Exploit.Drop.3 issue - is pc now okay?
01-08-2012
, 07:23 AM
OTL log
Computer Name: STEVEN-PC | User Name: Steven | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/01/08 22:15:23 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Steven\Desktop\OTL.exe
PRC - [2012/01/05 20:54:35 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012/01/05 20:22:11 | 000,419,624 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2011/09/29 09:31:55 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\SteamNew\steam.exe
PRC - [2011/09/22 12:29:48 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/02/22 13:14:40 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011/02/22 13:14:34 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011/01/28 16:15:33 | 000,066,048 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe
PRC - [2011/01/28 16:13:43 | 004,538,368 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
PRC - [2009/08/29 17:00:12 | 000,966,656 | ---- | M] () -- C:\Users\Steven\Local Settings\Apps\F.lux\flux.exe
PRC - [2007/11/15 05:00:00 | 000,077,824 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
========== Modules (No Company Name) ==========
MOD - [2012/01/05 20:48:44 | 000,411,120 | ---- | M] () -- C:\Users\Steven\AppData\Local\Google\Chrome\Applic ation\16.0.912.75\ppgooglenaclpluginchrome.dll
MOD - [2012/01/05 20:48:43 | 003,767,792 | ---- | M] () -- C:\Users\Steven\AppData\Local\Google\Chrome\Applic ation\16.0.912.75\pdf.dll
MOD - [2012/01/05 20:47:19 | 000,122,880 | ---- | M] () -- C:\Users\Steven\AppData\Local\Google\Chrome\Applic ation\16.0.912.75\avutil-51.dll
MOD - [2012/01/05 20:47:18 | 000,222,208 | ---- | M] () -- C:\Users\Steven\AppData\Local\Google\Chrome\Applic ation\16.0.912.75\avformat-53.dll
MOD - [2012/01/05 20:47:17 | 001,746,432 | ---- | M] () -- C:\Users\Steven\AppData\Local\Google\Chrome\Applic ation\16.0.912.75\avcodec-53.dll
MOD - [2012/01/05 20:22:11 | 014,410,024 | ---- | M] () -- C:\Program Files (x86)\SteamNew\bin\libcef.dll
MOD - [2012/01/05 20:22:09 | 000,194,344 | ---- | M] () -- C:\Program Files (x86)\SteamNew\bin\chromehtml.dll
MOD - [2012/01/05 20:22:07 | 000,091,432 | ---- | M] () -- C:\Program Files (x86)\SteamNew\bin\avutil-50.dll
MOD - [2012/01/05 20:22:05 | 000,155,432 | ---- | M] () -- C:\Program Files (x86)\SteamNew\bin\avformat-52.dll
MOD - [2012/01/05 20:22:03 | 000,914,216 | ---- | M] () -- C:\Program Files (x86)\SteamNew\bin\avcodec-52.dll
MOD - [2012/01/05 18:06:01 | 008,593,056 | ---- | M] () -- C:\Users\Steven\AppData\Local\Google\Chrome\Applic ation\16.0.912.75\gcswf32.dll
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/08/29 17:00:12 | 000,966,656 | ---- | M] () -- C:\Users\Steven\Local Settings\Apps\F.lux\flux.exe
MOD - [2007/11/15 05:00:00 | 000,077,824 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011/08/12 10:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2011/04/27 18:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2011/04/27 18:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2009/07/14 12:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/11/15 11:17:04 | 000,160,272 | ---- | M] (Logitech, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2012/01/05 20:54:35 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/01/05 20:22:11 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/09/22 12:29:48 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/02/22 13:14:40 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2011/02/22 13:14:34 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2011/01/28 16:15:33 | 000,066,048 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program Files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe -- (postgresql-8.4)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/11 08:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011/07/23 03:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/13 08:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/07/08 10:21:28 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/07/07 17:05:42 | 000,066,336 | ---- | M] (Lucidlogix Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VirtuWDDM.sys -- (VirtuWDDM)
DRV:64bit: - [2011/04/27 16:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2011/04/22 05:17:04 | 000,471,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/04/15 14:08:26 | 012,228,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/03/11 17:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 17:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/04 17:00:14 | 000,390,632 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011/03/04 17:00:14 | 000,126,952 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2010/11/21 14:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 14:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 14:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/09 16:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2010/10/20 16:51:06 | 001,577,984 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/10/19 17:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010/06/11 15:37:14 | 000,015,368 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AsrAppCharger.sys -- (AsrAppCharger)
DRV:64bit: - [2009/11/18 10:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:64bit: - [2009/07/14 12:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 12:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 12:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/11 07:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 07:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 07:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 07:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/05/06 17:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2007/09/21 04:13:08 | 000,056,336 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2007/09/21 04:13:02 | 000,054,288 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009/07/14 12:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ninemsn.com.au/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-au
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = AE B9 B0 FE A6 79 CC 01 [binary data]
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyOverride" = *.local
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Steven\AppData\Local\Google\Update\1.3.21 .79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Steven\AppData\Local\Google\Update\1.3.21 .79\npGoogleUpdate3.dll (Google Inc.)
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:accepte dSuggestion}{google
riginalQueryForSuggestion}{go ogle:searchFieldtrialParameter}{google:instantFiel dTrialGroupParameter}sourceid=chrome&ie={inputEnco ding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldt rialParameter}{google:instantFieldTrialGroupParame ter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Steven\AppData\Local\Google\Chrome\Applic ation\16.0.912.75\gcswf32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Steven\AppData\Local\Google\Chrome\Applic ation\16.0.912.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Steven\AppData\Local\Google\Chrome\Applic ation\16.0.912.75\pdf.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Steven\AppData\Local\Google\Update\1.2.18 3.39\npGoogleOneClick8.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Brushed = C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjgbcjfpbbfepcccpaffkjofc mglifg\1.0_0\
CHR - Extension: YouTube = C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo\4.2.3_0\
CHR - Extension: Google Search = C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljnie djpjpf\0.0.0.16_0\
CHR - Extension: Click to call with Skype = C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfg npldfl\5.6.0.8153_0\
CHR - Extension: Gmail = C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia\7_0\
O1 HOSTS File: ([2009/06/11 08:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [Bluetooth Connection Assistant] LBTWIZ.EXE -silent File not found
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKCU..\Run: [F.lux] C:\Users\Steven\Local Settings\Apps\F.lux\flux.exe ()
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\SteamNew\Steam.exe (Valve Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: PromptOnSecureDesktop = 0
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pu...sh/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{A5BA3154-F9A2-4471-A878-63CB7160C107}: DhcpNameServer = 203.0.178.191 203.215.29.191
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{EDF010B7-F04F-4B05-8D4A-7E857F8AF06A}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~1\LUCIDL~1\VIRTU\APPINI~1.DLL) - C:\Program Files\Lucidlogix Technologies\VIRTU\appinit_dll.dll (Lucidlogix Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\LUCIDL~1\VIRTU\x86\APPINI~1.DLL) -C:\Program Files\Lucidlogix Technologies\VIRTU\x86\appinit_dll.dll (Lucidlogix Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.e xe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
MsConfig:64bit - State: "services" - Reg Error: Key error.
SafeBootMin:64bit: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: MsMpSvc - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet:64bit: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: MsMpSvc - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSe tup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSe tup SIGNUP
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
========== Files/Folders - Created Within 30 Days ==========
[2012/01/08 22:15:20 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Steven\Desktop\OTL.exe
[2012/01/08 22:10:45 | 001,578,288 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Steven\Desktop\tdsskiller.exe
[2012/01/08 10:25:05 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{F23E33B4-0931-49FD-8D43-B19FDC119A1E}
[2012/01/08 10:24:55 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{7C267E2E-DA79-41AB-B5FF-4F6B35C86C0D}
[2012/01/07 20:54:16 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{7CD4EC60-1443-4A8A-A46F-1C9FDC38E6F4}
[2012/01/07 20:54:06 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{FDF8F6D1-1E1A-41D9-A82A-23EE924A34B5}
[2012/01/07 19:51:45 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{58DD1DD4-9B28-4CCA-851E-BEEA52CA401D}
[2012/01/07 14:00:14 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{31E032F7-FA4E-4039-A372-BC475F661ACF}
[2012/01/06 22:00:52 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{60BBDBAB-A94B-4401-B068-742A1B81B7B1}
[2012/01/06 22:00:43 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{CC2EE9E3-4A87-41E2-991A-EE15D0C0FCFB}
[2012/01/06 09:46:48 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{ED09061A-C65A-42F1-829C-01F9EB7DD0C6}
[2012/01/06 09:46:38 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{82078DB1-65A3-404B-BBC1-60BBD83864CA}
[2012/01/05 19:34:58 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{1B25A16F-72E8-4350-8BC3-BA329CABABF5}
[2012/01/05 19:34:47 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{30000E12-FA09-45F7-A4E9-04E6C6C2194B}
[2012/01/04 21:06:21 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{B021C7F2-2D62-47D4-9AEE-E706AB93C0D1}
[2012/01/04 21:06:10 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{9A0A76AD-57EB-48A2-83C2-0C62C9FECD3C}
[2012/01/04 20:23:37 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{CBBB913F-E253-4E00-8A62-DAE02CDC9880}
[2012/01/04 08:13:40 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{5F091480-FF5B-4C5B-996D-DDF1CC1F8354}
[2012/01/04 08:13:30 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{C4CF5D2F-ED79-43CB-8683-3A3EDA111F74}
[2012/01/03 13:23:07 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{5818C553-30DF-4395-A565-3161DC34DBB0}
[2012/01/03 13:22:45 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{4D9686BA-CFD6-47E9-A026-283FFBAB49B0}
[2012/01/02 20:35:01 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{DE679968-9140-4AC6-8B35-03C384533B1D}
[2012/01/02 20:34:51 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{47408A3C-378E-4BB8-BF63-3D368026CDE3}
[2012/01/02 15:01:48 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{FEBF1D62-25FC-4023-934A-0EA142EDF0C0}
[2012/01/01 21:33:30 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{6551E571-9337-4866-B2FB-CE05DD6BF8BF}
[2012/01/01 18:57:34 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{1C843F6B-F048-4F13-9160-3F541BBF19FC}
[2012/01/01 01:03:34 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{00D179E1-3949-4841-83DE-9C2405937BED}
[2012/01/01 01:03:24 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{DC14EBD6-DD54-4C2E-BC28-D9B67A3B7174}
[2011/12/31 13:03:09 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{1A6D012F-2A18-4A85-BC05-7F69063971E3}
[2011/12/31 13:02:59 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{D719D743-2204-4158-A750-6A4DF06321BB}
[2011/12/31 12:06:49 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{2B4B8541-6E5F-46E8-AE7B-E0809837E70B}
[2011/12/30 21:35:57 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{7D866306-95EC-4967-8527-5C15601C5360}
[2011/12/30 21:35:47 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{21A64A8A-5F72-40C0-BFFD-D3CFE3B7095C}
[2011/12/30 19:41:36 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{19574741-F369-4A70-91FF-0CA38309BD8D}
[2011/12/30 12:00:17 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{2A4C1F9B-FDA5-4F20-BBAA-934C07527BD9}
[2011/12/30 08:49:14 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{9CD28D9C-CC0A-4E49-91BB-7CF6D5CBCEE3}
[2011/12/29 12:46:50 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{B3192361-93B4-47BD-B28B-16892E94DA8A}
[2011/12/29 12:46:39 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{98248EC4-0810-4E4B-8198-9AC1F56E6D18}
[2011/12/28 22:59:20 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{9476983A-D075-4AEA-ACAB-F8DE8BBCEFEF}
[2011/12/28 22:59:10 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{7320947D-0FAA-46ED-B93C-81E8C07329DE}
[2011/12/28 10:28:42 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{99E46829-DF29-44D0-9376-5CB5A158CB84}
[2011/12/28 10:28:32 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{B59DB712-FAD7-4327-9C03-7ACEB4C8150A}
[2011/12/27 19:02:50 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{97E2A3C5-1CE4-4E3C-92B9-906A8EF78365}
[2011/12/27 19:02:39 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{8E75B063-1F1A-4907-9458-74BCF80C8110}
[2011/12/27 11:27:05 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{E3A27EFF-5E28-4B37-B067-719E534B816A}
[2011/12/26 17:05:45 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{49F81CAA-90E4-4648-848E-49FD0E2F4AB6}
[2011/12/26 17:05:35 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{5F1497A3-9F03-4204-9D3C-75D6A435DDEA}
[2011/12/25 08:41:37 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{52B2FB96-1AC3-40A7-9D88-27455684A2A8}
[2011/12/25 08:41:27 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{877E0857-C552-44CF-911C-9D2274121AFC}
[2011/12/24 11:02:58 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{24589CFD-59D0-4794-8B17-0172C9E32A1A}
[2011/12/24 11:02:48 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{FE066499-A557-4D0E-9326-1246DDBDA654}
[2011/12/23 17:05:15 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{9CDD207E-A313-481B-A6F3-4B00615CE739}
[2011/12/23 17:05:05 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{BBE31AF6-2F29-430B-B888-3BAB4A697662}
[2011/12/22 19:34:31 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{4A506178-225B-40A5-8A62-401E12D4A551}
[2011/12/22 19:34:21 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{A3B0910C-7DF2-424F-8448-316F3305E09B}
[2011/12/21 22:34:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2011/12/21 22:34:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vuze_Remote
[2011/12/21 19:23:46 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{94BB1324-8BD9-48DF-A874-969A19739913}
[2011/12/21 19:23:35 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{83950243-37EA-43E7-B41A-C90AFF5F8882}
[2011/12/20 19:26:26 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{43C82058-6000-45AB-9D17-593418869DCE}
[2011/12/20 19:26:15 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{E0B4AC08-31D1-4DB5-9FB0-BDA5C5869A1D}
[2011/12/19 18:50:40 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{7ACDA820-30E7-4551-A5C7-ED3F823A0A14}
[2011/12/19 18:50:30 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{8653DEC2-173D-46E4-A5B9-D962D76A8D66}
[2011/12/18 11:24:14 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{B8342445-2195-4300-8535-8CAA8019D906}
[2011/12/18 11:24:04 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{5094FBF3-DF70-44F3-8EDC-54BF9D6A2B9A}
[2011/12/18 10:45:54 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{6165D492-A0E5-49F7-9C93-C8FC9F62BE47}
[2011/12/18 10:45:44 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{62E0A1E6-69CA-43DC-A042-28443BA85126}
[2011/12/17 22:17:13 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{93B64A70-8191-4E9D-AF7A-7DF5DA9081AB}
[2011/12/17 22:17:02 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{0FBBCB6D-7F39-4EF6-B3CA-73C7336DC45A}
[2011/12/17 21:35:55 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{70C71BD2-023F-47BC-9BAE-91A070047E16}
[2011/12/17 21:35:44 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{E361ED2A-FD05-4BBE-9576-5193C0278866}
[2011/12/17 13:27:18 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{C7EF34DF-F20C-41A4-8389-8CEE51FFB0E2}
[2011/12/17 12:47:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/12/17 12:47:15 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/12/17 12:47:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011/12/17 12:47:15 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/12/17 12:13:10 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2011/12/17 12:12:52 | 000,361,472 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMLMA9.DLL
[2011/12/17 10:11:11 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{66BCCDAB-8A9C-411F-8252-B9AC8DC032EB}
[2011/12/17 10:11:01 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{F68A3D26-6DC5-4005-9270-0F3F219D35F5}
[2011/12/16 19:32:10 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{452A00BA-D4DC-40A6-B0AF-0B7ED7AABFF6}
[2011/12/16 19:32:00 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{20BCB905-BB89-4C83-9B9A-06F1751AE7FF}
[2011/12/15 19:46:59 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2011/12/15 19:46:47 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/12/15 19:46:47 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/12/15 19:46:47 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/12/15 19:46:47 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011/12/15 19:46:47 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/12/15 19:46:47 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/12/15 19:46:47 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/12/15 19:46:30 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011/12/15 19:46:30 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011/12/15 19:39:26 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{6F3581C0-FD25-48D3-9322-983E106FF0CF}
[2011/12/15 19:39:16 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{75D3F22D-2DBF-4BCF-B36B-CF1BCE406A03}
[2011/12/14 22:46:33 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{27A26DCA-E9CD-4488-B6BC-368EDCF23250}
[2011/12/14 10:19:00 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{EB6A4AE1-95A0-4720-AEC3-B6E7074EEA74}
[2011/12/14 10:18:50 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{0F45DB67-4AE2-4DCF-B36D-A52A1C80F85E}
[2011/12/13 21:56:24 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{DD7621A9-7F3D-405D-BF00-A45F64E14C88}
[2011/12/13 21:56:13 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{22CD161E-BFE8-4222-BABB-352A4634C43A}
[2011/12/13 08:02:06 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{D5766A73-4259-4BA3-B9F9-53F16F909BDE}
[2011/12/13 08:01:56 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{9C0366DC-F1C1-43A8-9535-79E81F417A80}
[2011/12/12 07:58:12 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{12644AAD-2CE8-497C-BA4F-82EE28CB6A37}
[2011/12/12 07:58:02 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{D585F99A-94DC-442E-8E95-89513B804BFB}
[2011/12/11 18:44:58 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{E83BBE81-730E-4715-BD1A-D94BA39AF2FA}
[2011/12/11 18:44:48 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{079AD391-42B4-4BC6-8E98-956251087F62}
[2011/12/11 14:34:37 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{7A5E7D42-B189-4796-81F6-2E529D534102}
