% Memory free
7.48 Gb Paging File | 5.35 Gb Available in Paging File | 71.53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 916.78 Gb Total Space | 713.20 Gb Free Space | 77.79% Space Free | Partition Type: NTFS
Drive D: | 14.63 Gb Total Space | 1.81 Gb Free Space | 12.35% Space Free | Partition Type: NTFS
Drive F: | 465.76 Gb Total Space | 304.36 Gb Free Space | 65.35% Space Free | Partition Type: NTFS
Drive I: | 103.79 Gb Total Space | 61.61 Gb Free Space | 59.36% Space Free | Partition Type: NTFS
Drive J: | 8.00 Gb Total Space | 4.82 Gb Free Space | 60.26% Space Free | Partition Type: NTFS

Computer Name: TOUCHSMART | User Name: Kenny Diep | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/20 11:11:01 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Kenny Diep\Downloads\OTL.exe
PRC - [2011/11/10 07:07:07 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/08/08 19:43:34 | 000,639,864 | ---- | M] (BitTorrent, Inc.) -- C:\Users\Kenny Diep\Downloads\utorrent.exe
PRC - [2011/04/02 13:05:20 | 000,111,376 | ---- | M] (WinAgents Software Group) -- C:\Program Files (x86)\Common Files\WinAgents\TftpService.exe
PRC - [2010/06/01 10:17:48 | 005,252,408 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe


========== Modules (No Company Name) ==========

MOD - [2011/12/10 19:02:27 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011/11/10 07:07:06 | 001,989,592 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/09/27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/11/20 07:19:56 | 000,232,448 | ---- | M] () -- \\.\globalroot\systemroot\syswow64\mswsock.dll
MOD - [2010/10/15 00:25:48 | 000,202,024 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\VideoSrc.dll
MOD - [2010/10/15 00:25:44 | 000,496,936 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\cximagecrt.dll
MOD - [2010/06/01 10:17:46 | 000,929,792 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\yui.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/08/11 18:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2011/07/07 07:49:42 | 000,376,352 | ---- | M] (Soluto) [Auto | Running] -- C:\Program Files\Soluto\SolutoService.exe -- (SolutoService)
SRV:64bit: - [2011/01/31 12:01:18 | 000,341,312 | ---- | M] (Nitro PDF Software) [On_Demand | Stopped] -- C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe -- (NitroDriverReadSpool)
SRV:64bit: - [2009/11/17 06:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Disabled | Stopped] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/05/03 11:08:00 | 004,756,216 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)
SRV - [2011/04/02 13:05:20 | 000,111,376 | ---- | M] (WinAgents Software Group) [Auto | Running] -- C:\Program Files (x86)\Common Files\WinAgents\TftpService.exe -- (WinAgentsTftpService4)
SRV - [2011/01/31 12:01:28 | 000,068,928 | ---- | M] (Nalpeiron Ltd.) [Disabled | Stopped] -- C:\Windows\SysWOW64\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2010/12/07 05:32:02 | 002,228,008 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2010/06/12 20:06:08 | 000,400,368 | ---- | M] (CinemaNow, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe -- (CinemaNow Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/11/18 12:40:26 | 000,012,288 | ---- | M] (Chris Pietschmann (http://pietschsoft.com)) [Auto | Running] -- C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe -- (Virtual Router)
SRV - [2009/10/24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2009/09/30 23:02:50 | 002,320,920 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2009/09/30 23:02:48 | 000,268,824 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2009/09/20 10:55:20 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Stopped] -- C:\Program Files (x86)\Hp\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/08/02 16:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/07/22 11:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 16:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/07/07 07:34:08 | 000,054,728 | ---- | M] (Soluto LTD.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Soluto.sys -- (Soluto)
DRV:64bit: - [2011/06/23 16:40:12 | 000,230,352 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/30 11:07:06 | 000,035,112 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/11 04:01:20 | 001,212,416 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVerAVF2.sys -- (AVerAVF2)
DRV:64bit: - [2010/10/16 04:28:42 | 010,619,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/03/03 22:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/02/26 19:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/12/18 22:33:34 | 000,852,256 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2009/11/13 17:53:36 | 000,030,248 | ---- | M] (Fintek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FintekCIR.sys -- (FintekCIR)
DRV:64bit: - [2009/09/21 20:26:10 | 000,054,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GenericMount.sys -- (GenericMount)
DRV:64bit: - [2009/09/17 15:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®
DRV:64bit: - [2009/09/17 12:56:34 | 000,014,328 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hidkmdf.sys -- (hidkmdf)
DRV:64bit: - [2009/09/17 12:56:32 | 000,025,080 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NW1950.sys -- (NW1950)
DRV:64bit: - [2009/08/19 22:05:06 | 000,239,616 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009/06/17 22:08:24 | 000,017,992 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\OSDACPI.SYS -- (ACPIService)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/03/18 22:18:20 | 000,032,808 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\libusb0.sys -- (libusb0)
DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2007/03/07 12:13:20 | 000,017,920 | ---- | M] (June Fabrics Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pnetmdm64.sys -- (pnetmdm)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2007/03/20 10:33:26 | 000,028,672 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\libusb0.sys -- (libusb0)
DRV - [2005/01/02 16:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
DRV - [1998/08/21 16:08:00 | 000,027,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\usbhub.sys -- (usbhub)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE - HKLM\..\URLSearchHook: {167d9323-f7cc-48f5-948a-6f012831a69f} - C:\Program Files (x86)\WhiteSmoke_Bar\prxtbWhit.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\..\URLSearchHook: {167d9323-f7cc-48f5-948a-6f012831a69f} - C:\Program Files (x86)\WhiteSmoke_Bar\prxtbWhit.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:8118