[2011/12/10 19:38:42 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{F6EA5728-3958-4C36-A713-34371C80D640}
[2011/12/10 19:38:32 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{871B0210-7957-4BB4-9693-C267640A234C}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/01/08 22:15:23 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Steven\Desktop\OTL.exe
[2012/01/08 22:10:55 | 001,578,288 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Steven\Desktop\tdsskiller.exe
[2012/01/08 21:22:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3868205673-4145250909-3193622130-1000UA.job
[2012/01/08 19:19:23 | 000,022,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/08 19:19:23 | 000,022,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/08 19:18:14 | 000,729,688 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/01/08 19:18:14 | 000,630,124 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/01/08 19:18:14 | 000,111,208 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/01/08 19:12:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/08 19:12:23 | 2077,904,895 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/07 17:22:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3868205673-4145250909-3193622130-1000Core.job
[2012/01/06 18:51:33 | 000,281,880 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/01/06 18:51:33 | 000,281,880 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/01/06 18:51:21 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012/01/05 20:54:35 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/01/04 23:02:47 | 000,001,463 | ---- | M] () -- C:\Users\Steven\.recently-used.xbel
[2011/12/21 22:35:33 | 000,001,858 | ---- | M] () -- C:\Users\Steven\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2011/12/16 18:11:23 | 000,322,144 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/12/10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/01/04 23:02:47 | 000,001,463 | ---- | C] () -- C:\Users\Steven\.recently-used.xbel
[2011/11/06 11:34:02 | 000,135,252 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/09/29 17:28:54 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2011/09/28 23:22:51 | 000,000,000 | ---- | C] () -- C:\Windows\HMHud.INI
[2011/09/27 20:16:07 | 000,281,880 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/09/27 20:16:06 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/09/27 20:16:05 | 003,360,624 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011/09/23 16:11:07 | 000,722,382 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/09/22 12:29:58 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011/09/22 10:40:10 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011/09/22 10:40:09 | 013,359,616 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/09/22 10:40:09 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/09/22 10:40:09 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/09/22 10:40:09 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2009/07/14 16:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 13:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 13:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 11:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 10:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/14 08:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/11 08:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
========== Custom Scans ==========
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\*.exe /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\system32\drivers\*.sys >
[2009/07/14 12:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\wimmount.sys
< %systemroot%\system32\drivers\*.dll >
< %systemroot%\system32\drivers\*.ini >
< %systemroot%\system32\drivers\*.exe >
< %SYSTEMDRIVE%\*.* >
[2012/01/08 19:12:23 | 2077,904,895 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/03 08:26:45 | 000,000,332 | ---- | M] () -- C:\lucid.log
[2012/01/08 19:12:25 | 4202,196,991 | -HS- | M] () -- C:\pagefile.sys
[2012/01/06 19:27:42 | 000,144,290 | ---- | M] () -- C:\shared.log
[2012/01/08 22:14:43 | 000,076,782 | ---- | M] () -- C:\TDSSKiller.2.6.25.0_08.01.2012_22.11.46_log.txt
< %PROGRAMFILES%\*. >
[2011/10/03 11:27:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\7-Zip
[2011/09/23 18:06:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Allway Sync
[2011/09/23 16:04:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update
[2011/09/22 10:42:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ASM104xUSB3
[2011/09/28 08:22:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ASUS
[2011/12/24 11:19:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Battlelog Web Plugins
[2011/10/26 17:05:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bonjour
[2011/09/29 17:00:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Canon
[2011/10/27 19:43:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2011/12/21 22:34:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Conduit
[2011/09/29 17:18:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Electronic Arts
[2011/10/18 09:46:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Geeks3D
[2011/09/29 23:33:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\GIMP-2.0
[2011/09/23 22:43:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\In The Money
[2011/11/03 08:43:51 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2011/09/22 10:41:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel
[2011/12/16 18:10:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2011/12/17 12:47:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\iTunes
[2011/10/26 17:22:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
[2011/09/23 21:43:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\KeePass Password Safe
[2012/01/08 21:33:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/09/23 16:10:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2011/09/29 19:33:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Security Client
[2011/09/24 11:24:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2011/09/23 16:10:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio
[2011/09/23 16:49:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Works
[2011/10/27 19:02:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2009/07/14 16:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2011/11/03 18:35:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NVIDIA Corporation
[2011/09/23 18:47:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\OpenOffice.org 3
[2011/11/11 08:05:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Origin
[2011/10/27 19:14:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Origin Games
[2011/09/29 16:51:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PC Drivers HeadQuarters
[2011/11/29 21:17:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PokerStars
[2011/09/25 19:35:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PostgreSQL
[2011/09/26 07:46:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PSQLINSTALL
[2011/11/12 12:42:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\QuickTime
[2011/09/22 10:41:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek
[2009/07/14 16:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2011/09/26 07:43:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\RVG Software
[2011/09/26 21:31:13 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Skype
[2011/09/29 09:26:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Steam
[2012/01/08 20:13:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SteamNew
[2011/09/23 16:02:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SumatraPDF
[2011/09/25 14:42:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SystemRequirementsLab
[2011/09/26 21:32:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\TeamViewer
[2011/09/22 10:41:04 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp
[2009/07/14 15:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2012/01/07 11:24:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Vuze
[2011/12/21 22:34:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Vuze_Remote
[2010/11/21 18:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2011/09/24 11:24:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2010/11/21 18:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2010/11/21 18:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2009/07/14 16:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2010/11/21 18:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2010/11/21 14:31:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2010/11/21 18:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
< MD5 for: ATAPI.SYS >
[2009/07/14 12:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 12:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\ms hdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 12:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35 _6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: EXPLORER.EXE >
[2011/02/26 16:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87 e574ddfe652d\explorer.exe
[2011/02/25 17:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 17:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa7 9dc39081d0ba\explorer.exe
[2011/02/26 17:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b033 3b22a99da332\explorer.exe
[2010/11/21 14:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f 56d3c4bcbafb\explorer.exe
[2011/02/25 16:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 16:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc 4815c4e292b5\explorer.exe
[2010/11/21 14:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afda ac81905bf900\explorer.exe
< MD5 for: USERINIT.EXE >
[2010/11/21 14:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 14:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de30 24012ff21116\userinit.exe
[2010/11/21 14:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 14:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4e bf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010/11/21 14:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/21 14:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde9 0685eb910636\winlogon.exe
[2011/12/24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
< End of report >
EXTRAS log:
OTL Extras logfile created on: 8/01/2012 10:16:04 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Steven\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000c09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
7.91 Gb Total Physical Memory | 5.97 Gb Available Physical Memory | 75.38% Memory free
15.83 Gb Paging File | 13.74 Gb Available in Paging File | 86.81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119.14 Gb Total Space | 5.13 Gb Free Space | 4.31% Space Free | Partition Type: NTFS
Drive E: | 931.51 Gb Total Space | 745.27 Gb Free Space | 80.01% Space Free | Partition Type: NTFS
Computer Name: STEVEN-PC | User Name: Steven | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\PublicPr ofile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile\AuthorizedApplications\List]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp 1.0 RC2
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{42738DB0-FC3E-4672-A99B-9372F5696E30}" = Microsoft Security Client
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 285.38
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 285.38
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 285.38
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 285.38
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.2.24.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D66F0C3C-24F2-4463-9E2F-4381E5C40A26}" = iTunes
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"ASRock App Charger_is1" = ASRock App Charger v1.0.4
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.58
"Defraggler" = Defraggler
"HoldemManager" = Holdem Manager
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"VIRTU_is1" = VIRTU 1.2.104
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0A3A9522-EFA2-4C56-9138-101692C2A130}" = System Requirements Lab
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A1FA4C1-2701-401C-8CE1-FDDE45304FF5}" = ASUS nVidia Driver
"{1E58B969-9BB4-4012-8D8B-D06005D1CD24}" = TP-LINK Wireless Client Utility
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1" = Geeks3D.com FurMark 1.9.1
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 29
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3839C2FF-2CD0-4601-91A8-B1E40A9BE8A8}" = Driver Detective
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_STANDARDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_STANDARDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_STANDARDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_STANDARDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_STANDARDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_STANDARDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_STANDARDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_STANDARDR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_STANDARDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_STANDARDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_STANDARDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_STANDARDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Click to Call with Skype
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"7-Zip" = 7-Zip 9.20
"8461-7759-5462-8226" = Vuze
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Allway Sync_is1" = Allway Sync version 11.4.0
"Battlelog Web Plugins" = Battlelog Web Plugins
"ESN Sonar-0.70.4" = ESN Sonar
"KeePass Password Safe_is1" = KeePass Password Safe 1.20
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.0.1800
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"PokerStars" = PokerStars
"PostgreSQL 8.4" = PostgreSQL 8.4
"PunkBusterSvc" = PunkBuster Services
"SitNGoWizard" = SitNGo Wizard
"STANDARDR" = Microsoft Office Standard 2007
"Steam App 42680" = Call of Duty: Modern Warfare 3
"Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 42750" = Call of Duty: Modern Warfare 3 - Dedicated Server
"SumatraPDF" = SumatraPDF
"Vuze_Remote Toolbar" = Vuze Remote Toolbar
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Uninstall]
"Flux" = F.lux
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 7/01/2012 6:55:20 AM | Computer Name = Steven-PC | Source = PostgreSQL | ID = 0
Description = 2012-01-07 21:55:20 ESTERROR: duplicate key value violates unique
constraint "uniqueserial" 2012-01-07 21:55:20 ESTSTATEMENT: EXECUTE PKHEXECUTE(73373723327,2,to_timestamp('01/06/2012
05:53:04','MM/DD/YYYY HH24:MI:SS'),1312,2,8,2,2,2,2,8,37,46,34,39,30,375 00,0,19500,19500,37500,37500,0,0,0,2,3,False,4,0,0 ,0,11,13,13,-1,4,-1,0);
select currval('pokerhands_pokerhand_id_seq')
Error - 7/01/2012 6:55:20 AM | Computer Name = Steven-PC | Source = PostgreSQL | ID = 0
Description = 2012-01-07 21:55:20 ESTERROR: duplicate key value violates unique
constraint "uniqueserial" 2012-01-07 21:55:20 ESTSTATEMENT: EXECUTE PKHEXECUTE(73373749320,2,to_timestamp('01/06/2012
05:53:59','MM/DD/YYYY HH24:MI:SS'),1312,2,8,2,2,2,2,1,12,16,44,47,40,306 000,0,309000,309000,309000,309000,0,0,0,1,2,False, 3,0,0,0,12,12,14,2,5,2,0);
select currval('pokerhands_pokerhand_id_seq')
Error - 7/01/2012 6:55:20 AM | Computer Name = Steven-PC | Source = PostgreSQL | ID = 0
Description = 2012-01-07 21:55:20 ESTERROR: duplicate key value violates unique
constraint "uniqueserial" 2012-01-07 21:55:20 ESTSTATEMENT: EXECUTE PKHEXECUTE(73373770799,2,to_timestamp('01/06/2012
05:54:45','MM/DD/YYYY HH24:MI:SS'),1312,2,8,0,0,0,0,2,0,0,0,0,0,19500,0, 19500,0,0,0,-1,-1,-1,-1,-1,False,-1,0,0,0,-1,-1,-1,-1,2,3,0);
select currval('pokerhands_pokerhand_id_seq')
Error - 7/01/2012 6:55:20 AM | Computer Name = Steven-PC | Source = PostgreSQL | ID = 0
Description = 2012-01-07 21:55:20 ESTERROR: duplicate key value violates unique
constraint "uniqueserial" 2012-01-07 21:55:20 ESTSTATEMENT: EXECUTE PKHEXECUTE(73373788658,2,to_timestamp('01/06/2012
05:55:26','MM/DD/YYYY HH24:MI:SS'),1312,2,8,2,0,0,0,3,24,32,3,0,0,19500, 0,19500,0,0,0,0,-1,-1,1,-1,False,-1,0,0,0,11,-1,-1,-1,4,-1,0);
select currval('pokerhands_pokerhand_id_seq')
Error - 7/01/2012 6:55:20 AM | Computer Name = Steven-PC | Source = PostgreSQL | ID = 0
Description = 2012-01-07 21:55:20 ESTERROR: duplicate key value violates unique
constraint "uniqueserial" 2012-01-07 21:55:20 ESTSTATEMENT: EXECUTE PKHEXECUTE(73373802983,2,to_timestamp('01/06/2012
05:56:03','MM/DD/YYYY HH24:MI:SS'),1312,2,8,3,3,2,0,4,26,19,41,31,40,605 00,0,28500,28500,60500,0,0,0,0,2,2,False,2,0,0,0,1 3,13,14,-1,3,-1,0);
select currval('pokerhands_pokerhand_id_seq')
Error - 7/01/2012 6:55:20 AM | Computer Name = Steven-PC | Source = PostgreSQL | ID = 0
Description = 2012-01-07 21:55:20 ESTERROR: duplicate key value violates unique
constraint "uniqueserial" 2012-01-07 21:55:20 ESTSTATEMENT: EXECUTE PKHEXECUTE(73373833311,2,to_timestamp('01/06/2012
05:57:22','MM/DD/YYYY HH24:MI:SS'),1312,2,8,3,2,2,2,5,14,13,19,44,22,570 00,0,27000,57000,57000,57000,0,0,0,2,2,False,3,0,0 ,0,14,14,14,-1,3,-1,0);
select currval('pokerhands_pokerhand_id_seq')
Error - 7/01/2012 6:55:20 AM | Computer Name = Steven-PC | Source = PostgreSQL | ID = 0
Description = 2012-01-07 21:55:20 ESTERROR: duplicate key value violates unique
constraint "uniqueserial" 2012-01-07 21:55:20 ESTSTATEMENT: EXECUTE PKHEXECUTE(73373854525,2,to_timestamp('01/06/2012
05:58:16','MM/DD/YYYY HH24:MI:SS'),1312,10,8,2,2,0,0,6,12,7,40,41,0,5250 0,0,22500,52500,0,0,0,0,-1,2,2,True,-1,0,0,0,14,14,-1,-1,4,-1,0);
select currval('pokerhands_pokerhand_id_seq')
Error - 7/01/2012 6:55:20 AM | Computer Name = Steven-PC | Source = PostgreSQL | ID = 0
Description = 2012-01-07 21:55:20 ESTERROR: duplicate key value violates unique
constraint "uniqueserial" 2012-01-07 21:55:20 ESTSTATEMENT: EXECUTE PKHEXECUTE(73373872402,2,to_timestamp('01/06/2012
05:59:02','MM/DD/YYYY HH24:MI:SS'),1312,10,8,0,0,0,0,7,0,0,0,0,0,12500,0 ,12500,0,0,0,-1,-1,-1,-1,-1,False,-1,0,0,0,-1,-1,-1,-1,5,-1,0);
select currval('pokerhands_pokerhand_id_seq')
Error - 7/01/2012 9:30:16 AM | Computer Name = Steven-PC | Source = SideBySide | ID = 16842824
Description = Activation context generation failed for "c:\program files\microsoft
security client\MSESysprep.dll".Error in manifest or policy file "c:\program files\microsoft
security client\MSESysprep.dll" on line 10. The element imaging appears as a child
of element urn:schemas-microsoft-com:asm.v1^assembly which is not supported by
this version of Windows.
Error - 8/01/2012 4:14:17 AM | Computer Name = Steven-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 16/11/2011 3:12:33 PM | Computer Name = Steven-PC | Source = Service Control Manager | ID = 7032
Description = The Service Control Manager tried to take a corrective action (Restart
the service) after the unexpected termination of the Apple Mobile Device service,
but this action failed with the following error: %%1056
Error - 20/11/2011 4:00:16 AM | Computer Name = Steven-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Steam
Client Service service to connect.
Error - 20/11/2011 4:00:16 AM | Computer Name = Steven-PC | Source = Service Control Manager | ID = 7000
Description = The Steam Client Service service failed to start due to the following
error: %%1053
Error - 12/12/2011 4:50:59 AM | Computer Name = Steven-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 7:50:23 PM on ?12/?12/?2011 was unexpected.
Error - 12/12/2011 5:02:01 AM | Computer Name = Steven-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.117.797.0 Update Source: %%859 Update Stage:
%%852 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803
User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error
code: 0x80072efe Error description: The connection with the server was terminated
abnormally
Error - 12/12/2011 6:13:19 AM | Computer Name = Steven-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Steam
Client Service service to connect.
Error - 12/12/2011 6:13:19 AM | Computer Name = Steven-PC | Source = Service Control Manager | ID = 7000
Description = The Steam Client Service service failed to start due to the following
error: %%1053
Error - 16/12/2011 3:11:25 AM | Computer Name = Steven-PC | Source = Microsoft Antimalware | ID = 3002
Description = %%860 Real-Time Protection feature has encountered an error and failed.
Feature:
%%835 Error Code: 0x80004005 Error description: Unspecified error Reason: %%842
Error - 6/01/2012 7:31:38 AM | Computer Name = Steven-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Steam
Client Service service to connect.
Error - 6/01/2012 7:31:38 AM | Computer Name = Steven-PC | Source = Service Control Manager | ID = 7000
Description = The Steam Client Service service failed to start due to the following
error: %%1053
< End of report >
Computer Name: STEVEN-PC | User Name: Steven | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/01/08 22:15:23 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Steven\Desktop\OTL.exe
PRC - [2012/01/05 20:54:35 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012/01/05 20:22:11 | 000,419,624 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2011/09/29 09:31:55 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\SteamNew\steam.exe
PRC - [2011/09/22 12:29:48 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/02/22 13:14:40 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011/02/22 13:14:34 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011/01/28 16:15:33 | 000,066,048 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe
PRC - [2011/01/28 16:13:43 | 004,538,368 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
PRC - [2009/08/29 17:00:12 | 000,966,656 | ---- | M] () -- C:\Users\Steven\Local Settings\Apps\F.lux\flux.exe
PRC - [2007/11/15 05:00:00 | 000,077,824 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
========== Modules (No Company Name) ==========
MOD - [2012/01/05 20:48:44 | 000,411,120 | ---- | M] () -- C:\Users\Steven\AppData\Local\Google\Chrome\Applic ation\16.0.912.75\ppgooglenaclpluginchrome.dll
MOD - [2012/01/05 20:48:43 | 003,767,792 | ---- | M] () -- C:\Users\Steven\AppData\Local\Google\Chrome\Applic ation\16.0.912.75\pdf.dll
MOD - [2012/01/05 20:47:19 | 000,122,880 | ---- | M] () -- C:\Users\Steven\AppData\Local\Google\Chrome\Applic ation\16.0.912.75\avutil-51.dll
MOD - [2012/01/05 20:47:18 | 000,222,208 | ---- | M] () -- C:\Users\Steven\AppData\Local\Google\Chrome\Applic ation\16.0.912.75\avformat-53.dll
MOD - [2012/01/05 20:47:17 | 001,746,432 | ---- | M] () -- C:\Users\Steven\AppData\Local\Google\Chrome\Applic ation\16.0.912.75\avcodec-53.dll
MOD - [2012/01/05 20:22:11 | 014,410,024 | ---- | M] () -- C:\Program Files (x86)\SteamNew\bin\libcef.dll
MOD - [2012/01/05 20:22:09 | 000,194,344 | ---- | M] () -- C:\Program Files (x86)\SteamNew\bin\chromehtml.dll
MOD - [2012/01/05 20:22:07 | 000,091,432 | ---- | M] () -- C:\Program Files (x86)\SteamNew\bin\avutil-50.dll
MOD - [2012/01/05 20:22:05 | 000,155,432 | ---- | M] () -- C:\Program Files (x86)\SteamNew\bin\avformat-52.dll
MOD - [2012/01/05 20:22:03 | 000,914,216 | ---- | M] () -- C:\Program Files (x86)\SteamNew\bin\avcodec-52.dll
MOD - [2012/01/05 18:06:01 | 008,593,056 | ---- | M] () -- C:\Users\Steven\AppData\Local\Google\Chrome\Applic ation\16.0.912.75\gcswf32.dll
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/08/29 17:00:12 | 000,966,656 | ---- | M] () -- C:\Users\Steven\Local Settings\Apps\F.lux\flux.exe
MOD - [2007/11/15 05:00:00 | 000,077,824 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011/08/12 10:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2011/04/27 18:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2011/04/27 18:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2009/07/14 12:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/11/15 11:17:04 | 000,160,272 | ---- | M] (Logitech, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2012/01/05 20:54:35 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/01/05 20:22:11 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/09/22 12:29:48 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/02/22 13:14:40 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2011/02/22 13:14:34 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2011/01/28 16:15:33 | 000,066,048 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program Files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe -- (postgresql-8.4)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/11 08:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011/07/23 03:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/13 08:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/07/08 10:21:28 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/07/07 17:05:42 | 000,066,336 | ---- | M] (Lucidlogix Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VirtuWDDM.sys -- (VirtuWDDM)
DRV:64bit: - [2011/04/27 16:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2011/04/22 05:17:04 | 000,471,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/04/15 14:08:26 | 012,228,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/03/11 17:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 17:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/04 17:00:14 | 000,390,632 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011/03/04 17:00:14 | 000,126,952 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2010/11/21 14:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 14:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 14:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/09 16:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2010/10/20 16:51:06 | 001,577,984 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/10/19 17:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010/06/11 15:37:14 | 000,015,368 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AsrAppCharger.sys -- (AsrAppCharger)
DRV:64bit: - [2009/11/18 10:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:64bit: - [2009/07/14 12:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 12:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 12:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/11 07:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 07:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 07:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 07:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/05/06 17:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2007/09/21 04:13:08 | 000,056,336 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2007/09/21 04:13:02 | 000,054,288 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009/07/14 12:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ninemsn.com.au/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-au
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = AE B9 B0 FE A6 79 CC 01 [binary data]
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyOverride" = *.local
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Steven\AppData\Local\Google\Update\1.3.21 .79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Steven\AppData\Local\Google\Update\1.3.21 .79\npGoogleUpdate3.dll (Google Inc.)
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:accepte dSuggestion}{google
riginalQueryForSuggestion}{go ogle:searchFieldtrialParameter}{google:instantFiel dTrialGroupParameter}sourceid=chrome&ie={inputEnco ding}&q={searchTerms}CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldt rialParameter}{google:instantFieldTrialGroupParame ter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Steven\AppData\Local\Google\Chrome\Applic ation\16.0.912.75\gcswf32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Steven\AppData\Local\Google\Chrome\Applic ation\16.0.912.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Steven\AppData\Local\Google\Chrome\Applic ation\16.0.912.75\pdf.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Steven\AppData\Local\Google\Update\1.2.18 3.39\npGoogleOneClick8.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Brushed = C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjgbcjfpbbfepcccpaffkjofc mglifg\1.0_0\
CHR - Extension: YouTube = C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo\4.2.3_0\
CHR - Extension: Google Search = C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljnie djpjpf\0.0.0.16_0\
CHR - Extension: Click to call with Skype = C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfg npldfl\5.6.0.8153_0\
CHR - Extension: Gmail = C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia\7_0\
O1 HOSTS File: ([2009/06/11 08:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [Bluetooth Connection Assistant] LBTWIZ.EXE -silent File not found
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKCU..\Run: [F.lux] C:\Users\Steven\Local Settings\Apps\F.lux\flux.exe ()
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\SteamNew\Steam.exe (Valve Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: PromptOnSecureDesktop = 0
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pu...sh/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{A5BA3154-F9A2-4471-A878-63CB7160C107}: DhcpNameServer = 203.0.178.191 203.215.29.191
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{EDF010B7-F04F-4B05-8D4A-7E857F8AF06A}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~1\LUCIDL~1\VIRTU\APPINI~1.DLL) - C:\Program Files\Lucidlogix Technologies\VIRTU\appinit_dll.dll (Lucidlogix Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\LUCIDL~1\VIRTU\x86\APPINI~1.DLL) -C:\Program Files\Lucidlogix Technologies\VIRTU\x86\appinit_dll.dll (Lucidlogix Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.e xe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
MsConfig:64bit - State: "services" - Reg Error: Key error.
SafeBootMin:64bit: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: MsMpSvc - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet:64bit: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: MsMpSvc - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSe tup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSe tup SIGNUP
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
========== Files/Folders - Created Within 30 Days ==========
[2012/01/08 22:15:20 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Steven\Desktop\OTL.exe
[2012/01/08 22:10:45 | 001,578,288 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Steven\Desktop\tdsskiller.exe
[2012/01/08 10:25:05 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{F23E33B4-0931-49FD-8D43-B19FDC119A1E}
[2012/01/08 10:24:55 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{7C267E2E-DA79-41AB-B5FF-4F6B35C86C0D}
[2012/01/07 20:54:16 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{7CD4EC60-1443-4A8A-A46F-1C9FDC38E6F4}
[2012/01/07 20:54:06 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{FDF8F6D1-1E1A-41D9-A82A-23EE924A34B5}
[2012/01/07 19:51:45 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{58DD1DD4-9B28-4CCA-851E-BEEA52CA401D}
[2012/01/07 14:00:14 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{31E032F7-FA4E-4039-A372-BC475F661ACF}
[2012/01/06 22:00:52 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{60BBDBAB-A94B-4401-B068-742A1B81B7B1}
[2012/01/06 22:00:43 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{CC2EE9E3-4A87-41E2-991A-EE15D0C0FCFB}
[2012/01/06 09:46:48 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{ED09061A-C65A-42F1-829C-01F9EB7DD0C6}
[2012/01/06 09:46:38 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{82078DB1-65A3-404B-BBC1-60BBD83864CA}
[2012/01/05 19:34:58 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{1B25A16F-72E8-4350-8BC3-BA329CABABF5}
[2012/01/05 19:34:47 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{30000E12-FA09-45F7-A4E9-04E6C6C2194B}
[2012/01/04 21:06:21 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{B021C7F2-2D62-47D4-9AEE-E706AB93C0D1}
[2012/01/04 21:06:10 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{9A0A76AD-57EB-48A2-83C2-0C62C9FECD3C}
[2012/01/04 20:23:37 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{CBBB913F-E253-4E00-8A62-DAE02CDC9880}
[2012/01/04 08:13:40 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{5F091480-FF5B-4C5B-996D-DDF1CC1F8354}
[2012/01/04 08:13:30 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{C4CF5D2F-ED79-43CB-8683-3A3EDA111F74}
[2012/01/03 13:23:07 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{5818C553-30DF-4395-A565-3161DC34DBB0}
[2012/01/03 13:22:45 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{4D9686BA-CFD6-47E9-A026-283FFBAB49B0}
[2012/01/02 20:35:01 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{DE679968-9140-4AC6-8B35-03C384533B1D}
[2012/01/02 20:34:51 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{47408A3C-378E-4BB8-BF63-3D368026CDE3}
[2012/01/02 15:01:48 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{FEBF1D62-25FC-4023-934A-0EA142EDF0C0}
[2012/01/01 21:33:30 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{6551E571-9337-4866-B2FB-CE05DD6BF8BF}
[2012/01/01 18:57:34 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{1C843F6B-F048-4F13-9160-3F541BBF19FC}
[2012/01/01 01:03:34 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{00D179E1-3949-4841-83DE-9C2405937BED}
[2012/01/01 01:03:24 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{DC14EBD6-DD54-4C2E-BC28-D9B67A3B7174}
[2011/12/31 13:03:09 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{1A6D012F-2A18-4A85-BC05-7F69063971E3}
[2011/12/31 13:02:59 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{D719D743-2204-4158-A750-6A4DF06321BB}
[2011/12/31 12:06:49 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{2B4B8541-6E5F-46E8-AE7B-E0809837E70B}
[2011/12/30 21:35:57 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{7D866306-95EC-4967-8527-5C15601C5360}
[2011/12/30 21:35:47 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{21A64A8A-5F72-40C0-BFFD-D3CFE3B7095C}
[2011/12/30 19:41:36 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{19574741-F369-4A70-91FF-0CA38309BD8D}
[2011/12/30 12:00:17 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{2A4C1F9B-FDA5-4F20-BBAA-934C07527BD9}
[2011/12/30 08:49:14 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{9CD28D9C-CC0A-4E49-91BB-7CF6D5CBCEE3}
[2011/12/29 12:46:50 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{B3192361-93B4-47BD-B28B-16892E94DA8A}
[2011/12/29 12:46:39 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{98248EC4-0810-4E4B-8198-9AC1F56E6D18}
[2011/12/28 22:59:20 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{9476983A-D075-4AEA-ACAB-F8DE8BBCEFEF}
[2011/12/28 22:59:10 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{7320947D-0FAA-46ED-B93C-81E8C07329DE}
[2011/12/28 10:28:42 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{99E46829-DF29-44D0-9376-5CB5A158CB84}
[2011/12/28 10:28:32 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{B59DB712-FAD7-4327-9C03-7ACEB4C8150A}
[2011/12/27 19:02:50 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{97E2A3C5-1CE4-4E3C-92B9-906A8EF78365}
[2011/12/27 19:02:39 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{8E75B063-1F1A-4907-9458-74BCF80C8110}
[2011/12/27 11:27:05 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{E3A27EFF-5E28-4B37-B067-719E534B816A}
[2011/12/26 17:05:45 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{49F81CAA-90E4-4648-848E-49FD0E2F4AB6}
[2011/12/26 17:05:35 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{5F1497A3-9F03-4204-9D3C-75D6A435DDEA}
[2011/12/25 08:41:37 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{52B2FB96-1AC3-40A7-9D88-27455684A2A8}
[2011/12/25 08:41:27 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{877E0857-C552-44CF-911C-9D2274121AFC}
[2011/12/24 11:02:58 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{24589CFD-59D0-4794-8B17-0172C9E32A1A}
[2011/12/24 11:02:48 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{FE066499-A557-4D0E-9326-1246DDBDA654}
[2011/12/23 17:05:15 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{9CDD207E-A313-481B-A6F3-4B00615CE739}
[2011/12/23 17:05:05 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{BBE31AF6-2F29-430B-B888-3BAB4A697662}
[2011/12/22 19:34:31 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{4A506178-225B-40A5-8A62-401E12D4A551}
[2011/12/22 19:34:21 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{A3B0910C-7DF2-424F-8448-316F3305E09B}
[2011/12/21 22:34:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2011/12/21 22:34:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vuze_Remote
[2011/12/21 19:23:46 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{94BB1324-8BD9-48DF-A874-969A19739913}
[2011/12/21 19:23:35 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{83950243-37EA-43E7-B41A-C90AFF5F8882}
[2011/12/20 19:26:26 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{43C82058-6000-45AB-9D17-593418869DCE}
[2011/12/20 19:26:15 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{E0B4AC08-31D1-4DB5-9FB0-BDA5C5869A1D}
[2011/12/19 18:50:40 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{7ACDA820-30E7-4551-A5C7-ED3F823A0A14}
[2011/12/19 18:50:30 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{8653DEC2-173D-46E4-A5B9-D962D76A8D66}
[2011/12/18 11:24:14 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{B8342445-2195-4300-8535-8CAA8019D906}
[2011/12/18 11:24:04 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{5094FBF3-DF70-44F3-8EDC-54BF9D6A2B9A}
[2011/12/18 10:45:54 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{6165D492-A0E5-49F7-9C93-C8FC9F62BE47}
[2011/12/18 10:45:44 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{62E0A1E6-69CA-43DC-A042-28443BA85126}
[2011/12/17 22:17:13 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{93B64A70-8191-4E9D-AF7A-7DF5DA9081AB}
[2011/12/17 22:17:02 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{0FBBCB6D-7F39-4EF6-B3CA-73C7336DC45A}
[2011/12/17 21:35:55 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{70C71BD2-023F-47BC-9BAE-91A070047E16}
[2011/12/17 21:35:44 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{E361ED2A-FD05-4BBE-9576-5193C0278866}
[2011/12/17 13:27:18 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{C7EF34DF-F20C-41A4-8389-8CEE51FFB0E2}
[2011/12/17 12:47:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/12/17 12:47:15 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/12/17 12:47:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011/12/17 12:47:15 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/12/17 12:13:10 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2011/12/17 12:12:52 | 000,361,472 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMLMA9.DLL
[2011/12/17 10:11:11 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{66BCCDAB-8A9C-411F-8252-B9AC8DC032EB}
[2011/12/17 10:11:01 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{F68A3D26-6DC5-4005-9270-0F3F219D35F5}
[2011/12/16 19:32:10 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{452A00BA-D4DC-40A6-B0AF-0B7ED7AABFF6}
[2011/12/16 19:32:00 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{20BCB905-BB89-4C83-9B9A-06F1751AE7FF}
[2011/12/15 19:46:59 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2011/12/15 19:46:47 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/12/15 19:46:47 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/12/15 19:46:47 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/12/15 19:46:47 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011/12/15 19:46:47 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/12/15 19:46:47 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/12/15 19:46:47 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/12/15 19:46:30 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011/12/15 19:46:30 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011/12/15 19:39:26 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{6F3581C0-FD25-48D3-9322-983E106FF0CF}
[2011/12/15 19:39:16 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{75D3F22D-2DBF-4BCF-B36B-CF1BCE406A03}
[2011/12/14 22:46:33 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{27A26DCA-E9CD-4488-B6BC-368EDCF23250}
[2011/12/14 10:19:00 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{EB6A4AE1-95A0-4720-AEC3-B6E7074EEA74}
[2011/12/14 10:18:50 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{0F45DB67-4AE2-4DCF-B36D-A52A1C80F85E}
[2011/12/13 21:56:24 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{DD7621A9-7F3D-405D-BF00-A45F64E14C88}
[2011/12/13 21:56:13 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{22CD161E-BFE8-4222-BABB-352A4634C43A}
[2011/12/13 08:02:06 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{D5766A73-4259-4BA3-B9F9-53F16F909BDE}
[2011/12/13 08:01:56 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{9C0366DC-F1C1-43A8-9535-79E81F417A80}
[2011/12/12 07:58:12 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{12644AAD-2CE8-497C-BA4F-82EE28CB6A37}
[2011/12/12 07:58:02 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{D585F99A-94DC-442E-8E95-89513B804BFB}
[2011/12/11 18:44:58 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{E83BBE81-730E-4715-BD1A-D94BA39AF2FA}
[2011/12/11 18:44:48 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{079AD391-42B4-4BC6-8E98-956251087F62}