========== FireFox ==========

FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: [email protected]:1.7.1b1
FF - prefs.js..extensions.enabledItems: [email protected]:0.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.73.0
FF - prefs.js..extensions.enabledItems: {53A03D43-5363-4669-8190-99061B2DEBA5}:1.4.3
FF - prefs.js..extensions.enabledItems: {ab91efd4-6975-4081-8552-1b3922ed79e2}:1.0.5.1
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.2.0.7165
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: [email protected]:1.1.1
FF - prefs.js..extensions.enabledItems: [email protected]:0.2.3
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.0.2
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.2
FF - prefs.js..extensions.enabledItems: {81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}:7.2.0.8
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.1
FF - prefs.js..network.proxy.type: 4

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: c:\Program Files (x86)\Virtual Earth 3D\ File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@hulu.com/Hulu Desktop: C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll ()
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Kenny Diep\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Kenny Diep\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\Kenny Diep\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/12/10 12:17:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/12/10 12:25:39 | 000,000,000 | ---D | M]

[2011/03/02 08:09:23 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Kenny Diep\AppData\Roaming\Mozilla\Extensions
[2011/02/17 20:45:58 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Kenny Diep\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/12/17 11:18:15 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Kenny Diep\AppData\Roaming\Mozilla\Profiles\0dowcsyu.Default User\extensions
[2011/12/09 20:31:13 | 000,002,572 | -H-- | M] () -- C:\Users\Kenny Diep\AppData\Roaming\Mozilla\Profiles\0dowcsyu.Default User\searchplugins\askcom.xml
[2011/11/10 07:07:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
() (No name found) -- C:\USERS\KENNY DIEP\APPDATA\ROAMING\MOZILLA\PROFILES\0DOWCSYU.DEFAULT USER\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\KENNY DIEP\APPDATA\ROAMING\MOZILLA\PROFILES\0DOWCSYU.DEFAULT USER\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\KENNY DIEP\APPDATA\ROAMING\MOZILLA\PROFILES\0DOWCSYU.DEFAULT USER\EXTENSIONS\[email protected]
[2011/11/10 07:07:07 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/05/04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/04/17 20:33:58 | 000,002,191 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2011/10/01 21:21:42 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/11/10 07:07:07 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

Hosts file not found
O2:64bit: - BHO: (DownloadHelper Class) - {FF2573AE-E1ED-40e1-83BA-F544CB2EE135} - C:\Program Files\Common Files\Download Helper\DownloadHelperx64.dll (IE Download Helper)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (WhiteSmoke Bar Toolbar) - {167d9323-f7cc-48f5-948a-6f012831a69f} - C:\Program Files (x86)\WhiteSmoke_Bar\prxtbWhit.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O2 - BHO: (DownloadHelper Class) - {FF2573AE-E1ED-40e1-83BA-F544CB2EE135} - C:\Program Files (x86)\Common Files\Download Helper\DownloadHelper.dll (IE Download Helper)
O3 - HKLM\..\Toolbar: (WhiteSmoke Bar Toolbar) - {167d9323-f7cc-48f5-948a-6f012831a69f} - C:\Program Files (x86)\WhiteSmoke_Bar\prxtbWhit.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (WhiteSmoke Bar Toolbar) - {167D9323-F7CC-48F5-948A-6F012831A69F} - C:\Program Files (x86)\WhiteSmoke_Bar\prxtbWhit.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [68C99590-AF86-B6DD-DB7A-D874F37B2C09] C:\Windows\SysWow64\68C99590-AF86-B6DD-DB7A-D874F37B2C09.avi (Creative Technology Ltd)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Kenny Diep\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [RavenBleuSA] C:\Users\Kenny Diep\AppData\Local\RavenBleuSA\bin\1.0.11.0\RavenBleuSA.exe ()
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [uTorrent] C:\Users\Kenny Diep\Downloads\utorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Users\Kenny Diep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\UniKeyNT - Shortcut.lnk = C:\Users\Kenny Diep\Downloads\UniKeyNT.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - %SystemRoot%\System32\winrnr.dll File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...owserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} http://www.superadbl...ivex/sabspx.cab (SABScanProcesses Class)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{59FC41D8-6D53-4D0A-887C-269CB3670B38}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B1D6A9FB-CC67-427A-A78D-94AD16F91B75}: NameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (c:\program files\soluto\soluto.exe /userinit) - c:\program files\soluto\soluto.exe (Soluto)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\SysWOW64\MPK\mpk.exe) - File not found
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/04/12 04:38:58 | 000,000,122 | ---- | M] () - J:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/12/20 14:03:44 | 000,000,000 | ---D | C] -- C:\Temp
[2011/12/19 08:08:36 | 000,000,000 | -H-D | C] -- C:\Users\Kenny Diep\Desktop\GooredFix Backups
[2011/12/18 21:57:23 | 000,000,000 | -H-D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011/12/18 21:57:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2011/12/16 09:23:16 | 000,079,872 | ---- | C] (TWX Corp.) -- C:\ProgramData\xItKT4t4.exe
[2011/12/16 09:06:11 | 000,036,352 | ---- | C] (TWX Corp.) -- C:\Windows\SysWow64\JgAbkOoX.com
[2011/12/14 08:36:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Defender
[2011/12/14 08:36:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Security Defender
[2011/12/11 20:18:32 | 000,330,752 | ---- | C] (Microsoft Corporation) -- C:\Users\Kenny Diep\AppData\Local\xwy.exe
[2011/12/11 20:18:32 | 000,330,752 | ---- | C] (Microsoft Corporation) -- C:\Users\Kenny Diep\AppData\Local\nvl.exe
[2011/12/10 19:02:25 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2011/12/10 16:32:50 | 000,000,000 | -H-D | C] -- C:\Users\Kenny Diep\Documents\Remote Assistance Logs
[2011/12/10 16:24:05 | 000,000,000 | ---D | C] -- C:\Users\Kenny Diep\Desktop\Concurrent_RDP_Win7_RTM_patcher
[2011/12/10 16:04:03 | 000,000,000 | ---D | C] -- C:\Users\Kenny Diep\AppData\Roaming\SUPERAntiSpyware.com
[2011/12/10 16:03:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011/12/10 16:03:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
[2011/12/10 15:53:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/12/10 12:38:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011/12/07 14:48:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WhiteSmoke_Bar
[2011/12/07 14:48:34 | 000,000,000 | ---D | C] -- C:\Users\Kenny Diep\AppData\Local\RavenBleuSA
[2011/12/04 09:00:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Media Center Programs
[2011/12/04 08:51:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UBISOFT
[2011/12/02 17:12:10 | 000,000,000 | ---D | C] -- C:\Windows\system64
[2011/11/29 06:56:32 | 000,000,000 | -H-D | C] -- C:\Users\Kenny Diep\Documents\Wizard101
[2011/03/01 08:09:34 | 012,067,528 | ---- | C] (LastPass) -- C:\Program Files (x86)\Common Files\lpuninstall.exe
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/12/20 11:12:15 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/20 11:12:15 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/20 11:09:28 | 000,794,170 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/12/20 11:09:28 | 000,669,872 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/12/20 11:09:28 | 000,125,954 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/12/20 11:06:55 | 000,002,024 | ---- | M] () -- C:\Windows\SysNative\.rsp