[2011/12/11 14:34:37 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{7A5E7D42-B189-4796-81F6-2E529D534102}
[2011/12/10 19:38:42 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{F6EA5728-3958-4C36-A713-34371C80D640}
[2011/12/10 19:38:32 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{871B0210-7957-4BB4-9693-C267640A234C}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/01/08 22:15:23 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Steven\Desktop\OTL.exe
[2012/01/08 22:10:55 | 001,578,288 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Steven\Desktop\tdsskiller.exe
[2012/01/08 21:22:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3868205673-4145250909-3193622130-1000UA.job
[2012/01/08 19:19:23 | 000,022,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/08 19:19:23 | 000,022,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/08 19:18:14 | 000,729,688 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/01/08 19:18:14 | 000,630,124 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/01/08 19:18:14 | 000,111,208 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/01/08 19:12:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/08 19:12:23 | 2077,904,895 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/07 17:22:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3868205673-4145250909-3193622130-1000Core.job
[2012/01/06 18:51:33 | 000,281,880 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/01/06 18:51:33 | 000,281,880 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/01/06 18:51:21 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012/01/05 20:54:35 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/01/04 23:02:47 | 000,001,463 | ---- | M] () -- C:\Users\Steven\.recently-used.xbel
[2011/12/21 22:35:33 | 000,001,858 | ---- | M] () -- C:\Users\Steven\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2011/12/16 18:11:23 | 000,322,144 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/12/10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/01/04 23:02:47 | 000,001,463 | ---- | C] () -- C:\Users\Steven\.recently-used.xbel
[2011/11/06 11:34:02 | 000,135,252 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/09/29 17:28:54 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2011/09/28 23:22:51 | 000,000,000 | ---- | C] () -- C:\Windows\HMHud.INI
[2011/09/27 20:16:07 | 000,281,880 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/09/27 20:16:06 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/09/27 20:16:05 | 003,360,624 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011/09/23 16:11:07 | 000,722,382 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/09/22 12:29:58 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011/09/22 10:40:10 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011/09/22 10:40:09 | 013,359,616 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/09/22 10:40:09 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/09/22 10:40:09 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/09/22 10:40:09 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2009/07/14 16:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 13:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 13:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 11:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 10:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/14 08:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/11 08:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
========== Custom Scans ==========
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\*.exe /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\system32\drivers\*.sys >
[2009/07/14 12:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\wimmount.sys
< %systemroot%\system32\drivers\*.dll >
< %systemroot%\system32\drivers\*.ini >
< %systemroot%\system32\drivers\*.exe >
< %SYSTEMDRIVE%\*.* >
[2012/01/08 19:12:23 | 2077,904,895 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/03 08:26:45 | 000,000,332 | ---- | M] () -- C:\lucid.log
[2012/01/08 19:12:25 | 4202,196,991 | -HS- | M] () -- C:\pagefile.sys
[2012/01/06 19:27:42 | 000,144,290 | ---- | M] () -- C:\shared.log
[2012/01/08 22:14:43 | 000,076,782 | ---- | M] () -- C:\TDSSKiller.2.6.25.0_08.01.2012_22.11.46_log.txt
< %PROGRAMFILES%\*. >
[2011/10/03 11:27:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\7-Zip
[2011/09/23 18:06:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Allway Sync
[2011/09/23 16:04:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update
[2011/09/22 10:42:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ASM104xUSB3
[2011/09/28 08:22:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ASUS
[2011/12/24 11:19:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Battlelog Web Plugins
[2011/10/26 17:05:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bonjour
[2011/09/29 17:00:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Canon
[2011/10/27 19:43:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2011/12/21 22:34:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Conduit
[2011/09/29 17:18:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Electronic Arts
[2011/10/18 09:46:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Geeks3D
[2011/09/29 23:33:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\GIMP-2.0
[2011/09/23 22:43:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\In The Money
[2011/11/03 08:43:51 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2011/09/22 10:41:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel
[2011/12/16 18:10:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2011/12/17 12:47:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\iTunes
[2011/10/26 17:22:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
[2011/09/23 21:43:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\KeePass Password Safe
[2012/01/08 21:33:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/09/23 16:10:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2011/09/29 19:33:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Security Client
[2011/09/24 11:24:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2011/09/23 16:10:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio
[2011/09/23 16:49:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Works
[2011/10/27 19:02:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2009/07/14 16:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2011/11/03 18:35:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NVIDIA Corporation
[2011/09/23 18:47:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\OpenOffice.org 3
[2011/11/11 08:05:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Origin
[2011/10/27 19:14:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Origin Games
[2011/09/29 16:51:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PC Drivers HeadQuarters
[2011/11/29 21:17:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PokerStars
[2011/09/25 19:35:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PostgreSQL
[2011/09/26 07:46:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PSQLINSTALL
[2011/11/12 12:42:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\QuickTime
[2011/09/22 10:41:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek
[2009/07/14 16:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2011/09/26 07:43:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\RVG Software
[2011/09/26 21:31:13 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Skype
[2011/09/29 09:26:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Steam
[2012/01/08 20:13:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SteamNew
[2011/09/23 16:02:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SumatraPDF
[2011/09/25 14:42:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SystemRequirementsLab
[2011/09/26 21:32:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\TeamViewer
[2011/09/22 10:41:04 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp
[2009/07/14 15:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2012/01/07 11:24:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Vuze
[2011/12/21 22:34:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Vuze_Remote
[2010/11/21 18:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2011/09/24 11:24:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2010/11/21 18:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2010/11/21 18:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2009/07/14 16:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2010/11/21 18:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2010/11/21 14:31:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2010/11/21 18:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
< MD5 for: ATAPI.SYS >
[2009/07/14 12:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 12:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\ms hdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 12:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35 _6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: EXPLORER.EXE >
[2011/02/26 16:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87 e574ddfe652d\explorer.exe
[2011/02/25 17:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 17:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa7 9dc39081d0ba\explorer.exe
[2011/02/26 17:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b033 3b22a99da332\explorer.exe
[2010/11/21 14:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f 56d3c4bcbafb\explorer.exe
[2011/02/25 16:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 16:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc 4815c4e292b5\explorer.exe
[2010/11/21 14:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afda ac81905bf900\explorer.exe
< MD5 for: USERINIT.EXE >
[2010/11/21 14:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 14:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de30 24012ff21116\userinit.exe
[2010/11/21 14:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 14:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4e bf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010/11/21 14:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/21 14:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde9 0685eb910636\winlogon.exe
[2011/12/24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
< End of report >
EXTRAS log:
OTL Extras logfile created on: 8/01/2012 10:16:04 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Steven\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000c09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
7.91 Gb Total Physical Memory | 5.97 Gb Available Physical Memory | 75.38% Memory free
15.83 Gb Paging File | 13.74 Gb Available in Paging File | 86.81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119.14 Gb Total Space | 5.13 Gb Free Space | 4.31% Space Free | Partition Type: NTFS
Drive E: | 931.51 Gb Total Space | 745.27 Gb Free Space | 80.01% Space Free | Partition Type: NTFS
Computer Name: STEVEN-PC | User Name: Steven | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\PublicPr ofile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile\AuthorizedApplications\List]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp 1.0 RC2
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{42738DB0-FC3E-4672-A99B-9372F5696E30}" = Microsoft Security Client
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 285.38
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 285.38
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 285.38
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 285.38
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.2.24.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D66F0C3C-24F2-4463-9E2F-4381E5C40A26}" = iTunes
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"ASRock App Charger_is1" = ASRock App Charger v1.0.4
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.58
"Defraggler" = Defraggler
"HoldemManager" = Holdem Manager
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"VIRTU_is1" = VIRTU 1.2.104
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0A3A9522-EFA2-4C56-9138-101692C2A130}" = System Requirements Lab
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A1FA4C1-2701-401C-8CE1-FDDE45304FF5}" = ASUS nVidia Driver
"{1E58B969-9BB4-4012-8D8B-D06005D1CD24}" = TP-LINK Wireless Client Utility
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1" = Geeks3D.com FurMark 1.9.1
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 29
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3839C2FF-2CD0-4601-91A8-B1E40A9BE8A8}" = Driver Detective
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_STANDARDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_STANDARDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_STANDARDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_STANDARDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_STANDARDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_STANDARDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_STANDARDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_STANDARDR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_STANDARDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_STANDARDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_STANDARDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_STANDARDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Click to Call with Skype
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"7-Zip" = 7-Zip 9.20
"8461-7759-5462-8226" = Vuze
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Allway Sync_is1" = Allway Sync version 11.4.0
"Battlelog Web Plugins" = Battlelog Web Plugins
"ESN Sonar-0.70.4" = ESN Sonar
"KeePass Password Safe_is1" = KeePass Password Safe 1.20
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.0.1800
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"PokerStars" = PokerStars
"PostgreSQL 8.4" = PostgreSQL 8.4
"PunkBusterSvc" = PunkBuster Services
"SitNGoWizard" = SitNGo Wizard
"STANDARDR" = Microsoft Office Standard 2007
"Steam App 42680" = Call of Duty: Modern Warfare 3
"Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 42750" = Call of Duty: Modern Warfare 3 - Dedicated Server
"SumatraPDF" = SumatraPDF
"Vuze_Remote Toolbar" = Vuze Remote Toolbar
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Uninstall]
"Flux" = F.lux
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 7/01/2012 6:55:20 AM | Computer Name = Steven-PC | Source = PostgreSQL | ID = 0
Description = 2012-01-07 21:55:20 ESTERROR: duplicate key value violates unique
constraint "uniqueserial" 2012-01-07 21:55:20 ESTSTATEMENT: EXECUTE PKHEXECUTE(73373723327,2,to_timestamp('01/06/2012
05:53:04','MM/DD/YYYY HH24:MI:SS'),1312,2,8,2,2,2,2,8,37,46,34,39,30,375 00,0,19500,19500,37500,37500,0,0,0,2,3,False,4,0,0 ,0,11,13,13,-1,4,-1,0);
select currval('pokerhands_pokerhand_id_seq')
Error - 7/01/2012 6:55:20 AM | Computer Name = Steven-PC | Source = PostgreSQL | ID = 0
Description = 2012-01-07 21:55:20 ESTERROR: duplicate key value violates unique
constraint "uniqueserial" 2012-01-07 21:55:20 ESTSTATEMENT: EXECUTE PKHEXECUTE(73373749320,2,to_timestamp('01/06/2012
05:53:59','MM/DD/YYYY HH24:MI:SS'),1312,2,8,2,2,2,2,1,12,16,44,47,40,306 000,0,309000,309000,309000,309000,0,0,0,1,2,False, 3,0,0,0,12,12,14,2,5,2,0);
select currval('pokerhands_pokerhand_id_seq')
Error - 7/01/2012 6:55:20 AM | Computer Name = Steven-PC | Source = PostgreSQL | ID = 0
Description = 2012-01-07 21:55:20 ESTERROR: duplicate key value violates unique
constraint "uniqueserial" 2012-01-07 21:55:20 ESTSTATEMENT: EXECUTE PKHEXECUTE(73373770799,2,to_timestamp('01/06/2012
05:54:45','MM/DD/YYYY HH24:MI:SS'),1312,2,8,0,0,0,0,2,0,0,0,0,0,19500,0, 19500,0,0,0,-1,-1,-1,-1,-1,False,-1,0,0,0,-1,-1,-1,-1,2,3,0);
select currval('pokerhands_pokerhand_id_seq')
Error - 7/01/2012 6:55:20 AM | Computer Name = Steven-PC | Source = PostgreSQL | ID = 0
Description = 2012-01-07 21:55:20 ESTERROR: duplicate key value violates unique
constraint "uniqueserial" 2012-01-07 21:55:20 ESTSTATEMENT: EXECUTE PKHEXECUTE(73373788658,2,to_timestamp('01/06/2012
05:55:26','MM/DD/YYYY HH24:MI:SS'),1312,2,8,2,0,0,0,3,24,32,3,0,0,19500, 0,19500,0,0,0,0,-1,-1,1,-1,False,-1,0,0,0,11,-1,-1,-1,4,-1,0);
select currval('pokerhands_pokerhand_id_seq')
Error - 7/01/2012 6:55:20 AM | Computer Name = Steven-PC | Source = PostgreSQL | ID = 0
Description = 2012-01-07 21:55:20 ESTERROR: duplicate key value violates unique
constraint "uniqueserial" 2012-01-07 21:55:20 ESTSTATEMENT: EXECUTE PKHEXECUTE(73373802983,2,to_timestamp('01/06/2012
05:56:03','MM/DD/YYYY HH24:MI:SS'),1312,2,8,3,3,2,0,4,26,19,41,31,40,605 00,0,28500,28500,60500,0,0,0,0,2,2,False,2,0,0,0,1 3,13,14,-1,3,-1,0);
select currval('pokerhands_pokerhand_id_seq')
Error - 7/01/2012 6:55:20 AM | Computer Name = Steven-PC | Source = PostgreSQL | ID = 0
Description = 2012-01-07 21:55:20 ESTERROR: duplicate key value violates unique
constraint "uniqueserial" 2012-01-07 21:55:20 ESTSTATEMENT: EXECUTE PKHEXECUTE(73373833311,2,to_timestamp('01/06/2012
05:57:22','MM/DD/YYYY HH24:MI:SS'),1312,2,8,3,2,2,2,5,14,13,19,44,22,570 00,0,27000,57000,57000,57000,0,0,0,2,2,False,3,0,0 ,0,14,14,14,-1,3,-1,0);
select currval('pokerhands_pokerhand_id_seq')
Error - 7/01/2012 6:55:20 AM | Computer Name = Steven-PC | Source = PostgreSQL | ID = 0
Description = 2012-01-07 21:55:20 ESTERROR: duplicate key value violates unique
constraint "uniqueserial" 2012-01-07 21:55:20 ESTSTATEMENT: EXECUTE PKHEXECUTE(73373854525,2,to_timestamp('01/06/2012
05:58:16','MM/DD/YYYY HH24:MI:SS'),1312,10,8,2,2,0,0,6,12,7,40,41,0,5250 0,0,22500,52500,0,0,0,0,-1,2,2,True,-1,0,0,0,14,14,-1,-1,4,-1,0);
select currval('pokerhands_pokerhand_id_seq')
Error - 7/01/2012 6:55:20 AM | Computer Name = Steven-PC | Source = PostgreSQL | ID = 0
Description = 2012-01-07 21:55:20 ESTERROR: duplicate key value violates unique
constraint "uniqueserial" 2012-01-07 21:55:20 ESTSTATEMENT: EXECUTE PKHEXECUTE(73373872402,2,to_timestamp('01/06/2012
05:59:02','MM/DD/YYYY HH24:MI:SS'),1312,10,8,0,0,0,0,7,0,0,0,0,0,12500,0 ,12500,0,0,0,-1,-1,-1,-1,-1,False,-1,0,0,0,-1,-1,-1,-1,5,-1,0);
select currval('pokerhands_pokerhand_id_seq')
Error - 7/01/2012 9:30:16 AM | Computer Name = Steven-PC | Source = SideBySide | ID = 16842824
Description = Activation context generation failed for "c:\program files\microsoft
security client\MSESysprep.dll".Error in manifest or policy file "c:\program files\microsoft
security client\MSESysprep.dll" on line 10. The element imaging appears as a child
of element urn:schemas-microsoft-com:asm.v1^assembly which is not supported by
this version of Windows.
Error - 8/01/2012 4:14:17 AM | Computer Name = Steven-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 16/11/2011 3:12:33 PM | Computer Name = Steven-PC | Source = Service Control Manager | ID = 7032
Description = The Service Control Manager tried to take a corrective action (Restart
the service) after the unexpected termination of the Apple Mobile Device service,
but this action failed with the following error: %%1056
Error - 20/11/2011 4:00:16 AM | Computer Name = Steven-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Steam
Client Service service to connect.
Error - 20/11/2011 4:00:16 AM | Computer Name = Steven-PC | Source = Service Control Manager | ID = 7000
Description = The Steam Client Service service failed to start due to the following
error: %%1053
Error - 12/12/2011 4:50:59 AM | Computer Name = Steven-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 7:50:23 PM on ?12/?12/?2011 was unexpected.
Error - 12/12/2011 5:02:01 AM | Computer Name = Steven-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.117.797.0 Update Source: %%859 Update Stage:
%%852 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803
User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error
code: 0x80072efe Error description: The connection with the server was terminated
abnormally
Error - 12/12/2011 6:13:19 AM | Computer Name = Steven-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Steam
Client Service service to connect.
Error - 12/12/2011 6:13:19 AM | Computer Name = Steven-PC | Source = Service Control Manager | ID = 7000
Description = The Steam Client Service service failed to start due to the following
error: %%1053
Error - 16/12/2011 3:11:25 AM | Computer Name = Steven-PC | Source = Microsoft Antimalware | ID = 3002
Description = %%860 Real-Time Protection feature has encountered an error and failed.
Feature:
%%835 Error Code: 0x80004005 Error description: Unspecified error Reason: %%842
Error - 6/01/2012 7:31:38 AM | Computer Name = Steven-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Steam
Client Service service to connect.