[2011/12/20 11:06:55 | 000,001,479 | ---- | M] () -- C:\Windows\SysNative\.lck
[2011/12/20 11:04:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/12/20 11:04:42 | 3012,907,008 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/18 21:21:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/18 21:00:25 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At22.job
[2011/12/18 20:00:25 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At21.job
[2011/12/18 19:15:03 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2503263900-158799546-2591639019-1000UA.job
[2011/12/18 19:00:25 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At20.job
[2011/12/18 18:00:25 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At19.job
[2011/12/18 17:00:25 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At18.job
[2011/12/18 16:00:25 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At17.job
[2011/12/18 15:04:40 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At16.job
[2011/12/18 14:00:17 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At15.job
[2011/12/18 13:00:25 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At14.job
[2011/12/18 12:00:25 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At13.job
[2011/12/18 11:00:25 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At12.job
[2011/12/18 10:00:25 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At11.job
[2011/12/18 09:00:25 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At10.job
[2011/12/18 08:05:20 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At9.job
[2011/12/18 07:00:25 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At8.job
[2011/12/18 06:00:25 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At7.job
[2011/12/18 05:00:25 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At6.job
[2011/12/18 04:00:25 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At5.job
[2011/12/18 03:00:25 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At4.job
[2011/12/18 02:00:25 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At3.job
[2011/12/18 01:00:28 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At2.job
[2011/12/18 00:58:25 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1.job
[2011/12/17 23:00:25 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At24.job
[2011/12/17 22:15:00 | 000,000,926 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2503263900-158799546-2591639019-1000Core.job
[2011/12/17 22:00:25 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At23.job
[2011/12/16 09:47:52 | 000,000,112 | ---- | M] () -- C:\ProgramData\A122CI0.dat
[2011/12/16 09:23:16 | 000,079,872 | ---- | M] (TWX Corp.) -- C:\ProgramData\xItKT4t4.exe
[2011/12/16 09:23:16 | 000,000,000 | ---- | M] () -- C:\ProgramData\xItKT4t4.exe.b
[2011/12/16 09:06:11 | 000,000,001 | ---- | M] () -- C:\Windows\SysWow64\JgAbkOoX.com.b
[2011/12/16 09:06:01 | 000,036,352 | ---- | M] (TWX Corp.) -- C:\Windows\SysWow64\JgAbkOoX.com
[2011/12/16 07:08:25 | 000,001,350 | ---- | M] () -- C:\Users\Kenny Diep\Desktop\Norton Installation Files.lnk
[2011/12/14 08:36:11 | 000,001,885 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\68C99590-AF86-B6DD-DB7A-D874F37B2C09.lnk
[2011/12/14 03:21:34 | 000,370,472 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/12/11 20:42:32 | 001,008,120 | ---- | M] () -- C:\Users\Kenny Diep\Desktop\eXplorer.exe
[2011/12/11 20:39:27 | 000,009,026 | -HS- | M] () -- C:\Users\Kenny Diep\AppData\Local\51q1x325g7yxn5t42h4wy
[2011/12/11 20:39:27 | 000,009,026 | -HS- | M] () -- C:\ProgramData\51q1x325g7yxn5t42h4wy
[2011/12/10 16:03:49 | 000,001,846 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/12/10 15:53:58 | 000,001,107 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/10 12:38:24 | 000,000,860 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/12/02 17:29:22 | 000,116,224 | ---- | M] () -- C:\Windows\SysWow64\JgAbkOoX.com_
[2011/11/27 06:38:06 | 000,000,435 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/12/16 09:23:25 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At24.job
[2011/12/16 09:23:25 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At23.job
[2011/12/16 09:23:25 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At22.job
[2011/12/16 09:23:24 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At21.job
[2011/12/16 09:23:24 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At20.job
[2011/12/16 09:23:23 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At19.job
[2011/12/16 09:23:23 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At18.job
[2011/12/16 09:23:22 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At17.job
[2011/12/16 09:23:22 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At16.job
[2011/12/16 09:23:21 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At15.job
[2011/12/16 09:23:21 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At14.job
[2011/12/16 09:23:20 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At13.job
[2011/12/16 09:23:20 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At12.job
[2011/12/16 09:23:20 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At11.job
[2011/12/16 09:23:19 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At9.job
[2011/12/16 09:23:19 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At8.job
[2011/12/16 09:23:19 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At10.job
[2011/12/16 09:23:18 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At7.job
[2011/12/16 09:23:18 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At6.job
[2011/12/16 09:23:17 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At5.job
[2011/12/16 09:23:17 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At4.job
[2011/12/16 09:23:17 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At3.job
[2011/12/16 09:23:16 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At2.job
[2011/12/16 09:23:16 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At1.job
[2011/12/16 09:23:16 | 000,000,000 | ---- | C] () -- C:\ProgramData\xItKT4t4.exe.b
[2011/12/14 08:36:11 | 000,001,885 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\68C99590-AF86-B6DD-DB7A-D874F37B2C09.lnk
[2011/12/11 20:42:29 | 001,008,120 | ---- | C] () -- C:\Users\Kenny Diep\Desktop\eXplorer.exe
[2011/12/11 20:18:37 | 000,009,026 | -HS- | C] () -- C:\Users\Kenny Diep\AppData\Local\51q1x325g7yxn5t42h4wy
[2011/12/11 20:18:37 | 000,009,026 | -HS- | C] () -- C:\ProgramData\51q1x325g7yxn5t42h4wy
[2011/12/11 06:24:42 | 000,001,350 | ---- | C] () -- C:\Users\Kenny Diep\Desktop\Norton Installation Files.lnk
[2011/12/11 03:18:24 | 000,370,472 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/12/10 16:03:49 | 000,001,846 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/12/10 15:53:58 | 000,001,107 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/10 12:38:24 | 000,000,860 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/12/04 09:00:56 | 000,116,224 | ---- | C] () -- C:\Windows\SysWow64\JgAbkOoX.com_
[2011/12/02 17:29:46 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\JgAbkOoX.com.b
[2011/12/02 17:23:56 | 000,000,112 | ---- | C] () -- C:\ProgramData\A122CI0.dat
[2011/08/13 08:29:18 | 003,360,624 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011/07/15 16:07:12 | 000,000,600 | -H-- | C] () -- C:\Users\Kenny Diep\AppData\Local\PUTTY.RND
[2011/07/14 10:50:42 | 000,000,052 | ---- | C] () -- C:\Windows\devqdat7417.dat
[2011/07/12 15:41:33 | 000,000,054 | ---- | C] () -- C:\Windows\Player.INI
[2011/07/07 10:19:20 | 000,024,576 | ---- | C] () -- C:\Windows\RunSetup.dll
[2011/05/23 07:10:54 | 000,000,600 | -H-- | C] () -- C:\Users\Kenny Diep\AppData\Roaming\winscp.rnd
[2011/05/16 18:48:35 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2011/05/16 18:48:35 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2011/05/09 07:06:20 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2011/05/09 06:49:59 | 000,005,355 | ---- | C] () -- C:\Windows\hpomdl18.dat.temp
[2011/05/08 21:03:24 | 000,202,475 | ---- | C] () -- C:\Windows\hpoins18.dat
[2011/05/08 21:03:24 | 000,005,355 | ---- | C] () -- C:\Windows\hpomdl18.dat
[2011/04/30 13:11:45 | 000,000,098 | -H-- | C] () -- C:\Users\Kenny Diep\AppData\Local\fusioncache.dat
[2011/04/18 04:04:33 | 003,270,656 | ---- | C] () -- C:\Windows\SysWow64\clog.dat
[2011/04/15 17:20:15 | 000,000,032 | ---- | C] () -- C:\Windows\SysWow64\EUOD.DAT
[2011/04/05 17:10:46 | 000,004,096 | -H-- | C] () -- C:\Users\Kenny Diep\AppData\Local\keyfile3.drm
[2011/03/05 07:32:10 | 000,000,008 | ---- | C] () -- C:\Windows\wincris.ini
[2011/03/02 16:27:15 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/02/17 19:00:18 | 000,071,680 | -H-- | C] () -- C:\Users\Kenny Diep\AppData\Roaming\chrtmp
[2011/02/17 19:00:13 | 000,096,256 | ---- | C] () -- C:\Users\Kenny Diep\AppData\Roaming\chitect45_SoundForge9_CRACK.exe
[2011/02/12 16:56:11 | 000,020,992 | ---- | C] () -- C:\Windows\jestertb.dll
[2011/01/08 08:41:42 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010/12/25 21:30:25 | 000,001,333 | ---- | C] () -- C:\Windows\ntbackup.ini
[2010/11/26 16:57:26 | 000,000,012 | ---- | C] () -- C:\ProgramData\GEN3BrightnessLevel.INI
[2010/10/16 04:27:08 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2010/10/16 04:27:08 | 000,104,796 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2010/08/16 19:57:10 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2010/08/16 19:57:10 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010/08/16 19:57:10 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010/08/16 19:10:01 | 000,013,931 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2010/08/16 19:05:28 | 000,787,894 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/09/16 18:27:58 | 000,508,224 | ---- | C] () -- C:\Windows\SysWow64\ICCProfiles.dll
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/02/26 01:50:32 | 000,000,176 | ---- | C] () -- C:\Windows\explorer.exe.config