Error - 6/01/2012 7:31:38 AM | Computer Name = Steven-PC | Source = Service Control Manager | ID = 7000
Description = The Steam Client Service service failed to start due to the following
error: %%1053
< End of report >
01-08-2012
, 07:25 AM
OTL log
Computer Name: STEVEN-PC | User Name: Steven | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/01/08 22:15:23 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Steven\Desktop\OTL.exe
PRC - [2012/01/05 20:54:35 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012/01/05 20:22:11 | 000,419,624 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2011/09/29 09:31:55 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\SteamNew\steam.exe
PRC - [2011/09/22 12:29:48 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/02/22 13:14:40 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011/02/22 13:14:34 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011/01/28 16:15:33 | 000,066,048 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe
PRC - [2011/01/28 16:13:43 | 004,538,368 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
PRC - [2009/08/29 17:00:12 | 000,966,656 | ---- | M] () -- C:\Users\Steven\Local Settings\Apps\F.lux\flux.exe
PRC - [2007/11/15 05:00:00 | 000,077,824 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
========== Modules (No Company Name) ==========
MOD - [2012/01/05 20:48:44 | 000,411,120 | ---- | M] () -- C:\Users\Steven\AppData\Local\Google\Chrome\Applic ation\16.0.912.75\ppgooglenaclpluginchrome.dll
MOD - [2012/01/05 20:48:43 | 003,767,792 | ---- | M] () -- C:\Users\Steven\AppData\Local\Google\Chrome\Applic ation\16.0.912.75\pdf.dll
MOD - [2012/01/05 20:47:19 | 000,122,880 | ---- | M] () -- C:\Users\Steven\AppData\Local\Google\Chrome\Applic ation\16.0.912.75\avutil-51.dll
MOD - [2012/01/05 20:47:18 | 000,222,208 | ---- | M] () -- C:\Users\Steven\AppData\Local\Google\Chrome\Applic ation\16.0.912.75\avformat-53.dll
MOD - [2012/01/05 20:47:17 | 001,746,432 | ---- | M] () -- C:\Users\Steven\AppData\Local\Google\Chrome\Applic ation\16.0.912.75\avcodec-53.dll
MOD - [2012/01/05 20:22:11 | 014,410,024 | ---- | M] () -- C:\Program Files (x86)\SteamNew\bin\libcef.dll
MOD - [2012/01/05 20:22:09 | 000,194,344 | ---- | M] () -- C:\Program Files (x86)\SteamNew\bin\chromehtml.dll
MOD - [2012/01/05 20:22:07 | 000,091,432 | ---- | M] () -- C:\Program Files (x86)\SteamNew\bin\avutil-50.dll
MOD - [2012/01/05 20:22:05 | 000,155,432 | ---- | M] () -- C:\Program Files (x86)\SteamNew\bin\avformat-52.dll
MOD - [2012/01/05 20:22:03 | 000,914,216 | ---- | M] () -- C:\Program Files (x86)\SteamNew\bin\avcodec-52.dll
MOD - [2012/01/05 18:06:01 | 008,593,056 | ---- | M] () -- C:\Users\Steven\AppData\Local\Google\Chrome\Applic ation\16.0.912.75\gcswf32.dll
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/08/29 17:00:12 | 000,966,656 | ---- | M] () -- C:\Users\Steven\Local Settings\Apps\F.lux\flux.exe
MOD - [2007/11/15 05:00:00 | 000,077,824 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011/08/12 10:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2011/04/27 18:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2011/04/27 18:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2009/07/14 12:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/11/15 11:17:04 | 000,160,272 | ---- | M] (Logitech, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2012/01/05 20:54:35 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/01/05 20:22:11 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/09/22 12:29:48 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/02/22 13:14:40 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2011/02/22 13:14:34 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2011/01/28 16:15:33 | 000,066,048 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program Files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe -- (postgresql-8.4)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/11 08:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011/07/23 03:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/13 08:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/07/08 10:21:28 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/07/07 17:05:42 | 000,066,336 | ---- | M] (Lucidlogix Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VirtuWDDM.sys -- (VirtuWDDM)
DRV:64bit: - [2011/04/27 16:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2011/04/22 05:17:04 | 000,471,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/04/15 14:08:26 | 012,228,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/03/11 17:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 17:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/04 17:00:14 | 000,390,632 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011/03/04 17:00:14 | 000,126,952 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2010/11/21 14:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 14:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 14:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/09 16:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2010/10/20 16:51:06 | 001,577,984 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/10/19 17:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010/06/11 15:37:14 | 000,015,368 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AsrAppCharger.sys -- (AsrAppCharger)
DRV:64bit: - [2009/11/18 10:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:64bit: - [2009/07/14 12:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 12:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 12:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/11 07:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 07:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 07:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 07:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/05/06 17:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2007/09/21 04:13:08 | 000,056,336 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2007/09/21 04:13:02 | 000,054,288 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009/07/14 12:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ninemsn.com.au/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-au
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = AE B9 B0 FE A6 79 CC 01 [binary data]
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyOverride" = *.local
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Steven\AppData\Local\Google\Update\1.3.21 .79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Steven\AppData\Local\Google\Update\1.3.21 .79\npGoogleUpdate3.dll (Google Inc.)
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:accepte dSuggestion}{googleriginalQueryForSuggestion}{go ogle:searchFieldtrialParameter}{google:instantFiel dTrialGroupParameter}sourceid=chrome&ie={inputEnco ding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldt rialParameter}{google:instantFieldTrialGroupParame ter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Steven\AppData\Local\Google\Chrome\Applic ation\16.0.912.75\gcswf32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Steven\AppData\Local\Google\Chrome\Applic ation\16.0.912.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Steven\AppData\Local\Google\Chrome\Applic ation\16.0.912.75\pdf.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Steven\AppData\Local\Google\Update\1.2.18 3.39\npGoogleOneClick8.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Brushed = C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjgbcjfpbbfepcccpaffkjofc mglifg\1.0_0\
CHR - Extension: YouTube = C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo\4.2.3_0\
CHR - Extension: Google Search = C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljnie djpjpf\0.0.0.16_0\
CHR - Extension: Click to call with Skype = C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfg npldfl\5.6.0.8153_0\
CHR - Extension: Gmail = C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia\7_0\
O1 HOSTS File: ([2009/06/11 08:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [Bluetooth Connection Assistant] LBTWIZ.EXE -silent File not found
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKCU..\Run: [F.lux] C:\Users\Steven\Local Settings\Apps\F.lux\flux.exe ()
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\SteamNew\Steam.exe (Valve Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: PromptOnSecureDesktop = 0
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pu...sh/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{A5BA3154-F9A2-4471-A878-63CB7160C107}: DhcpNameServer = 203.0.178.191 203.215.29.191
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{EDF010B7-F04F-4B05-8D4A-7E857F8AF06A}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~1\LUCIDL~1\VIRTU\APPINI~1.DLL) - C:\Program Files\Lucidlogix Technologies\VIRTU\appinit_dll.dll (Lucidlogix Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\LUCIDL~1\VIRTU\x86\APPINI~1.DLL) -C:\Program Files\Lucidlogix Technologies\VIRTU\x86\appinit_dll.dll (Lucidlogix Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.e xe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
MsConfig:64bit - State: "services" - Reg Error: Key error.
SafeBootMin:64bit: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: MsMpSvc - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet:64bit: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: MsMpSvc - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSe tup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSe tup SIGNUP
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
========== Files/Folders - Created Within 30 Days ==========
[2012/01/08 22:15:20 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Steven\Desktop\OTL.exe
[2012/01/08 22:10:45 | 001,578,288 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Steven\Desktop\tdsskiller.exe
[2012/01/08 10:25:05 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{F23E33B4-0931-49FD-8D43-B19FDC119A1E}
[2012/01/08 10:24:55 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{7C267E2E-DA79-41AB-B5FF-4F6B35C86C0D}
[2012/01/07 20:54:16 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{7CD4EC60-1443-4A8A-A46F-1C9FDC38E6F4}
[2012/01/07 20:54:06 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{FDF8F6D1-1E1A-41D9-A82A-23EE924A34B5}
[2012/01/07 19:51:45 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{58DD1DD4-9B28-4CCA-851E-BEEA52CA401D}
[2012/01/07 14:00:14 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{31E032F7-FA4E-4039-A372-BC475F661ACF}
[2012/01/06 22:00:52 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{60BBDBAB-A94B-4401-B068-742A1B81B7B1}
[2012/01/06 22:00:43 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{CC2EE9E3-4A87-41E2-991A-EE15D0C0FCFB}
[2012/01/06 09:46:48 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{ED09061A-C65A-42F1-829C-01F9EB7DD0C6}
[2012/01/06 09:46:38 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{82078DB1-65A3-404B-BBC1-60BBD83864CA}
[2012/01/05 19:34:58 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{1B25A16F-72E8-4350-8BC3-BA329CABABF5}
[2012/01/05 19:34:47 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{30000E12-FA09-45F7-A4E9-04E6C6C2194B}
[2012/01/04 21:06:21 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{B021C7F2-2D62-47D4-9AEE-E706AB93C0D1}
[2012/01/04 21:06:10 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{9A0A76AD-57EB-48A2-83C2-0C62C9FECD3C}
[2012/01/04 20:23:37 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{CBBB913F-E253-4E00-8A62-DAE02CDC9880}
[2012/01/04 08:13:40 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{5F091480-FF5B-4C5B-996D-DDF1CC1F8354}
[2012/01/04 08:13:30 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{C4CF5D2F-ED79-43CB-8683-3A3EDA111F74}
[2012/01/03 13:23:07 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{5818C553-30DF-4395-A565-3161DC34DBB0}
[2012/01/03 13:22:45 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{4D9686BA-CFD6-47E9-A026-283FFBAB49B0}
[2012/01/02 20:35:01 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{DE679968-9140-4AC6-8B35-03C384533B1D}
[2012/01/02 20:34:51 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{47408A3C-378E-4BB8-BF63-3D368026CDE3}
[2012/01/02 15:01:48 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{FEBF1D62-25FC-4023-934A-0EA142EDF0C0}
[2012/01/01 21:33:30 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{6551E571-9337-4866-B2FB-CE05DD6BF8BF}
[2012/01/01 18:57:34 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{1C843F6B-F048-4F13-9160-3F541BBF19FC}
[2012/01/01 01:03:34 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{00D179E1-3949-4841-83DE-9C2405937BED}
[2012/01/01 01:03:24 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{DC14EBD6-DD54-4C2E-BC28-D9B67A3B7174}
[2011/12/31 13:03:09 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{1A6D012F-2A18-4A85-BC05-7F69063971E3}
[2011/12/31 13:02:59 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{D719D743-2204-4158-A750-6A4DF06321BB}
[2011/12/31 12:06:49 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{2B4B8541-6E5F-46E8-AE7B-E0809837E70B}
[2011/12/30 21:35:57 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{7D866306-95EC-4967-8527-5C15601C5360}
[2011/12/30 21:35:47 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{21A64A8A-5F72-40C0-BFFD-D3CFE3B7095C}
[2011/12/30 19:41:36 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{19574741-F369-4A70-91FF-0CA38309BD8D}
[2011/12/30 12:00:17 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{2A4C1F9B-FDA5-4F20-BBAA-934C07527BD9}
[2011/12/30 08:49:14 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{9CD28D9C-CC0A-4E49-91BB-7CF6D5CBCEE3}
[2011/12/29 12:46:50 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{B3192361-93B4-47BD-B28B-16892E94DA8A}
[2011/12/29 12:46:39 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{98248EC4-0810-4E4B-8198-9AC1F56E6D18}
[2011/12/28 22:59:20 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{9476983A-D075-4AEA-ACAB-F8DE8BBCEFEF}
[2011/12/28 22:59:10 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{7320947D-0FAA-46ED-B93C-81E8C07329DE}
[2011/12/28 10:28:42 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{99E46829-DF29-44D0-9376-5CB5A158CB84}
[2011/12/28 10:28:32 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{B59DB712-FAD7-4327-9C03-7ACEB4C8150A}
[2011/12/27 19:02:50 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{97E2A3C5-1CE4-4E3C-92B9-906A8EF78365}
[2011/12/27 19:02:39 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{8E75B063-1F1A-4907-9458-74BCF80C8110}
[2011/12/27 11:27:05 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{E3A27EFF-5E28-4B37-B067-719E534B816A}
[2011/12/26 17:05:45 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{49F81CAA-90E4-4648-848E-49FD0E2F4AB6}
[2011/12/26 17:05:35 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{5F1497A3-9F03-4204-9D3C-75D6A435DDEA}
[2011/12/25 08:41:37 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{52B2FB96-1AC3-40A7-9D88-27455684A2A8}
[2011/12/25 08:41:27 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{877E0857-C552-44CF-911C-9D2274121AFC}
[2011/12/24 11:02:58 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{24589CFD-59D0-4794-8B17-0172C9E32A1A}
[2011/12/24 11:02:48 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{FE066499-A557-4D0E-9326-1246DDBDA654}
[2011/12/23 17:05:15 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{9CDD207E-A313-481B-A6F3-4B00615CE739}
[2011/12/23 17:05:05 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{BBE31AF6-2F29-430B-B888-3BAB4A697662}
[2011/12/22 19:34:31 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{4A506178-225B-40A5-8A62-401E12D4A551}
[2011/12/22 19:34:21 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{A3B0910C-7DF2-424F-8448-316F3305E09B}
[2011/12/21 22:34:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2011/12/21 22:34:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vuze_Remote
[2011/12/21 19:23:46 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{94BB1324-8BD9-48DF-A874-969A19739913}
[2011/12/21 19:23:35 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{83950243-37EA-43E7-B41A-C90AFF5F8882}
[2011/12/20 19:26:26 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{43C82058-6000-45AB-9D17-593418869DCE}
[2011/12/20 19:26:15 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{E0B4AC08-31D1-4DB5-9FB0-BDA5C5869A1D}
[2011/12/19 18:50:40 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{7ACDA820-30E7-4551-A5C7-ED3F823A0A14}
[2011/12/19 18:50:30 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{8653DEC2-173D-46E4-A5B9-D962D76A8D66}
[2011/12/18 11:24:14 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{B8342445-2195-4300-8535-8CAA8019D906}
[2011/12/18 11:24:04 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{5094FBF3-DF70-44F3-8EDC-54BF9D6A2B9A}
[2011/12/18 10:45:54 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{6165D492-A0E5-49F7-9C93-C8FC9F62BE47}
[2011/12/18 10:45:44 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{62E0A1E6-69CA-43DC-A042-28443BA85126}
[2011/12/17 22:17:13 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{93B64A70-8191-4E9D-AF7A-7DF5DA9081AB}
[2011/12/17 22:17:02 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{0FBBCB6D-7F39-4EF6-B3CA-73C7336DC45A}
[2011/12/17 21:35:55 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{70C71BD2-023F-47BC-9BAE-91A070047E16}
[2011/12/17 21:35:44 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{E361ED2A-FD05-4BBE-9576-5193C0278866}
[2011/12/17 13:27:18 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{C7EF34DF-F20C-41A4-8389-8CEE51FFB0E2}
[2011/12/17 12:47:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/12/17 12:47:15 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/12/17 12:47:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011/12/17 12:47:15 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/12/17 12:13:10 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2011/12/17 12:12:52 | 000,361,472 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMLMA9.DLL
[2011/12/17 10:11:11 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{66BCCDAB-8A9C-411F-8252-B9AC8DC032EB}
[2011/12/17 10:11:01 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{F68A3D26-6DC5-4005-9270-0F3F219D35F5}
[2011/12/16 19:32:10 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{452A00BA-D4DC-40A6-B0AF-0B7ED7AABFF6}
[2011/12/16 19:32:00 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{20BCB905-BB89-4C83-9B9A-06F1751AE7FF}
[2011/12/15 19:46:59 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2011/12/15 19:46:47 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/12/15 19:46:47 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/12/15 19:46:47 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/12/15 19:46:47 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011/12/15 19:46:47 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/12/15 19:46:47 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/12/15 19:46:47 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/12/15 19:46:30 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011/12/15 19:46:30 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011/12/15 19:39:26 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{6F3581C0-FD25-48D3-9322-983E106FF0CF}
[2011/12/15 19:39:16 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{75D3F22D-2DBF-4BCF-B36B-CF1BCE406A03}
[2011/12/14 22:46:33 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{27A26DCA-E9CD-4488-B6BC-368EDCF23250}
[2011/12/14 10:19:00 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{EB6A4AE1-95A0-4720-AEC3-B6E7074EEA74}
[2011/12/14 10:18:50 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{0F45DB67-4AE2-4DCF-B36D-A52A1C80F85E}
[2011/12/13 21:56:24 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{DD7621A9-7F3D-405D-BF00-A45F64E14C88}
[2011/12/13 21:56:13 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{22CD161E-BFE8-4222-BABB-352A4634C43A}
[2011/12/13 08:02:06 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{D5766A73-4259-4BA3-B9F9-53F16F909BDE}
[2011/12/13 08:01:56 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{9C0366DC-F1C1-43A8-9535-79E81F417A80}
[2011/12/12 07:58:12 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{12644AAD-2CE8-497C-BA4F-82EE28CB6A37}
[2011/12/12 07:58:02 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{D585F99A-94DC-442E-8E95-89513B804BFB}
[2011/12/11 18:44:58 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{E83BBE81-730E-4715-BD1A-D94BA39AF2FA}
[2011/12/11 18:44:48 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{079AD391-42B4-4BC6-8E98-956251087F62}