========== LOP Check ==========

[2011/11/20 19:06:36 | 000,000,000 | -H-D | M] -- C:\Users\Kenny Diep\AppData\Roaming\.minecraft
[2011/02/15 07:19:39 | 000,000,000 | -H-D | M] -- C:\Users\Kenny Diep\AppData\Roaming\AnvSoft
[2011/07/12 15:54:29 | 000,000,000 | -H-D | M] -- C:\Users\Kenny Diep\AppData\Roaming\ASUS
[2011/07/09 19:21:55 | 000,000,000 | -H-D | M] -- C:\Users\Kenny Diep\AppData\Roaming\ASUS WebStorage
[2011/12/20 13:45:13 | 000,000,000 | ---D | M] -- C:\Users\Kenny Diep\AppData\Roaming\Audacity
[2011/06/26 14:45:34 | 000,000,000 | -H-D | M] -- C:\Users\Kenny Diep\AppData\Roaming\Bitcoin
[2011/02/15 07:13:17 | 000,000,000 | -H-D | M] -- C:\Users\Kenny Diep\AppData\Roaming\Broad Intelligence
[2011/12/20 13:22:44 | 000,000,000 | ---D | M] -- C:\Users\Kenny Diep\AppData\Roaming\eCareme
[2011/12/20 13:45:13 | 000,000,000 | ---D | M] -- C:\Users\Kenny Diep\AppData\Roaming\Elluminate
[2011/12/20 13:45:13 | 000,000,000 | ---D | M] -- C:\Users\Kenny Diep\AppData\Roaming\FreeFLVConverter
[2011/12/20 13:45:13 | 000,000,000 | ---D | M] -- C:\Users\Kenny Diep\AppData\Roaming\FreeVideoConverter
[2011/12/20 13:45:13 | 000,000,000 | ---D | M] -- C:\Users\Kenny Diep\AppData\Roaming\GetRightToGo
[2011/12/20 13:45:13 | 000,000,000 | ---D | M] -- C:\Users\Kenny Diep\AppData\Roaming\GmailHackerPro_Installer
[2011/07/07 20:02:17 | 000,000,000 | -H-D | M] -- C:\Users\Kenny Diep\AppData\Roaming\go
[2011/12/20 13:45:13 | 000,000,000 | ---D | M] -- C:\Users\Kenny Diep\AppData\Roaming\ijjigame
[2011/02/11 18:10:13 | 000,000,000 | -H-D | M] -- C:\Users\Kenny Diep\AppData\Roaming\Leawo
[2011/01/02 22:25:06 | 000,000,000 | -H-D | M] -- C:\Users\Kenny Diep\AppData\Roaming\Local
[2011/12/20 13:24:23 | 000,000,000 | ---D | M] -- C:\Users\Kenny Diep\AppData\Roaming\MakeMusic
[2011/05/07 18:10:31 | 000,000,000 | -H-D | M] -- C:\Users\Kenny Diep\AppData\Roaming\ManyCam
[2011/06/05 09:39:35 | 000,000,000 | -H-D | M] -- C:\Users\Kenny Diep\AppData\Roaming\MotionDSP
[2011/01/08 08:41:50 | 000,000,000 | -H-D | M] -- C:\Users\Kenny Diep\AppData\Roaming\Moyea
[2011/03/25 19:01:18 | 000,000,000 | -H-D | M] -- C:\Users\Kenny Diep\AppData\Roaming\NAVIGON Fresh
[2011/02/19 19:24:56 | 000,000,000 | -H-D | M] -- C:\Users\Kenny Diep\AppData\Roaming\Need for Speed World
[2010/11/26 16:56:57 | 000,000,000 | -H-D | M] -- C:\Users\Kenny Diep\AppData\Roaming\NewspaperDirect
[2011/06/26 11:35:22 | 000,000,000 | -H-D | M] -- C:\Users\Kenny Diep\AppData\Roaming\Nitro PDF
[2011/04/15 21:40:40 | 000,000,000 | -H-D | M] -- C:\Users\Kenny Diep\AppData\Roaming\Nucleus Kernel BKF
[2011/12/20 13:45:14 | 000,000,000 | ---D | M] -- C:\Users\Kenny Diep\AppData\Roaming\OpenCandy
[2011/12/20 13:24:37 | 000,000,000 | ---D | M] -- C:\Users\Kenny Diep\AppData\Roaming\Passware
[2011/01/01 13:58:19 | 000,000,000 | -H-D | M] -- C:\Users\Kenny Diep\AppData\Roaming\Publish Providers
[2011/12/20 13:45:14 | 000,000,000 | ---D | M] -- C:\Users\Kenny Diep\AppData\Roaming\QFX Software
[2011/02/18 07:54:36 | 000,000,000 | -H-D | M] -- C:\Users\Kenny Diep\AppData\Roaming\Softland
[2011/02/18 07:21:54 | 000,000,000 | -H-D | M] -- C:\Users\Kenny Diep\AppData\Roaming\Softplicity
[2011/12/20 13:45:14 | 000,000,000 | ---D | M] -- C:\Users\Kenny Diep\AppData\Roaming\Soluto
[2011/12/20 13:24:39 | 000,000,000 | ---D | M] -- C:\Users\Kenny Diep\AppData\Roaming\Sony
[2011/12/20 13:45:14 | 000,000,000 | ---D | M] -- C:\Users\Kenny Diep\AppData\Roaming\SystemRequirementsLab
[2011/12/20 13:45:14 | 000,000,000 | ---D | M] -- C:\Users\Kenny Diep\AppData\Roaming\TaskbarHelper
[2011/12/20 13:45:14 | 000,000,000 | ---D | M] -- C:\Users\Kenny Diep\AppData\Roaming\TeamViewer
[2011/12/20 13:24:41 | 000,000,000 | ---D | M] -- C:\Users\Kenny Diep\AppData\Roaming\Thinstall
[2011/12/20 13:45:14 | 000,000,000 | ---D | M] -- C:\Users\Kenny Diep\AppData\Roaming\Thunderbird
[2011/01/27 08:07:29 | 000,000,000 | -H-D | M] -- C:\Users\Kenny Diep\AppData\Roaming\Tinnes Software
[2011/06/23 16:41:29 | 000,000,000 | -H-D | M] -- C:\Users\Kenny Diep\AppData\Roaming\TrueCrypt
[2011/02/10 18:43:31 | 000,000,000 | -H-D | M] -- C:\Users\Kenny Diep\AppData\Roaming\TrueSwitch