[2011/12/11 14:34:37 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{7A5E7D42-B189-4796-81F6-2E529D534102}
[2011/12/10 19:38:42 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{F6EA5728-3958-4C36-A713-34371C80D640}
[2011/12/10 19:38:32 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{871B0210-7957-4BB4-9693-C267640A234C}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/01/08 22:15:23 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Steven\Desktop\OTL.exe
[2012/01/08 22:10:55 | 001,578,288 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Steven\Desktop\tdsskiller.exe
[2012/01/08 21:22:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3868205673-4145250909-3193622130-1000UA.job
[2012/01/08 19:19:23 | 000,022,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/08 19:19:23 | 000,022,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/08 19:18:14 | 000,729,688 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/01/08 19:18:14 | 000,630,124 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/01/08 19:18:14 | 000,111,208 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/01/08 19:12:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/08 19:12:23 | 2077,904,895 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/07 17:22:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3868205673-4145250909-3193622130-1000Core.job
[2012/01/06 18:51:33 | 000,281,880 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/01/06 18:51:33 | 000,281,880 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/01/06 18:51:21 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012/01/05 20:54:35 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/01/04 23:02:47 | 000,001,463 | ---- | M] () -- C:\Users\Steven\.recently-used.xbel
[2011/12/21 22:35:33 | 000,001,858 | ---- | M] () -- C:\Users\Steven\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2011/12/16 18:11:23 | 000,322,144 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/12/10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/01/04 23:02:47 | 000,001,463 | ---- | C] () -- C:\Users\Steven\.recently-used.xbel
[2011/11/06 11:34:02 | 000,135,252 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/09/29 17:28:54 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2011/09/28 23:22:51 | 000,000,000 | ---- | C] () -- C:\Windows\HMHud.INI
[2011/09/27 20:16:07 | 000,281,880 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/09/27 20:16:06 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/09/27 20:16:05 | 003,360,624 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011/09/23 16:11:07 | 000,722,382 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/09/22 12:29:58 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011/09/22 10:40:10 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011/09/22 10:40:09 | 013,359,616 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/09/22 10:40:09 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/09/22 10:40:09 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/09/22 10:40:09 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2009/07/14 16:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 13:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 13:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 11:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 10:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/14 08:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/11 08:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
========== Custom Scans ==========
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\*.exe /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\system32\drivers\*.sys >
[2009/07/14 12:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\wimmount.sys
< %systemroot%\system32\drivers\*.dll >
< %systemroot%\system32\drivers\*.ini >
< %systemroot%\system32\drivers\*.exe >
< %SYSTEMDRIVE%\*.* >
[2012/01/08 19:12:23 | 2077,904,895 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/03 08:26:45 | 000,000,332 | ---- | M] () -- C:\lucid.log
[2012/01/08 19:12:25 | 4202,196,991 | -HS- | M] () -- C:\pagefile.sys
[2012/01/06 19:27:42 | 000,144,290 | ---- | M] () -- C:\shared.log
[2012/01/08 22:14:43 | 000,076,782 | ---- | M] () -- C:\TDSSKiller.2.6.25.0_08.01.2012_22.11.46_log.txt
< %PROGRAMFILES%\*. >
[2011/10/03 11:27:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\7-Zip
[2011/09/23 18:06:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Allway Sync
[2011/09/23 16:04:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update
[2011/09/22 10:42:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ASM104xUSB3
[2011/09/28 08:22:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ASUS
[2011/12/24 11:19:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Battlelog Web Plugins
[2011/10/26 17:05:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bonjour
[2011/09/29 17:00:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Canon
[2011/10/27 19:43:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2011/12/21 22:34:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Conduit
[2011/09/29 17:18:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Electronic Arts
[2011/10/18 09:46:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Geeks3D
[2011/09/29 23:33:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\GIMP-2.0
[2011/09/23 22:43:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\In The Money
[2011/11/03 08:43:51 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2011/09/22 10:41:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel
[2011/12/16 18:10:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2011/12/17 12:47:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\iTunes
[2011/10/26 17:22:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
[2011/09/23 21:43:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\KeePass Password Safe
[2012/01/08 21:33:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/09/23 16:10:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2011/09/29 19:33:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Security Client
[2011/09/24 11:24:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2011/09/23 16:10:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio
[2011/09/23 16:49:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Works
[2011/10/27 19:02:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2009/07/14 16:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2011/11/03 18:35:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NVIDIA Corporation
[2011/09/23 18:47:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\OpenOffice.org 3
[2011/11/11 08:05:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Origin
[2011/10/27 19:14:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Origin Games
[2011/09/29 16:51:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PC Drivers HeadQuarters
[2011/11/29 21:17:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PokerStars
[2011/09/25 19:35:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PostgreSQL
[2011/09/26 07:46:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PSQLINSTALL
[2011/11/12 12:42:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\QuickTime
[2011/09/22 10:41:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek
[2009/07/14 16:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2011/09/26 07:43:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\RVG Software
[2011/09/26 21:31:13 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Skype
[2011/09/29 09:26:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Steam
[2012/01/08 20:13:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SteamNew
[2011/09/23 16:02:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SumatraPDF
[2011/09/25 14:42:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SystemRequirementsLab
[2011/09/26 21:32:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\TeamViewer
[2011/09/22 10:41:04 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp
[2009/07/14 15:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2012/01/07 11:24:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Vuze
[2011/12/21 22:34:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Vuze_Remote
[2010/11/21 18:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2011/09/24 11:24:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2010/11/21 18:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2010/11/21 18:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2009/07/14 16:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2010/11/21 18:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2010/11/21 14:31:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2010/11/21 18:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
< MD5 for: ATAPI.SYS >
[2009/07/14 12:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 12:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\ms hdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 12:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35 _6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: EXPLORER.EXE >
[2011/02/26 16:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87 e574ddfe652d\explorer.exe
[2011/02/25 17:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 17:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa7 9dc39081d0ba\explorer.exe
[2011/02/26 17:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b033 3b22a99da332\explorer.exe
[2010/11/21 14:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f 56d3c4bcbafb\explorer.exe
[2011/02/25 16:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 16:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc 4815c4e292b5\explorer.exe
[2010/11/21 14:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afda ac81905bf900\explorer.exe
< MD5 for: USERINIT.EXE >
[2010/11/21 14:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 14:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de30 24012ff21116\userinit.exe
[2010/11/21 14:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 14:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4e bf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010/11/21 14:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/21 14:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde9 0685eb910636\winlogon.exe
[2011/12/24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
< End of report >
EXTRAS log:
OTL Extras logfile created on: 8/01/2012 10:16:04 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Steven\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000c09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
7.91 Gb Total Physical Memory | 5.97 Gb Available Physical Memory | 75.38% Memory free
15.83 Gb Paging File | 13.74 Gb Available in Paging File | 86.81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119.14 Gb Total Space | 5.13 Gb Free Space | 4.31% Space Free | Partition Type: NTFS
Drive E: | 931.51 Gb Total Space | 745.27 Gb Free Space | 80.01% Space Free | Partition Type: NTFS
Computer Name: STEVEN-PC | User Name: Steven | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\PublicPr ofile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile\AuthorizedApplications\List]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp 1.0 RC2
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{42738DB0-FC3E-4672-A99B-9372F5696E30}" = Microsoft Security Client
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 285.38
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 285.38
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 285.38
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 285.38
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.2.24.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D66F0C3C-24F2-4463-9E2F-4381E5C40A26}" = iTunes
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"ASRock App Charger_is1" = ASRock App Charger v1.0.4
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.58
"Defraggler" = Defraggler
"HoldemManager" = Holdem Manager
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"VIRTU_is1" = VIRTU 1.2.104
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0A3A9522-EFA2-4C56-9138-101692C2A130}" = System Requirements Lab
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A1FA4C1-2701-401C-8CE1-FDDE45304FF5}" = ASUS nVidia Driver
"{1E58B969-9BB4-4012-8D8B-D06005D1CD24}" = TP-LINK Wireless Client Utility
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1" = Geeks3D.com FurMark 1.9.1
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 29
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3839C2FF-2CD0-4601-91A8-B1E40A9BE8A8}" = Driver Detective
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_STANDARDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_STANDARDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_STANDARDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_STANDARDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_STANDARDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_STANDARDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_STANDARDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_STANDARDR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_STANDARDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_STANDARDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_STANDARDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_STANDARDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Click to Call with Skype
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"7-Zip" = 7-Zip 9.20
"8461-7759-5462-8226" = Vuze
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Allway Sync_is1" = Allway Sync version 11.4.0
"Battlelog Web Plugins" = Battlelog Web Plugins
"ESN Sonar-0.70.4" = ESN Sonar
"KeePass Password Safe_is1" = KeePass Password Safe 1.20
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.0.1800
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"PokerStars" = PokerStars
"PostgreSQL 8.4" = PostgreSQL 8.4
"PunkBusterSvc" = PunkBuster Services
"SitNGoWizard" = SitNGo Wizard
"STANDARDR" = Microsoft Office Standard 2007
"Steam App 42680" = Call of Duty: Modern Warfare 3
"Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 42750" = Call of Duty: Modern Warfare 3 - Dedicated Server
"SumatraPDF" = SumatraPDF
"Vuze_Remote Toolbar" = Vuze Remote Toolbar
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Uninstall]
"Flux" = F.lux
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 7/01/2012 6:55:20 AM | Computer Name = Steven-PC | Source = PostgreSQL | ID = 0
Description = 2012-01-07 21:55:20 ESTERROR: duplicate key value violates unique
constraint "uniqueserial" 2012-01-07 21:55:20 ESTSTATEMENT: EXECUTE PKHEXECUTE(73373723327,2,to_timestamp('01/06/2012
05:53:04','MM/DD/YYYY HH24:MI:SS'),1312,2,8,2,2,2,2,8,37,46,34,39,30,375 00,0,19500,19500,37500,37500,0,0,0,2,3,False,4,0,0 ,0,11,13,13,-1,4,-1,0);
select currval('pokerhands_pokerhand_id_seq')
Error - 7/01/2012 6:55:20 AM | Computer Name = Steven-PC | Source = PostgreSQL | ID = 0
Description = 2012-01-07 21:55:20 ESTERROR: duplicate key value violates unique
constraint "uniqueserial" 2012-01-07 21:55:20 ESTSTATEMENT: EXECUTE PKHEXECUTE(73373749320,2,to_timestamp('01/06/2012
05:53:59','MM/DD/YYYY HH24:MI:SS'),1312,2,8,2,2,2,2,1,12,16,44,47,40,306 000,0,309000,309000,309000,309000,0,0,0,1,2,False, 3,0,0,0,12,12,14,2,5,2,0);
select currval('pokerhands_pokerhand_id_seq')
Error - 7/01/2012 6:55:20 AM | Computer Name = Steven-PC | Source = PostgreSQL | ID = 0
Description = 2012-01-07 21:55:20 ESTERROR: duplicate key value violates unique
constraint "uniqueserial" 2012-01-07 21:55:20 ESTSTATEMENT: EXECUTE PKHEXECUTE(73373770799,2,to_timestamp('01/06/2012
05:54:45','MM/DD/YYYY HH24:MI:SS'),1312,2,8,0,0,0,0,2,0,0,0,0,0,19500,0, 19500,0,0,0,-1,-1,-1,-1,-1,False,-1,0,0,0,-1,-1,-1,-1,2,3,0);
select currval('pokerhands_pokerhand_id_seq')
Error - 7/01/2012 6:55:20 AM | Computer Name = Steven-PC | Source = PostgreSQL | ID = 0
Description = 2012-01-07 21:55:20 ESTERROR: duplicate key value violates unique
constraint "uniqueserial" 2012-01-07 21:55:20 ESTSTATEMENT: EXECUTE PKHEXECUTE(73373788658,2,to_timestamp('01/06/2012
05:55:26','MM/DD/YYYY HH24:MI:SS'),1312,2,8,2,0,0,0,3,24,32,3,0,0,19500, 0,19500,0,0,0,0,-1,-1,1,-1,False,-1,0,0,0,11,-1,-1,-1,4,-1,0);
select currval('pokerhands_pokerhand_id_seq')
Error - 7/01/2012 6:55:20 AM | Computer Name = Steven-PC | Source = PostgreSQL | ID = 0
Description = 2012-01-07 21:55:20 ESTERROR: duplicate key value violates unique
constraint "uniqueserial" 2012-01-07 21:55:20 ESTSTATEMENT: EXECUTE PKHEXECUTE(73373802983,2,to_timestamp('01/06/2012
05:56:03','MM/DD/YYYY HH24:MI:SS'),1312,2,8,3,3,2,0,4,26,19,41,31,40,605 00,0,28500,28500,60500,0,0,0,0,2,2,False,2,0,0,0,1 3,13,14,-1,3,-1,0);
select currval('pokerhands_pokerhand_id_seq')
Error - 7/01/2012 6:55:20 AM | Computer Name = Steven-PC | Source = PostgreSQL | ID = 0
Description = 2012-01-07 21:55:20 ESTERROR: duplicate key value violates unique
constraint "uniqueserial" 2012-01-07 21:55:20 ESTSTATEMENT: EXECUTE PKHEXECUTE(73373833311,2,to_timestamp('01/06/2012
05:57:22','MM/DD/YYYY HH24:MI:SS'),1312,2,8,3,2,2,2,5,14,13,19,44,22,570 00,0,27000,57000,57000,57000,0,0,0,2,2,False,3,0,0 ,0,14,14,14,-1,3,-1,0);
select currval('pokerhands_pokerhand_id_seq')
Error - 7/01/2012 6:55:20 AM | Computer Name = Steven-PC | Source = PostgreSQL | ID = 0
Description = 2012-01-07 21:55:20 ESTERROR: duplicate key value violates unique
constraint "uniqueserial" 2012-01-07 21:55:20 ESTSTATEMENT: EXECUTE PKHEXECUTE(73373854525,2,to_timestamp('01/06/2012
05:58:16','MM/DD/YYYY HH24:MI:SS'),1312,10,8,2,2,0,0,6,12,7,40,41,0,5250 0,0,22500,52500,0,0,0,0,-1,2,2,True,-1,0,0,0,14,14,-1,-1,4,-1,0);
select currval('pokerhands_pokerhand_id_seq')
Error - 7/01/2012 6:55:20 AM | Computer Name = Steven-PC | Source = PostgreSQL | ID = 0
Description = 2012-01-07 21:55:20 ESTERROR: duplicate key value violates unique
constraint "uniqueserial" 2012-01-07 21:55:20 ESTSTATEMENT: EXECUTE PKHEXECUTE(73373872402,2,to_timestamp('01/06/2012
05:59:02','MM/DD/YYYY HH24:MI:SS'),1312,10,8,0,0,0,0,7,0,0,0,0,0,12500,0 ,12500,0,0,0,-1,-1,-1,-1,-1,False,-1,0,0,0,-1,-1,-1,-1,5,-1,0);
select currval('pokerhands_pokerhand_id_seq')
Error - 7/01/2012 9:30:16 AM | Computer Name = Steven-PC | Source = SideBySide | ID = 16842824
Description = Activation context generation failed for "c:\program files\microsoft
security client\MSESysprep.dll".Error in manifest or policy file "c:\program files\microsoft
security client\MSESysprep.dll" on line 10. The element imaging appears as a child
of element urn:schemas-microsoft-com:asm.v1^assembly which is not supported by
this version of Windows.
Error - 8/01/2012 4:14:17 AM | Computer Name = Steven-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 16/11/2011 3:12:33 PM | Computer Name = Steven-PC | Source = Service Control Manager | ID = 7032
Description = The Service Control Manager tried to take a corrective action (Restart
the service) after the unexpected termination of the Apple Mobile Device service,
but this action failed with the following error: %%1056
Error - 20/11/2011 4:00:16 AM | Computer Name = Steven-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Steam
Client Service service to connect.
Error - 20/11/2011 4:00:16 AM | Computer Name = Steven-PC | Source = Service Control Manager | ID = 7000
Description = The Steam Client Service service failed to start due to the following
error: %%1053
Error - 12/12/2011 4:50:59 AM | Computer Name = Steven-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 7:50:23 PM on ?12/?12/?2011 was unexpected.
Error - 12/12/2011 5:02:01 AM | Computer Name = Steven-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.117.797.0 Update Source: %%859 Update Stage:
%%852 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803
User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error
code: 0x80072efe Error description: The connection with the server was terminated
abnormally
Error - 12/12/2011 6:13:19 AM | Computer Name = Steven-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Steam
Client Service service to connect.
Error - 12/12/2011 6:13:19 AM | Computer Name = Steven-PC | Source = Service Control Manager | ID = 7000
Description = The Steam Client Service service failed to start due to the following
error: %%1053
Error - 16/12/2011 3:11:25 AM | Computer Name = Steven-PC | Source = Microsoft Antimalware | ID = 3002
Description = %%860 Real-Time Protection feature has encountered an error and failed.
Feature:
%%835 Error Code: 0x80004005 Error description: Unspecified error Reason: %%842
Error - 6/01/2012 7:31:38 AM | Computer Name = Steven-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Steam
Client Service service to connect.