[2011/02/27 21:28:36 | 000,000,000 | -H-D | M] -- C:\Users\Kenny Diep\AppData\Roaming\Unity
[2011/12/20 11:14:36 | 000,000,000 | ---D | M] -- C:\Users\Kenny Diep\AppData\Roaming\uTorrent
[2011/10/30 20:13:29 | 000,000,000 | -H-D | M] -- C:\Users\Kenny Diep\AppData\Roaming\wargaming.net
[2011/12/20 13:45:14 | 000,000,000 | ---D | M] -- C:\Users\Kenny Diep\AppData\Roaming\WindSolutions
[2011/12/20 13:45:14 | 000,000,000 | ---D | M] -- C:\Users\Kenny Diep\AppData\Roaming\Xilisoft
[2011/12/18 00:58:25 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At1.job
[2011/12/18 09:00:25 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At10.job
[2011/12/18 10:00:25 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At11.job
[2011/12/18 11:00:25 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At12.job
[2011/12/18 12:00:25 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At13.job
[2011/12/18 13:00:25 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At14.job
[2011/12/18 14:00:17 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At15.job
[2011/12/18 15:04:40 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At16.job
[2011/12/18 16:00:25 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At17.job
[2011/12/18 17:00:25 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At18.job
[2011/12/18 18:00:25 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At19.job
[2011/12/18 01:00:28 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At2.job
[2011/12/18 19:00:25 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At20.job
[2011/12/18 20:00:25 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At21.job
[2011/12/18 21:00:25 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At22.job
[2011/12/17 22:00:25 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At23.job
[2011/12/17 23:00:25 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At24.job
[2011/12/18 02:00:25 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At3.job
[2011/12/18 03:00:25 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At4.job
[2011/12/18 04:00:25 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At5.job
[2011/12/18 05:00:25 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At6.job
[2011/12/18 06:00:25 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At7.job
[2011/12/18 07:00:25 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At8.job
[2011/12/18 08:05:20 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At9.job
[2011/12/17 22:15:00 | 000,000,926 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2503263900-158799546-2591639019-1000Core.job
[2011/12/18 19:15:03 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2503263900-158799546-2591639019-1000UA.job
[2011/06/16 05:37:52 | 000,032,568 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2011/10/24 07:52:22 | 000,000,162 | -H-- | M] ()(C:\Users\Kenny Diep\Desktop\~$h Ph?m Thành Châu kính.docx) -- C:\Users\Kenny Diep\Desktop\~$h Phạm Thành Châu kính.docx
[2011/10/24 07:52:22 | 000,000,162 | -H-- | C] ()(C:\Users\Kenny Diep\Desktop\~$h Ph?m Thành Châu kính.docx) -- C:\Users\Kenny Diep\Desktop\~$h Phạm Thành Châu kính.docx
[2011/05/31 18:53:23 | 000,016,549 | -H-- | M] ()(C:\Users\Kenny Diep\Desktop\Trong gi? sinh h?c.docx) -- C:\Users\Kenny Diep\Desktop\Trong giờ sinh học.docx
[2011/05/31 18:53:22 | 000,016,549 | -H-- | C] ()(C:\Users\Kenny Diep\Desktop\Trong gi? sinh h?c.docx) -- C:\Users\Kenny Diep\Desktop\Trong giờ sinh học.docx
[2011/05/01 20:07:03 | 000,012,787 | -H-- | M] ()(C:\Users\Kenny Diep\Desktop\Anh Ph?m Thành Châu kính.docx) -- C:\Users\Kenny Diep\Desktop\Anh Phạm Thành Châu kính.docx
[2011/05/01 20:07:03 | 000,012,787 | -H-- | C] ()(C:\Users\Kenny Diep\Desktop\Anh Ph?m Thành Châu kính.docx) -- C:\Users\Kenny Diep\Desktop\Anh Phạm Thành Châu kính.docx
[2011/04/19 19:55:44 | 000,036,821 | -H-- | M] ()(C:\Users\Kenny Diep\Documents\truy?n PTC.docx) -- C:\Users\Kenny Diep\Documents\truyện PTC.docx
[2011/04/19 19:55:44 | 000,036,821 | -H-- | C] ()(C:\Users\Kenny Diep\Documents\truy?n PTC.docx) -- C:\Users\Kenny Diep\Documents\truyện PTC.docx