Error - 6/01/2012 7:31:38 AM | Computer Name = Steven-PC | Source = Service Control Manager | ID = 7000
Description = The Steam Client Service service failed to start due to the following
error: %%1053
< End of report >
Computer Name: STEVEN-PC | User Name: Steven | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/01/08 22:15:23 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Steven\Desktop\OTL.exe
PRC - [2012/01/05 20:54:35 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012/01/05 20:22:11 | 000,419,624 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2011/09/29 09:31:55 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\SteamNew\steam.exe
PRC - [2011/09/22 12:29:48 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/02/22 13:14:40 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011/02/22 13:14:34 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011/01/28 16:15:33 | 000,066,048 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe
PRC - [2011/01/28 16:13:43 | 004,538,368 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
PRC - [2009/08/29 17:00:12 | 000,966,656 | ---- | M] () -- C:\Users\Steven\Local Settings\Apps\F.lux\flux.exe
PRC - [2007/11/15 05:00:00 | 000,077,824 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
========== Modules (No Company Name) ==========
MOD - [2012/01/05 20:48:44 | 000,411,120 | ---- | M] () -- C:\Users\Steven\AppData\Local\Google\Chrome\Applic ation\16.0.912.75\ppgooglenaclpluginchrome.dll
MOD - [2012/01/05 20:48:43 | 003,767,792 | ---- | M] () -- C:\Users\Steven\AppData\Local\Google\Chrome\Applic ation\16.0.912.75\pdf.dll
MOD - [2012/01/05 20:47:19 | 000,122,880 | ---- | M] () -- C:\Users\Steven\AppData\Local\Google\Chrome\Applic ation\16.0.912.75\avutil-51.dll
MOD - [2012/01/05 20:47:18 | 000,222,208 | ---- | M] () -- C:\Users\Steven\AppData\Local\Google\Chrome\Applic ation\16.0.912.75\avformat-53.dll
MOD - [2012/01/05 20:47:17 | 001,746,432 | ---- | M] () -- C:\Users\Steven\AppData\Local\Google\Chrome\Applic ation\16.0.912.75\avcodec-53.dll
MOD - [2012/01/05 20:22:11 | 014,410,024 | ---- | M] () -- C:\Program Files (x86)\SteamNew\bin\libcef.dll
MOD - [2012/01/05 20:22:09 | 000,194,344 | ---- | M] () -- C:\Program Files (x86)\SteamNew\bin\chromehtml.dll
MOD - [2012/01/05 20:22:07 | 000,091,432 | ---- | M] () -- C:\Program Files (x86)\SteamNew\bin\avutil-50.dll
MOD - [2012/01/05 20:22:05 | 000,155,432 | ---- | M] () -- C:\Program Files (x86)\SteamNew\bin\avformat-52.dll
MOD - [2012/01/05 20:22:03 | 000,914,216 | ---- | M] () -- C:\Program Files (x86)\SteamNew\bin\avcodec-52.dll
MOD - [2012/01/05 18:06:01 | 008,593,056 | ---- | M] () -- C:\Users\Steven\AppData\Local\Google\Chrome\Applic ation\16.0.912.75\gcswf32.dll
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/08/29 17:00:12 | 000,966,656 | ---- | M] () -- C:\Users\Steven\Local Settings\Apps\F.lux\flux.exe
MOD - [2007/11/15 05:00:00 | 000,077,824 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011/08/12 10:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2011/04/27 18:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2011/04/27 18:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2009/07/14 12:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/11/15 11:17:04 | 000,160,272 | ---- | M] (Logitech, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2012/01/05 20:54:35 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/01/05 20:22:11 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/09/22 12:29:48 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/02/22 13:14:40 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2011/02/22 13:14:34 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2011/01/28 16:15:33 | 000,066,048 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program Files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe -- (postgresql-8.4)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/11 08:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011/07/23 03:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/13 08:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/07/08 10:21:28 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/07/07 17:05:42 | 000,066,336 | ---- | M] (Lucidlogix Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VirtuWDDM.sys -- (VirtuWDDM)
DRV:64bit: - [2011/04/27 16:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2011/04/22 05:17:04 | 000,471,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/04/15 14:08:26 | 012,228,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/03/11 17:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 17:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/04 17:00:14 | 000,390,632 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011/03/04 17:00:14 | 000,126,952 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2010/11/21 14:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 14:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 14:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/09 16:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2010/10/20 16:51:06 | 001,577,984 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/10/19 17:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010/06/11 15:37:14 | 000,015,368 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AsrAppCharger.sys -- (AsrAppCharger)
DRV:64bit: - [2009/11/18 10:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:64bit: - [2009/07/14 12:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 12:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 12:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/11 07:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 07:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 07:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 07:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/05/06 17:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2007/09/21 04:13:08 | 000,056,336 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2007/09/21 04:13:02 | 000,054,288 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009/07/14 12:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ninemsn.com.au/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-au
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = AE B9 B0 FE A6 79 CC 01 [binary data]
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyOverride" = *.local
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Steven\AppData\Local\Google\Update\1.3.21 .79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Steven\AppData\Local\Google\Update\1.3.21 .79\npGoogleUpdate3.dll (Google Inc.)
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:accepte dSuggestion}{google
riginalQueryForSuggestion}{go ogle:searchFieldtrialParameter}{google:instantFiel dTrialGroupParameter}sourceid=chrome&ie={inputEnco ding}&q={searchTerms}CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldt rialParameter}{google:instantFieldTrialGroupParame ter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Steven\AppData\Local\Google\Chrome\Applic ation\16.0.912.75\gcswf32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Steven\AppData\Local\Google\Chrome\Applic ation\16.0.912.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Steven\AppData\Local\Google\Chrome\Applic ation\16.0.912.75\pdf.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Steven\AppData\Local\Google\Update\1.2.18 3.39\npGoogleOneClick8.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Brushed = C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjgbcjfpbbfepcccpaffkjofc mglifg\1.0_0\
CHR - Extension: YouTube = C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo\4.2.3_0\
CHR - Extension: Google Search = C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljnie djpjpf\0.0.0.16_0\
CHR - Extension: Click to call with Skype = C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfg npldfl\5.6.0.8153_0\
CHR - Extension: Gmail = C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia\7_0\
O1 HOSTS File: ([2009/06/11 08:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [Bluetooth Connection Assistant] LBTWIZ.EXE -silent File not found
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKCU..\Run: [F.lux] C:\Users\Steven\Local Settings\Apps\F.lux\flux.exe ()
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\SteamNew\Steam.exe (Valve Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: PromptOnSecureDesktop = 0
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pu...sh/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{A5BA3154-F9A2-4471-A878-63CB7160C107}: DhcpNameServer = 203.0.178.191 203.215.29.191
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{EDF010B7-F04F-4B05-8D4A-7E857F8AF06A}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~1\LUCIDL~1\VIRTU\APPINI~1.DLL) - C:\Program Files\Lucidlogix Technologies\VIRTU\appinit_dll.dll (Lucidlogix Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\LUCIDL~1\VIRTU\x86\APPINI~1.DLL) -C:\Program Files\Lucidlogix Technologies\VIRTU\x86\appinit_dll.dll (Lucidlogix Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.e xe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
MsConfig:64bit - State: "services" - Reg Error: Key error.
SafeBootMin:64bit: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: MsMpSvc - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet:64bit: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: MsMpSvc - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSe tup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSe tup SIGNUP
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
========== Files/Folders - Created Within 30 Days ==========
[2012/01/08 22:15:20 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Steven\Desktop\OTL.exe
[2012/01/08 22:10:45 | 001,578,288 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Steven\Desktop\tdsskiller.exe
[2012/01/08 10:25:05 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{F23E33B4-0931-49FD-8D43-B19FDC119A1E}
[2012/01/08 10:24:55 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{7C267E2E-DA79-41AB-B5FF-4F6B35C86C0D}
[2012/01/07 20:54:16 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{7CD4EC60-1443-4A8A-A46F-1C9FDC38E6F4}
[2012/01/07 20:54:06 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{FDF8F6D1-1E1A-41D9-A82A-23EE924A34B5}
[2012/01/07 19:51:45 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{58DD1DD4-9B28-4CCA-851E-BEEA52CA401D}
[2012/01/07 14:00:14 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{31E032F7-FA4E-4039-A372-BC475F661ACF}
[2012/01/06 22:00:52 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{60BBDBAB-A94B-4401-B068-742A1B81B7B1}
[2012/01/06 22:00:43 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{CC2EE9E3-4A87-41E2-991A-EE15D0C0FCFB}
[2012/01/06 09:46:48 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{ED09061A-C65A-42F1-829C-01F9EB7DD0C6}
[2012/01/06 09:46:38 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{82078DB1-65A3-404B-BBC1-60BBD83864CA}
[2012/01/05 19:34:58 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{1B25A16F-72E8-4350-8BC3-BA329CABABF5}
[2012/01/05 19:34:47 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{30000E12-FA09-45F7-A4E9-04E6C6C2194B}
[2012/01/04 21:06:21 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{B021C7F2-2D62-47D4-9AEE-E706AB93C0D1}
[2012/01/04 21:06:10 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{9A0A76AD-57EB-48A2-83C2-0C62C9FECD3C}
[2012/01/04 20:23:37 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{CBBB913F-E253-4E00-8A62-DAE02CDC9880}
[2012/01/04 08:13:40 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{5F091480-FF5B-4C5B-996D-DDF1CC1F8354}
[2012/01/04 08:13:30 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{C4CF5D2F-ED79-43CB-8683-3A3EDA111F74}
[2012/01/03 13:23:07 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{5818C553-30DF-4395-A565-3161DC34DBB0}
[2012/01/03 13:22:45 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{4D9686BA-CFD6-47E9-A026-283FFBAB49B0}
[2012/01/02 20:35:01 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{DE679968-9140-4AC6-8B35-03C384533B1D}
[2012/01/02 20:34:51 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{47408A3C-378E-4BB8-BF63-3D368026CDE3}
[2012/01/02 15:01:48 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{FEBF1D62-25FC-4023-934A-0EA142EDF0C0}
[2012/01/01 21:33:30 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{6551E571-9337-4866-B2FB-CE05DD6BF8BF}
[2012/01/01 18:57:34 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{1C843F6B-F048-4F13-9160-3F541BBF19FC}
[2012/01/01 01:03:34 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{00D179E1-3949-4841-83DE-9C2405937BED}
[2012/01/01 01:03:24 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{DC14EBD6-DD54-4C2E-BC28-D9B67A3B7174}
[2011/12/31 13:03:09 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{1A6D012F-2A18-4A85-BC05-7F69063971E3}
[2011/12/31 13:02:59 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{D719D743-2204-4158-A750-6A4DF06321BB}
[2011/12/31 12:06:49 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{2B4B8541-6E5F-46E8-AE7B-E0809837E70B}
[2011/12/30 21:35:57 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{7D866306-95EC-4967-8527-5C15601C5360}
[2011/12/30 21:35:47 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{21A64A8A-5F72-40C0-BFFD-D3CFE3B7095C}
[2011/12/30 19:41:36 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{19574741-F369-4A70-91FF-0CA38309BD8D}
[2011/12/30 12:00:17 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{2A4C1F9B-FDA5-4F20-BBAA-934C07527BD9}
[2011/12/30 08:49:14 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{9CD28D9C-CC0A-4E49-91BB-7CF6D5CBCEE3}
[2011/12/29 12:46:50 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{B3192361-93B4-47BD-B28B-16892E94DA8A}
[2011/12/29 12:46:39 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{98248EC4-0810-4E4B-8198-9AC1F56E6D18}
[2011/12/28 22:59:20 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{9476983A-D075-4AEA-ACAB-F8DE8BBCEFEF}
[2011/12/28 22:59:10 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{7320947D-0FAA-46ED-B93C-81E8C07329DE}
[2011/12/28 10:28:42 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{99E46829-DF29-44D0-9376-5CB5A158CB84}
[2011/12/28 10:28:32 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{B59DB712-FAD7-4327-9C03-7ACEB4C8150A}
[2011/12/27 19:02:50 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{97E2A3C5-1CE4-4E3C-92B9-906A8EF78365}
[2011/12/27 19:02:39 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{8E75B063-1F1A-4907-9458-74BCF80C8110}
[2011/12/27 11:27:05 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{E3A27EFF-5E28-4B37-B067-719E534B816A}
[2011/12/26 17:05:45 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{49F81CAA-90E4-4648-848E-49FD0E2F4AB6}
[2011/12/26 17:05:35 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{5F1497A3-9F03-4204-9D3C-75D6A435DDEA}
[2011/12/25 08:41:37 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{52B2FB96-1AC3-40A7-9D88-27455684A2A8}
[2011/12/25 08:41:27 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{877E0857-C552-44CF-911C-9D2274121AFC}
[2011/12/24 11:02:58 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{24589CFD-59D0-4794-8B17-0172C9E32A1A}
[2011/12/24 11:02:48 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{FE066499-A557-4D0E-9326-1246DDBDA654}
[2011/12/23 17:05:15 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{9CDD207E-A313-481B-A6F3-4B00615CE739}
[2011/12/23 17:05:05 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{BBE31AF6-2F29-430B-B888-3BAB4A697662}
[2011/12/22 19:34:31 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{4A506178-225B-40A5-8A62-401E12D4A551}
[2011/12/22 19:34:21 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{A3B0910C-7DF2-424F-8448-316F3305E09B}
[2011/12/21 22:34:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2011/12/21 22:34:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vuze_Remote
[2011/12/21 19:23:46 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{94BB1324-8BD9-48DF-A874-969A19739913}
[2011/12/21 19:23:35 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{83950243-37EA-43E7-B41A-C90AFF5F8882}
[2011/12/20 19:26:26 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{43C82058-6000-45AB-9D17-593418869DCE}
[2011/12/20 19:26:15 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{E0B4AC08-31D1-4DB5-9FB0-BDA5C5869A1D}
[2011/12/19 18:50:40 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{7ACDA820-30E7-4551-A5C7-ED3F823A0A14}
[2011/12/19 18:50:30 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{8653DEC2-173D-46E4-A5B9-D962D76A8D66}
[2011/12/18 11:24:14 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{B8342445-2195-4300-8535-8CAA8019D906}
[2011/12/18 11:24:04 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{5094FBF3-DF70-44F3-8EDC-54BF9D6A2B9A}
[2011/12/18 10:45:54 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{6165D492-A0E5-49F7-9C93-C8FC9F62BE47}
[2011/12/18 10:45:44 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{62E0A1E6-69CA-43DC-A042-28443BA85126}
[2011/12/17 22:17:13 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{93B64A70-8191-4E9D-AF7A-7DF5DA9081AB}
[2011/12/17 22:17:02 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{0FBBCB6D-7F39-4EF6-B3CA-73C7336DC45A}
[2011/12/17 21:35:55 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{70C71BD2-023F-47BC-9BAE-91A070047E16}
[2011/12/17 21:35:44 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{E361ED2A-FD05-4BBE-9576-5193C0278866}
[2011/12/17 13:27:18 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{C7EF34DF-F20C-41A4-8389-8CEE51FFB0E2}
[2011/12/17 12:47:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/12/17 12:47:15 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/12/17 12:47:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011/12/17 12:47:15 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/12/17 12:13:10 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2011/12/17 12:12:52 | 000,361,472 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMLMA9.DLL
[2011/12/17 10:11:11 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{66BCCDAB-8A9C-411F-8252-B9AC8DC032EB}
[2011/12/17 10:11:01 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{F68A3D26-6DC5-4005-9270-0F3F219D35F5}
[2011/12/16 19:32:10 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{452A00BA-D4DC-40A6-B0AF-0B7ED7AABFF6}
[2011/12/16 19:32:00 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{20BCB905-BB89-4C83-9B9A-06F1751AE7FF}
[2011/12/15 19:46:59 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2011/12/15 19:46:47 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/12/15 19:46:47 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/12/15 19:46:47 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/12/15 19:46:47 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011/12/15 19:46:47 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/12/15 19:46:47 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/12/15 19:46:47 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/12/15 19:46:30 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011/12/15 19:46:30 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011/12/15 19:39:26 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{6F3581C0-FD25-48D3-9322-983E106FF0CF}
[2011/12/15 19:39:16 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{75D3F22D-2DBF-4BCF-B36B-CF1BCE406A03}
[2011/12/14 22:46:33 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{27A26DCA-E9CD-4488-B6BC-368EDCF23250}
[2011/12/14 10:19:00 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{EB6A4AE1-95A0-4720-AEC3-B6E7074EEA74}
[2011/12/14 10:18:50 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{0F45DB67-4AE2-4DCF-B36D-A52A1C80F85E}
[2011/12/13 21:56:24 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{DD7621A9-7F3D-405D-BF00-A45F64E14C88}
[2011/12/13 21:56:13 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{22CD161E-BFE8-4222-BABB-352A4634C43A}
[2011/12/13 08:02:06 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{D5766A73-4259-4BA3-B9F9-53F16F909BDE}
[2011/12/13 08:01:56 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{9C0366DC-F1C1-43A8-9535-79E81F417A80}
[2011/12/12 07:58:12 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{12644AAD-2CE8-497C-BA4F-82EE28CB6A37}
[2011/12/12 07:58:02 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{D585F99A-94DC-442E-8E95-89513B804BFB}
[2011/12/11 18:44:58 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{E83BBE81-730E-4715-BD1A-D94BA39AF2FA}
[2011/12/11 18:44:48 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{079AD391-42B4-4BC6-8E98-956251087F62}
[2011/12/11 14:34:37 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{7A5E7D42-B189-4796-81F6-2E529D534102}
[2011/12/10 19:38:42 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{F6EA5728-3958-4C36-A713-34371C80D640}
[2011/12/10 19:38:32 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\{871B0210-7957-4BB4-9693-C267640A234C}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/01/08 22:15:23 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Steven\Desktop\OTL.exe
[2012/01/08 22:10:55 | 001,578,288 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Steven\Desktop\tdsskiller.exe
[2012/01/08 21:22:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3868205673-4145250909-3193622130-1000UA.job
[2012/01/08 19:19:23 | 000,022,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/08 19:19:23 | 000,022,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/08 19:18:14 | 000,729,688 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/01/08 19:18:14 | 000,630,124 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/01/08 19:18:14 | 000,111,208 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/01/08 19:12:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/08 19:12:23 | 2077,904,895 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/07 17:22:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3868205673-4145250909-3193622130-1000Core.job
[2012/01/06 18:51:33 | 000,281,880 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/01/06 18:51:33 | 000,281,880 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/01/06 18:51:21 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012/01/05 20:54:35 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/01/04 23:02:47 | 000,001,463 | ---- | M] () -- C:\Users\Steven\.recently-used.xbel
[2011/12/21 22:35:33 | 000,001,858 | ---- | M] () -- C:\Users\Steven\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2011/12/16 18:11:23 | 000,322,144 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/12/10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/01/04 23:02:47 | 000,001,463 | ---- | C] () -- C:\Users\Steven\.recently-used.xbel
[2011/11/06 11:34:02 | 000,135,252 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/09/29 17:28:54 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2011/09/28 23:22:51 | 000,000,000 | ---- | C] () -- C:\Windows\HMHud.INI
[2011/09/27 20:16:07 | 000,281,880 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/09/27 20:16:06 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/09/27 20:16:05 | 003,360,624 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011/09/23 16:11:07 | 000,722,382 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/09/22 12:29:58 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011/09/22 10:40:10 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011/09/22 10:40:09 | 013,359,616 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/09/22 10:40:09 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/09/22 10:40:09 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/09/22 10:40:09 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2009/07/14 16:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 13:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 13:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 11:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 10:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/14 08:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/11 08:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
========== Custom Scans ==========
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\*.exe /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\system32\drivers\*.sys >
[2009/07/14 12:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\wimmount.sys
< %systemroot%\system32\drivers\*.dll >
< %systemroot%\system32\drivers\*.ini >
< %systemroot%\system32\drivers\*.exe >
< %SYSTEMDRIVE%\*.* >
[2012/01/08 19:12:23 | 2077,904,895 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/03 08:26:45 | 000,000,332 | ---- | M] () -- C:\lucid.log
[2012/01/08 19:12:25 | 4202,196,991 | -HS- | M] () -- C:\pagefile.sys
[2012/01/06 19:27:42 | 000,144,290 | ---- | M] () -- C:\shared.log
[2012/01/08 22:14:43 | 000,076,782 | ---- | M] () -- C:\TDSSKiller.2.6.25.0_08.01.2012_22.11.46_log.txt
< %PROGRAMFILES%\*. >
[2011/10/03 11:27:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\7-Zip
[2011/09/23 18:06:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Allway Sync
[2011/09/23 16:04:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update
[2011/09/22 10:42:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ASM104xUSB3
[2011/09/28 08:22:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ASUS
[2011/12/24 11:19:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Battlelog Web Plugins
[2011/10/26 17:05:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bonjour
[2011/09/29 17:00:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Canon
[2011/10/27 19:43:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2011/12/21 22:34:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Conduit
[2011/09/29 17:18:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Electronic Arts
[2011/10/18 09:46:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Geeks3D
[2011/09/29 23:33:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\GIMP-2.0
[2011/09/23 22:43:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\In The Money
[2011/11/03 08:43:51 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2011/09/22 10:41:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel
[2011/12/16 18:10:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2011/12/17 12:47:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\iTunes
[2011/10/26 17:22:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
[2011/09/23 21:43:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\KeePass Password Safe
[2012/01/08 21:33:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/09/23 16:10:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2011/09/29 19:33:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Security Client
[2011/09/24 11:24:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2011/09/23 16:10:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio
[2011/09/23 16:49:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Works
[2011/10/27 19:02:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2009/07/14 16:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2011/11/03 18:35:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NVIDIA Corporation
[2011/09/23 18:47:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\OpenOffice.org 3
[2011/11/11 08:05:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Origin
[2011/10/27 19:14:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Origin Games
[2011/09/29 16:51:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PC Drivers HeadQuarters
[2011/11/29 21:17:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PokerStars
[2011/09/25 19:35:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PostgreSQL
[2011/09/26 07:46:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PSQLINSTALL
[2011/11/12 12:42:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\QuickTime
[2011/09/22 10:41:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek
[2009/07/14 16:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2011/09/26 07:43:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\RVG Software
[2011/09/26 21:31:13 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Skype
[2011/09/29 09:26:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Steam
[2012/01/08 20:13:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SteamNew
[2011/09/23 16:02:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SumatraPDF
[2011/09/25 14:42:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SystemRequirementsLab
[2011/09/26 21:32:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\TeamViewer
[2011/09/22 10:41:04 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp
[2009/07/14 15:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2012/01/07 11:24:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Vuze
[2011/12/21 22:34:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Vuze_Remote
[2010/11/21 18:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2011/09/24 11:24:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2010/11/21 18:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2010/11/21 18:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2009/07/14 16:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2010/11/21 18:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2010/11/21 14:31:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2010/11/21 18:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
< MD5 for: ATAPI.SYS >
[2009/07/14 12:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 12:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\ms hdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 12:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35 _6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: EXPLORER.EXE >
[2011/02/26 16:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87 e574ddfe652d\explorer.exe
[2011/02/25 17:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 17:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa7 9dc39081d0ba\explorer.exe
[2011/02/26 17:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b033 3b22a99da332\explorer.exe
[2010/11/21 14:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f 56d3c4bcbafb\explorer.exe
[2011/02/25 16:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 16:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc 4815c4e292b5\explorer.exe
[2010/11/21 14:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afda ac81905bf900\explorer.exe
< MD5 for: USERINIT.EXE >
[2010/11/21 14:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 14:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de30 24012ff21116\userinit.exe
[2010/11/21 14:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 14:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4e bf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010/11/21 14:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/21 14:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde9 0685eb910636\winlogon.exe
[2011/12/24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
< End of report >
EXTRAS log:
OTL Extras logfile created on: 8/01/2012 10:16:04 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Steven\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000c09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
7.91 Gb Total Physical Memory | 5.97 Gb Available Physical Memory | 75.38% Memory free
15.83 Gb Paging File | 13.74 Gb Available in Paging File | 86.81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119.14 Gb Total Space | 5.13 Gb Free Space | 4.31% Space Free | Partition Type: NTFS
Drive E: | 931.51 Gb Total Space | 745.27 Gb Free Space | 80.01% Space Free | Partition Type: NTFS
Computer Name: STEVEN-PC | User Name: Steven | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\PublicPr ofile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile\AuthorizedApplications\List]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp 1.0 RC2
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{42738DB0-FC3E-4672-A99B-9372F5696E30}" = Microsoft Security Client
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 285.38
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 285.38
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 285.38
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 285.38
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.2.24.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D66F0C3C-24F2-4463-9E2F-4381E5C40A26}" = iTunes
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"ASRock App Charger_is1" = ASRock App Charger v1.0.4
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.58
"Defraggler" = Defraggler
"HoldemManager" = Holdem Manager
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"VIRTU_is1" = VIRTU 1.2.104
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0A3A9522-EFA2-4C56-9138-101692C2A130}" = System Requirements Lab
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A1FA4C1-2701-401C-8CE1-FDDE45304FF5}" = ASUS nVidia Driver
"{1E58B969-9BB4-4012-8D8B-D06005D1CD24}" = TP-LINK Wireless Client Utility
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1" = Geeks3D.com FurMark 1.9.1
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 29
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3839C2FF-2CD0-4601-91A8-B1E40A9BE8A8}" = Driver Detective
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_STANDARDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_STANDARDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_STANDARDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_STANDARDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_STANDARDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_STANDARDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_STANDARDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_STANDARDR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_STANDARDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_STANDARDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_STANDARDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_STANDARDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Click to Call with Skype
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"7-Zip" = 7-Zip 9.20
"8461-7759-5462-8226" = Vuze
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Allway Sync_is1" = Allway Sync version 11.4.0
"Battlelog Web Plugins" = Battlelog Web Plugins
"ESN Sonar-0.70.4" = ESN Sonar
"KeePass Password Safe_is1" = KeePass Password Safe 1.20
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.0.1800
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"PokerStars" = PokerStars
"PostgreSQL 8.4" = PostgreSQL 8.4
"PunkBusterSvc" = PunkBuster Services
"SitNGoWizard" = SitNGo Wizard
"STANDARDR" = Microsoft Office Standard 2007
"Steam App 42680" = Call of Duty: Modern Warfare 3
"Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 42750" = Call of Duty: Modern Warfare 3 - Dedicated Server
"SumatraPDF" = SumatraPDF
"Vuze_Remote Toolbar" = Vuze Remote Toolbar
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Uninstall]
"Flux" = F.lux
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 7/01/2012 6:55:20 AM | Computer Name = Steven-PC | Source = PostgreSQL | ID = 0
Description = 2012-01-07 21:55:20 ESTERROR: duplicate key value violates unique
constraint "uniqueserial" 2012-01-07 21:55:20 ESTSTATEMENT: EXECUTE PKHEXECUTE(73373723327,2,to_timestamp('01/06/2012
05:53:04','MM/DD/YYYY HH24:MI:SS'),1312,2,8,2,2,2,2,8,37,46,34,39,30,375 00,0,19500,19500,37500,37500,0,0,0,2,3,False,4,0,0 ,0,11,13,13,-1,4,-1,0);
select currval('pokerhands_pokerhand_id_seq')
Error - 7/01/2012 6:55:20 AM | Computer Name = Steven-PC | Source = PostgreSQL | ID = 0
Description = 2012-01-07 21:55:20 ESTERROR: duplicate key value violates unique
constraint "uniqueserial" 2012-01-07 21:55:20 ESTSTATEMENT: EXECUTE PKHEXECUTE(73373749320,2,to_timestamp('01/06/2012
05:53:59','MM/DD/YYYY HH24:MI:SS'),1312,2,8,2,2,2,2,1,12,16,44,47,40,306 000,0,309000,309000,309000,309000,0,0,0,1,2,False, 3,0,0,0,12,12,14,2,5,2,0);
select currval('pokerhands_pokerhand_id_seq')
Error - 7/01/2012 6:55:20 AM | Computer Name = Steven-PC | Source = PostgreSQL | ID = 0
Description = 2012-01-07 21:55:20 ESTERROR: duplicate key value violates unique
constraint "uniqueserial" 2012-01-07 21:55:20 ESTSTATEMENT: EXECUTE PKHEXECUTE(73373770799,2,to_timestamp('01/06/2012
05:54:45','MM/DD/YYYY HH24:MI:SS'),1312,2,8,0,0,0,0,2,0,0,0,0,0,19500,0, 19500,0,0,0,-1,-1,-1,-1,-1,False,-1,0,0,0,-1,-1,-1,-1,2,3,0);
select currval('pokerhands_pokerhand_id_seq')
Error - 7/01/2012 6:55:20 AM | Computer Name = Steven-PC | Source = PostgreSQL | ID = 0
Description = 2012-01-07 21:55:20 ESTERROR: duplicate key value violates unique
constraint "uniqueserial" 2012-01-07 21:55:20 ESTSTATEMENT: EXECUTE PKHEXECUTE(73373788658,2,to_timestamp('01/06/2012
05:55:26','MM/DD/YYYY HH24:MI:SS'),1312,2,8,2,0,0,0,3,24,32,3,0,0,19500, 0,19500,0,0,0,0,-1,-1,1,-1,False,-1,0,0,0,11,-1,-1,-1,4,-1,0);
select currval('pokerhands_pokerhand_id_seq')
Error - 7/01/2012 6:55:20 AM | Computer Name = Steven-PC | Source = PostgreSQL | ID = 0
Description = 2012-01-07 21:55:20 ESTERROR: duplicate key value violates unique
constraint "uniqueserial" 2012-01-07 21:55:20 ESTSTATEMENT: EXECUTE PKHEXECUTE(73373802983,2,to_timestamp('01/06/2012
05:56:03','MM/DD/YYYY HH24:MI:SS'),1312,2,8,3,3,2,0,4,26,19,41,31,40,605 00,0,28500,28500,60500,0,0,0,0,2,2,False,2,0,0,0,1 3,13,14,-1,3,-1,0);
select currval('pokerhands_pokerhand_id_seq')
Error - 7/01/2012 6:55:20 AM | Computer Name = Steven-PC | Source = PostgreSQL | ID = 0
Description = 2012-01-07 21:55:20 ESTERROR: duplicate key value violates unique
constraint "uniqueserial" 2012-01-07 21:55:20 ESTSTATEMENT: EXECUTE PKHEXECUTE(73373833311,2,to_timestamp('01/06/2012
05:57:22','MM/DD/YYYY HH24:MI:SS'),1312,2,8,3,2,2,2,5,14,13,19,44,22,570 00,0,27000,57000,57000,57000,0,0,0,2,2,False,3,0,0 ,0,14,14,14,-1,3,-1,0);
select currval('pokerhands_pokerhand_id_seq')
Error - 7/01/2012 6:55:20 AM | Computer Name = Steven-PC | Source = PostgreSQL | ID = 0
Description = 2012-01-07 21:55:20 ESTERROR: duplicate key value violates unique
constraint "uniqueserial" 2012-01-07 21:55:20 ESTSTATEMENT: EXECUTE PKHEXECUTE(73373854525,2,to_timestamp('01/06/2012
05:58:16','MM/DD/YYYY HH24:MI:SS'),1312,10,8,2,2,0,0,6,12,7,40,41,0,5250 0,0,22500,52500,0,0,0,0,-1,2,2,True,-1,0,0,0,14,14,-1,-1,4,-1,0);
select currval('pokerhands_pokerhand_id_seq')
Error - 7/01/2012 6:55:20 AM | Computer Name = Steven-PC | Source = PostgreSQL | ID = 0
Description = 2012-01-07 21:55:20 ESTERROR: duplicate key value violates unique
constraint "uniqueserial" 2012-01-07 21:55:20 ESTSTATEMENT: EXECUTE PKHEXECUTE(73373872402,2,to_timestamp('01/06/2012
05:59:02','MM/DD/YYYY HH24:MI:SS'),1312,10,8,0,0,0,0,7,0,0,0,0,0,12500,0 ,12500,0,0,0,-1,-1,-1,-1,-1,False,-1,0,0,0,-1,-1,-1,-1,5,-1,0);
select currval('pokerhands_pokerhand_id_seq')
Error - 7/01/2012 9:30:16 AM | Computer Name = Steven-PC | Source = SideBySide | ID = 16842824
Description = Activation context generation failed for "c:\program files\microsoft
security client\MSESysprep.dll".Error in manifest or policy file "c:\program files\microsoft
security client\MSESysprep.dll" on line 10. The element imaging appears as a child
of element urn:schemas-microsoft-com:asm.v1^assembly which is not supported by
this version of Windows.
Error - 8/01/2012 4:14:17 AM | Computer Name = Steven-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 16/11/2011 3:12:33 PM | Computer Name = Steven-PC | Source = Service Control Manager | ID = 7032
Description = The Service Control Manager tried to take a corrective action (Restart
the service) after the unexpected termination of the Apple Mobile Device service,
but this action failed with the following error: %%1056
Error - 20/11/2011 4:00:16 AM | Computer Name = Steven-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Steam
Client Service service to connect.
Error - 20/11/2011 4:00:16 AM | Computer Name = Steven-PC | Source = Service Control Manager | ID = 7000
Description = The Steam Client Service service failed to start due to the following
error: %%1053
Error - 12/12/2011 4:50:59 AM | Computer Name = Steven-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 7:50:23 PM on ?12/?12/?2011 was unexpected.
Error - 12/12/2011 5:02:01 AM | Computer Name = Steven-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.117.797.0 Update Source: %%859 Update Stage:
%%852 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803
User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error
code: 0x80072efe Error description: The connection with the server was terminated
abnormally
Error - 12/12/2011 6:13:19 AM | Computer Name = Steven-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Steam
Client Service service to connect.
Error - 12/12/2011 6:13:19 AM | Computer Name = Steven-PC | Source = Service Control Manager | ID = 7000
Description = The Steam Client Service service failed to start due to the following
error: %%1053
Error - 16/12/2011 3:11:25 AM | Computer Name = Steven-PC | Source = Microsoft Antimalware | ID = 3002
Description = %%860 Real-Time Protection feature has encountered an error and failed.
Feature:
%%835 Error Code: 0x80004005 Error description: Unspecified error Reason: %%842
Error - 6/01/2012 7:31:38 AM | Computer Name = Steven-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Steam
Client Service service to connect.
Error - 6/01/2012 7:31:38 AM | Computer Name = Steven-PC | Source = Service Control Manager | ID = 7000
Description = The Steam Client Service service failed to start due to the following
error: %%1053
< End of report >
01-08-2012
, 07:33 AM
That looks clean to me 
You ought the check out this folder:
C:\Users\Steven\AppData\Local
and get rid of all those crap folders {}
Also uninstall java update 29 and install java update 30.
You ought the check out this folder:
C:\Users\Steven\AppData\Local
and get rid of all those crap folders {}
Also uninstall java update 29 and install java update 30.