========== Alternate Data Streams ==========

@Alternate Data Stream - 192 bytes -> C:\Windows:nlsPreferences
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:890CC2F3
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:03271074
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:5C321E34

< End of report >



Extras:

OTL Extras logfile created on: 12/20/2011 11:11:25 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Kenny Diep\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.74 Gb Total Physical Memory | 1.95 Gb Available Physical Memory | 52.16% Memory free
7.48 Gb Paging File | 5.35 Gb Available in Paging File | 71.53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 916.78 Gb Total Space | 713.20 Gb Free Space | 77.79% Space Free | Partition Type: NTFS
Drive D: | 14.63 Gb Total Space | 1.81 Gb Free Space | 12.35% Space Free | Partition Type: NTFS
Drive F: | 465.76 Gb Total Space | 304.36 Gb Free Space | 65.35% Space Free | Partition Type: NTFS
Drive I: | 103.79 Gb Total Space | 61.61 Gb Free Space | 59.36% Space Free | Partition Type: NTFS
Drive J: | 8.00 Gb Total Space | 4.82 Gb Free Space | 60.26% Space Free | Partition Type: NTFS

Computer Name: TOUCHSMART | User Name: Kenny Diep | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{17016DA1-F040-4032-BD36-34DD317BC9D5}" = HP Photosmart All-In-One Driver Software 13.0 Rel. A
"{2078180F-0C60-11E0-8A9C-0013D3D69929}" = MSVCRT Redists
"{26A24AE4-039D-4CA4-87B4-2F86416029FF}" = Java™ 6 Update 29 (64-bit)
"{45212F71-750F-4B98-8931-2F35DBE6B662}" = Paint.NET v3.5.7
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0160210}" = Java™ SE Development Kit 6 Update 21 (64-bit)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9C98CA38-4C1A-4AC8-B55C-169497C8826B}" = Apple Mobile Device Support
"{9CD0F7D3-B67F-4BF8-8784-D73AD229FF1E}" = iTunes
"{A45DD125-3EBC-44BB-9D41-906EC7C6A8C0}" = Nitro PDF Professional
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AF4CD5A3-7D69-445E-B0C0-A6A575793B94}" = Soluto
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C01488BD-D8C5-458C-BA14-0ED4073A8987}" = IE Download Helper
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CCleaner" = CCleaner
"GMailFS" = GMail Drive Shell Extension
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"LibUSB-Win32_is1" = LibUSB-Win32-1.2.3.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Recuva" = Recuva

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1D7CE340-70C3-4848-BCCF-215950328A4C}" = Facebook Video Calling 1.0.0.8953
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java™ 6 Update 26
"{2A7EF808-14F3-4E93-BE3A-1675EE5332A4}" = AIO_CDA_ProductContext
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}" = Microsoft XNA Framework Redistributable 3.0
"{38F48AED-66D8-464C-993E-C7296C7A199B}" = Intel® IPP Run-Time Installer 5.2 for Windows* on IA-32
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3BE3AEEB-268C-49F9-8B1E-B4989E90E2F9}" = Wizard101 Test
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{41E496B5-47F4-11D6-9BBB-00E0987BB2CD}" = Vimicro USB PC Camera (ZC0301PL)
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6C122441-1861-4CD7-B1C5-A163A6984E12}" = CinemaNow Media Manager
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{83719FB4-D863-4511-8A5E-51D2122D2B58}" = WinAgents TFTP Server
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8DB05F7E-1F7A-4CC0-882F-375B97F04CD4}" = Virtual Router v0.9 Beta
"{8DB462BD-8372-47F1-9356-210BE357B1A8}" = HP TouchSmart Default Magnets
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}" = Ralink RT2860 Wireless LAN Card
"{8FF90DB8-6DED-44A3-B182-244FEC09012F}" = Microsoft Touch Pack for Windows 7
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A7AEE29F-839E-46B5-B347-6D430618129F}" = AIO_CDA_Software
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}" = Wizard101
"{AAF4238F-7C29-451D-9925-C753271A5728}" = Microsoft Visual C++ Run Time Lib Setup
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.0)
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}" = AIO_Scan
"{DB1F1933-58B6-4ACD-A7E8-ABE8CC086A07}" = System Requirements Lab for Intel
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F78AC3C0-578C-49AB-BD4E-3107A6036A13}" = Tom Clancy's Ghost Recon Advanced Warfighter® 2
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"am-supercollapse3endless" = Super Collapse! 3 Endless
"Cisco Connect" = Cisco Connect
"Cross Fire_is1" = Cross Fire En
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"ManyCam" = ManyCam 2.6.1 (remove only)
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox 8.0 (x86 en-US)" = Mozilla Firefox 8.0 (x86 en-US)
"Plants vs. Zombies" = Plants vs. Zombies
"SmartMusic 2011a" = SmartMusic 2011a
"SpywareBlaster_is1" = SpywareBlaster 4.5
"TeamViewer 6" = TeamViewer 6
"Tribes 2" = Tribes 2
"TrueCrypt" = TrueCrypt
"Universal Extractor_is1" = Universal Extractor 1.6.1
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.5
"WhiteSmoke_Bar Toolbar" = WhiteSmoke Bar Toolbar
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"winscp3_is1" = WinSCP 4.3.3
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"2a4f70b48f669acd" = AA3Deploy
"Android Screencast" = Android Screencast
"Bitcoin" = Bitcoin
"CopyTrans Suite" = CopyTrans Suite Remove Only
"Game Organizer" = EasyBits GO
"GCalc 3" = GCalc 3
"HuluDesktop" = Hulu Desktop
"LastPass" = LastPass (uninstall only)
"RavenBleuSA" = RavenBleu
"UnityWebPlayer" = Unity Web Player
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

Edited by roadran, 21 December 2011 - 07:46 AM.

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP