GoGoMonica
-
Posts
11 -
Joined
-
Last visited
GoGoMonica's Achievements
Newbie (1/14)
0
Reputation
-
From the log: All processes killed ========== OTL ========== 64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\FAStartup deleted successfully. Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found. 64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7b619fff-0061-11e1-8764-bc7737134f1f}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7b619fff-0061-11e1-8764-bc7737134f1f}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7b619fff-0061-11e1-8764-bc7737134f1f}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7b619fff-0061-11e1-8764-bc7737134f1f}\ not found. File F:\autorun1.exe not found. ========== FILES ========== File\Folder C:\Program Files (x86)\Hotspot Shield not found. C:\Program Files (x86)\IObit\Advanced SystemCare 6\Update folder moved successfully. C:\Program Files (x86)\IObit\Advanced SystemCare 6\Toolbox_Download folder moved successfully. C:\Program Files (x86)\IObit\Advanced SystemCare 6\SecurityHole_Backup folder moved successfully. C:\Program Files (x86)\IObit\Advanced SystemCare 6\LatestNews folder moved successfully. C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\images folder moved successfully. C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect folder moved successfully. C:\Program Files (x86)\IObit\Advanced SystemCare 6\BootTimeLog folder moved successfully. C:\Program Files (x86)\IObit\Advanced SystemCare 6 folder moved successfully. C:\Program Files (x86)\IObit\Advanced SystemCare 5\Update folder moved successfully. C:\Program Files (x86)\IObit\Advanced SystemCare 5\SecurityHole_Backup folder moved successfully. C:\Program Files (x86)\IObit\Advanced SystemCare 5\LatestNews folder moved successfully. C:\Program Files (x86)\IObit\Advanced SystemCare 5\BootTimeLog folder moved successfully. C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog folder moved successfully. C:\Program Files (x86)\IObit\Advanced SystemCare 5 folder moved successfully. C:\Program Files (x86)\IObit folder moved successfully. < ipconfig /flushdns /c > Windows IP Configuration Successfully flushed the DNS Resolver Cache. C:\Users\Dell\Downloads\Programs\cmd.bat deleted successfully. C:\Users\Dell\Downloads\Programs\cmd.txt deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: Administrator User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 56466 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Dell ->Temp folder emptied: 493482 bytes ->Temporary Internet Files folder emptied: 1655221 bytes ->Java cache emptied: 991317 bytes ->FireFox cache emptied: 201351485 bytes ->Google Chrome cache emptied: 71228341 bytes ->Flash cache emptied: 57400 bytes User: Guest User: Guest.Dell-PC ->Temp folder emptied: 1237023 bytes ->Temporary Internet Files folder emptied: 64151491 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 272631451 bytes ->Flash cache emptied: 3059 bytes User: HomeGroupUser$ User: Public User: UpdatusUser ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 56466 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 200704 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 3432046 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50327 bytes RecycleBin emptied: 428121753 bytes Total Files Cleaned = 997.00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.69.0 log created on 02102013_120723 Files\Folders moved on Reboot... C:\Users\Dell\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. C:\Users\Dell\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot. Well. the different is not that noticeable. the long black screen before login page is still persist.
-
sry, i dont mean to bump the thread :) i got this from the CheckSUR.log. Not sure if it will be of any help though.. ================================= Checking System Update Readiness. Binary Version 6.1.7601.21645 Package Version 17.0 2013-02-09 14:43 Checking Windows Servicing Packages Checking Package Manifests and Catalogs (f) CBS MUM Corrupt 0x00000000 servicing\Packages\Microsoft-Windows-IE-Hyphenation-Parent-Package-English~31bf3856ad364e35~~~10.2.9200.16437.mum Expected file name Microsoft-Windows-IE-Hyphenation-Parent-Package-English~31bf3856ad364e35~neutral~~10.2.9200.16437.mum does not match the actual file name (f) CBS MUM Corrupt 0x00000000 servicing\Packages\Microsoft-Windows-IE-Spelling-Parent-Package-English~31bf3856ad364e35~~~10.2.9200.16437.mum Expected file name Microsoft-Windows-IE-Spelling-Parent-Package-English~31bf3856ad364e35~neutral~~10.2.9200.16437.mum does not match the actual file name Checking Package Watchlist Checking Component Watchlist Checking Packages Checking Component Store Summary: Seconds executed: 950 Found 2 errors CBS MUM Corrupt Total count: 2 Unavailable repair files: servicing\packages\Microsoft-Windows-IE-Hyphenation-Parent-Package-English~31bf3856ad364e35~~~10.2.9200.16437.mum servicing\packages\Microsoft-Windows-IE-Spelling-Parent-Package-English~31bf3856ad364e35~~~10.2.9200.16437.mum servicing\packages\Microsoft-Windows-IE-Hyphenation-Parent-Package-English~31bf3856ad364e35~~~10.2.9200.16437.cat servicing\packages\Microsoft-Windows-IE-Spelling-Parent-Package-English~31bf3856ad364e35~~~10.2.9200.16437.cat
-
and thats it. no 2nd log (extra.txt) like before~~
-
from OTL.txt OTL logfile created on: 2/9/2013 1:25:33 PM - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dell\Downloads\Programs 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16438) Locale: 00000409 | Country: Malaysia | Language: ENM | Date Format: d/M/yyyy 7.91 Gb Total Physical Memory | 5.23 Gb Available Physical Memory | 66.09% Memory free 15.82 Gb Paging File | 12.93 Gb Available in Paging File | 81.76% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 227.02 Gb Total Space | 41.62 Gb Free Space | 18.33% Space Free | Partition Type: NTFS Drive E: | 223.99 Gb Total Space | 6.53 Gb Free Space | 2.92% Space Free | Partition Type: NTFS Computer Name: DELL-PC | User Name: Dell | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Dell\Downloads\Programs\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.) PRC - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe (Giraffic) PRC - C:\Program Files (x86)\Giraffic\Veoh_Giraffic.exe (Giraffic) PRC - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe (Pandora.TV) PRC - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe (Intel Corporation) PRC - C:\Program Files (x86)\Seagate\DriveSettings\Sync\SeagateDriveSettingsService.exe (Seagate Technology LLC) PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe (Sensible Vision ) PRC - C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe (Sensible Vision ) PRC - C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe (Sensible Vision ) PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe (SoftThinks SAS) PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe () PRC - C:\Program Files (x86)\Celcom Broadband\AssistantServices.exe () PRC - C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (Tonec Inc.) PRC - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Garena Plus\ggspawn.dll () MOD - C:\Users\Dell\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll () MOD - C:\Users\Dell\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll () MOD - C:\Users\Dell\AppData\Local\Google\Chrome\Application\24.0.1312.57\libglesv2.dll () MOD - C:\Users\Dell\AppData\Local\Google\Chrome\Application\24.0.1312.57\libegl.dll () MOD - C:\Users\Dell\AppData\Local\Google\Chrome\Application\24.0.1312.57\ffmpegsumo.dll () MOD - C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll () MOD - C:\Windows\SysWOW64\FAIEExtension.dll () MOD - C:\Windows\SysWOW64\FAib.dll () MOD - C:\Windows\SysWOW64\FACrashRpt.dll () MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll () MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll () MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll () MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll () MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll () MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll () MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\libxml2.dll () MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe () MOD - C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll () MOD - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF () ========== Services (SafeList) ========== SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com) SRV:64bit: - (STacSV) -- C:\Program Files\IDT\WDM\stacsv64.exe (IDT, Inc.) SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel® Corporation) SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe () SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation) SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel® Corporation) SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV:64bit: - (AESTFilters) -- C:\Program Files\IDT\WDM\AESTSr64.exe (Andrea Electronics Corporation) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) SRV - (avgfws) -- C:\Program Files (x86)\AVG\AVG2013\avgfws.exe (AVG Technologies CZ, s.r.o.) SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.) SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (Giraffic) -- C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe (Giraffic) SRV - (PanService) -- C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe (Pandora.TV) SRV - (Bluetooth OBEX Service) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation) SRV - (Bluetooth Media Service) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation) SRV - (Bluetooth Device Monitor) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation) SRV - (Autodesk Licensing Service) -- C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe (Autodesk) SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.) SRV - (Sony Ericsson PCCompanion) -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe (Avanquest Software) SRV - (FreeAgentGoFlex Service) -- C:\Program Files (x86)\Seagate\DriveSettings\Sync\SeagateDriveSettingsService.exe (Seagate Technology LLC) SRV - (RoxWatch12) -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe (Sonic Solutions) SRV - (RoxMediaDB12OEM) -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe (Sonic Solutions) SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (FAService) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe (Sensible Vision ) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (NOBU) -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe (Dell, Inc.) SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe (SoftThinks SAS) SRV - (UI Assistant Service) -- C:\Program Files (x86)\Celcom Broadband\AssistantServices.exe () SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (YahooAUService) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.) ========== Driver Services (SafeList) ========== DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys (AVG Technologies CZ, s.r.o. ) DRV:64bit: - (AVGIDSHA) -- C:\Windows\SysNative\drivers\avgidsha.sys (AVG Technologies CZ, s.r.o. ) DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation) DRV:64bit: - (nvkflt) -- C:\Windows\SysNative\drivers\nvkflt.sys (NVIDIA Corporation) DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (IDMWFP) -- C:\Windows\SysNative\drivers\idmwfp.sys (Tonec Inc.) DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (Avgloga) -- C:\Windows\SysNative\drivers\avgloga.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (Avgfwfd) -- C:\Windows\SysNative\drivers\avgfwd6a.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(http://www.devguru.co.kr)) DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(http://www.devguru.co.kr)) DRV:64bit: - (iBtFltCoex) -- C:\Windows\SysNative\drivers\iBtFltCoex.sys (Intel Corporation) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (btmhsf) -- C:\Windows\SysNative\drivers\btmhsf.sys (Intel Corporation) DRV:64bit: - (btmaux) -- C:\Windows\SysNative\drivers\btmaux.sys (Intel Corporation) DRV:64bit: - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV:64bit: - (RimVSerPort) -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys (Research in Motion Ltd) DRV:64bit: - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.) DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation) DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG) DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation) DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation) DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV:64bit: - (wdkmd) -- C:\Windows\SysNative\drivers\WDKMD.sys (Intel Corporation) DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys (Intel® Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (CtClsFlt) -- C:\Windows\SysNative\drivers\CtClsFlt.sys (Creative Technology Ltd.) DRV:64bit: - (ivusb) -- C:\Windows\SysNative\drivers\ivusb.sys (Initio Corporation) DRV:64bit: - (massfilter) -- C:\Windows\SysNative\drivers\massfilter.sys (MBB Incorporated) DRV:64bit: - (ZTEusbser6k) -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys (ZTE Incorporated) DRV:64bit: - (ZTEusbnmea) -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys (ZTE Incorporated) DRV:64bit: - (ZTEusbmdm6k) -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys (ZTE Incorporated) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (taphss) -- C:\Windows\SysNative\drivers\taphss.sys (AnchorFree Inc) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (ROOTMODEM) -- C:\Windows\SysNative\drivers\rootmdm.sys (Microsoft Corporation) DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (mcdbus) -- C:\Windows\SysNative\drivers\mcdbus.sys (MagicISO, Inc.) DRV:64bit: - (s0017unic) -- C:\Windows\SysNative\drivers\s0017unic.sys (MCCI Corporation) DRV:64bit: - (s0017obex) -- C:\Windows\SysNative\drivers\s0017obex.sys (MCCI Corporation) DRV:64bit: - (s0017nd5) -- C:\Windows\SysNative\drivers\s0017nd5.sys (MCCI Corporation) DRV:64bit: - (s0017mdm) -- C:\Windows\SysNative\drivers\s0017mdm.sys (MCCI Corporation) DRV:64bit: - (s0017mgmt) -- C:\Windows\SysNative\drivers\s0017mgmt.sys (MCCI Corporation) DRV:64bit: - (s0017mdfl) -- C:\Windows\SysNative\drivers\s0017mdfl.sys (MCCI Corporation) DRV:64bit: - (s0017bus) -- C:\Windows\SysNative\drivers\s0017bus.sys (MCCI Corporation) DRV:64bit: - (FACAP) -- C:\Windows\SysNative\drivers\facap.sys (Sensible Vision ) DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation) DRV - (windrvNT) -- C:\Windows\SysWOW64\windrvNT.sys () DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultNetworkProfile = 19156277 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.my/ IE - HKCU\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - No CLSID value found IE - HKCU\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {32919C6B-F0E6-4090-9DCC-0FDD7E058B6F} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKCU\..\SearchScopes\{32919C6B-F0E6-4090-9DCC-0FDD7E058B6F}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={C8168158-3418-4A6F-B72D-09091E1F89AE}&mid=d0221718f89047d0819e6d3e71f7a6ec-93a10a9967e522c238f09cb0b1f5d9bf2afdd182&lang=en&ds=is015&pr=sa&d=2012-07-05 19:09:41&v=11.1.0.12&sap=dsp&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandora.tv/npmini,version=1.0: C:\Program Files (x86)\PANDORA.TV\Launcher\npmini.dll (pandora.tv) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Dell\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Dell\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Dell\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll (Facebook, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fassoxpcom@sensiblevision.com: C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso\ [2011/03/15 05:06:39 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/01/16 20:47:27 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/01/25 15:30:28 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\wcapturex@deskperience.com: C:\Program Files (x86)\WordWeb\WCaptureMoz [2011/11/09 19:05:45 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Dell\AppData\Roaming\IDM\idmmzcc5 [2012/11/10 23:39:40 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Dell\AppData\Roaming\IDM\idmmzcc5 [2012/11/10 23:39:40 | 000,000,000 | ---D | M] [2013/02/08 19:13:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dell\AppData\Roaming\mozilla\Extensions [2012/10/17 15:01:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012/07/25 18:07:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012/09/05 13:10:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012/10/17 15:01:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2013/01/16 20:47:27 | 000,262,704 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012/07/05 19:09:32 | 000,003,750 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml [2012/09/13 15:40:38 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2013/01/16 20:28:35 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml ========== Chrome ========== CHR - homepage: http://www.google.com.my/ CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}, CHR - homepage: http://www.google.com.my/ CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Dell\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Dell\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Dell\AppData\Local\Google\Chrome\Application\24.0.1312.57\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Dell\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll CHR - plugin: Java Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: mini execute plugin (Enabled) = C:\Program Files (x86)\PANDORA.TV\Launcher\npmini.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Facebook Desktop (Enabled) = C:\Users\Dell\AppData\Local\Facebook\Messenger\2.0.4517.0\npFbDesktopPlugin.dll CHR - plugin: Google Update (Enabled) = C:\Users\Dell\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - Extension: YouTube = C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\ CHR - Extension: VKontakte.ru Downloader = C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\cenmhkmhodnigfjgefjpclkoidioipji\0.2.2.7_0\ CHR - Extension: Adblock Plus = C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.4_0\ CHR - Extension: Tampermonkey = C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo\2.11.3062_0\ CHR - Extension: Session Buddy = C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko\3.1.4_0\ CHR - Extension: IDM Integration = C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.14.4_0\ CHR - Extension: Reload All Tabs = C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpkdnfkjhdkcpimadpdcgapffceacjem\1.2.11_0\ CHR - Extension: Google Mail Checker = C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\ CHR - Extension: Yahoo Mail Widget = C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\opeeoaeaoifnbgnigifffgcmfcfimijl\1.8.5_0\ CHR - Extension: Marc Ecko = C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\opjonmehjfmkejjifhhknofdnacklmjk\2_0\ O1 HOSTS File: ([2012/02/11 12:20:52 | 000,000,858 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 173.212.255.178 ad.garenanow.com O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.) O2:64bit: - BHO: (SSOIEAddonBHO Class) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll (Sensible Vision ) O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\hssie\HssIE_64.dll File not found O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.) O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (SSOIEAddonBHO Class) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll (Sensible Vision ) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found. O4:64bit: - HKLM..\Run: [bLEServicesCtrl] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [bTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation) O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [FAStartup] File not found O4 - HKLM..\Run: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe (Sensible Vision ) O4 - HKCU..\Run: [iDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.) O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe (Softthinks) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm () O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm () O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm () O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm () O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: dell.com ([]* in Trusted sites) O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Reg Error: Key error.) O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {682C59F5-478C-4421-9070-AD170D143B77} http://www.dell.com/support/troubleshooting/Content/Ode/pcd86.cab (Launcher Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} http://xserv.dell.com/DellDriverScanner/DellSystem.CAB (DellSystem.Scanner) O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{56B38CFA-DCB1-459C-82B7-D102964AA3EC}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{56B38CFA-DCB1-459C-82B7-D102964AA3EC}: NameServer = 8.8.8.8,8.8.4.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C551F905-4ED9-411A-9628-72188B93FEAF}: NameServer = 202.188.0.133,202.188.1.5 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O20 - Winlogon\Notify\FastAccess: DllName - (C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll) - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll () O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{7b619fff-0061-11e1-8764-bc7737134f1f}\Shell - "" = AutoRun O33 - MountPoints2\{7b619fff-0061-11e1-8764-bc7737134f1f}\Shell\AutoRun\command - "" = F:\autorun1.exe O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013/04/13 11:12:44 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll [2013/04/13 11:12:44 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll [2013/04/13 11:12:44 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll [2013/04/13 11:12:44 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe [2013/04/13 11:12:44 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe [2013/04/13 11:12:44 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe [2013/04/13 11:12:44 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll [2013/04/13 11:12:44 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll [2013/04/13 11:12:44 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll [2013/04/13 11:12:44 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll [2013/04/13 11:12:44 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll [2013/04/13 11:12:44 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe [2013/04/13 11:12:44 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys [2013/04/13 11:12:44 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll [2013/04/13 11:12:44 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll [2013/04/13 11:12:44 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll [2013/04/13 11:12:44 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll [2013/04/13 11:12:44 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll [2013/04/13 11:12:44 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys [2013/04/13 11:12:44 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll [2013/04/13 11:12:44 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll [2013/04/13 11:12:44 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll [2013/04/13 11:12:44 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll [2013/04/13 11:12:44 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe [2013/04/13 11:12:08 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2013/04/11 14:16:55 | 000,000,000 | ---D | C] -- C:\Users\Dell\Desktop\SygicMapAura [2013/02/09 12:57:20 | 000,000,000 | ---D | C] -- C:\Users\Dell\AppData\Local\MediaMonkey [2013/02/09 12:57:13 | 000,000,000 | ---D | C] -- C:\Users\Dell\AppData\Roaming\MediaMonkey [2013/02/09 12:57:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey [2013/02/09 12:57:09 | 000,000,000 | ---D | C] -- C:\ProgramData\MediaMonkey [2013/02/09 12:57:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MediaMonkey [2013/02/08 20:55:16 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro [2013/02/08 20:25:34 | 000,000,000 | ---D | C] -- C:\Users\Dell\Desktop\New folder [2013/02/08 19:13:10 | 000,000,000 | ---D | C] -- C:\Users\Dell\AppData\Roaming\Mozilla [2013/02/06 22:26:39 | 000,000,000 | ---D | C] -- C:\Users\Dell\AppData\Roaming\AVG2013 [2013/02/06 21:28:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG [2013/02/06 21:26:15 | 000,000,000 | -H-D | C] -- C:\$AVG [2013/02/06 21:26:15 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013 [2013/02/06 21:25:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG [2013/02/06 21:06:32 | 000,000,000 | ---D | C] -- C:\Users\Dell\AppData\Local\MFAData [2013/02/06 21:06:32 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData [2013/02/06 21:06:32 | 000,000,000 | ---D | C] -- C:\Users\Dell\AppData\Local\Avg2013 [2013/02/02 19:04:20 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur [2013/02/02 17:19:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2013/01/25 15:33:00 | 000,000,000 | ---D | C] -- C:\Users\Dell\Documents\Biomed Sem 1 [2013/01/21 14:35:05 | 000,000,000 | ---D | C] -- C:\GarenaDownload [2013/01/17 15:47:30 | 000,000,000 | ---D | C] -- C:\Users\Dell\Desktop\Aura [2013/01/17 15:47:22 | 000,000,000 | ---D | C] -- C:\Users\Dell\DesktopAura [2013/01/17 14:27:12 | 000,000,000 | ---D | C] -- C:\Users\Dell\AppData\Local\CRE [2013/01/17 03:02:29 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2013/01/17 03:02:29 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2013/01/17 03:02:29 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2013/01/17 03:02:28 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2013/01/17 01:05:56 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2013/01/17 01:05:56 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll [2013/01/17 01:04:48 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll [2013/01/17 01:04:48 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll [2013/01/17 01:04:48 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2013/01/17 01:04:47 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll [2013/01/17 01:04:42 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs [2013/01/17 01:04:42 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs [2013/01/17 01:04:41 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs [2013/01/17 01:04:41 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs [2013/01/17 01:04:40 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs [2013/01/17 01:04:40 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs [2013/01/17 01:04:40 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs [2013/01/17 01:04:40 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs [2013/01/17 01:04:39 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs [2013/01/17 01:04:37 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs [2013/01/17 01:04:35 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs [2013/01/17 01:04:34 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs [2013/01/17 01:04:34 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs [2013/01/17 01:04:34 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs [2013/01/17 01:04:34 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs [2013/01/17 01:04:34 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs [2013/01/17 01:04:34 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs [2013/01/17 01:04:33 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll [2013/01/17 01:04:33 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll [2013/01/17 01:04:33 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs [2013/01/17 01:04:33 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs [2013/01/17 01:04:33 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs [2013/01/17 01:04:32 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll [2013/01/17 01:04:32 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll [2013/01/17 01:04:29 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs [2013/01/17 01:04:29 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs [2013/01/17 01:04:29 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs [2013/01/17 01:04:29 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs [2013/01/17 01:04:29 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs [2013/01/17 01:04:28 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs [2013/01/17 01:04:28 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs [2013/01/17 01:04:28 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs [2013/01/17 01:04:02 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2013/01/17 01:04:01 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2013/01/17 01:03:59 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2013/01/17 01:03:59 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2013/01/17 01:03:59 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2013/01/17 01:03:59 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2013/01/17 01:03:59 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2013/01/17 01:03:59 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2013/01/17 01:03:59 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2013/01/17 01:03:59 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2013/01/17 01:03:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2013/01/17 01:03:56 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2013/01/17 01:03:56 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2013/01/17 01:03:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2013/01/17 01:03:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2013/01/17 01:03:55 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2013/01/17 01:03:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2013/01/17 01:03:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2013/01/17 01:03:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2013/01/17 01:03:54 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2013/01/17 01:03:54 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2013/01/17 01:03:54 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2013/01/17 01:03:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2013/01/17 01:03:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2013/01/17 01:03:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2013/01/17 01:03:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2013/01/17 01:03:54 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2013/01/17 01:03:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2013/01/17 01:03:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2013/01/17 01:03:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2013/01/17 01:03:53 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2013/01/17 01:03:53 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2013/01/17 01:03:53 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2013/01/17 01:03:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2013/01/17 01:03:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2013/01/17 01:03:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2013/01/17 01:03:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2013/01/17 01:03:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2013/01/17 01:03:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2013/01/17 01:03:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2013/01/17 01:03:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2013/01/17 01:03:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2013/01/17 01:03:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2013/01/17 01:03:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2013/01/17 01:03:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2013/01/17 01:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2013/01/17 01:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2013/01/17 01:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2013/01/17 01:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2013/01/17 01:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2013/01/17 01:03:51 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2013/01/17 01:03:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2013/01/17 01:03:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2013/01/17 01:03:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2013/01/17 01:03:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2013/01/17 01:03:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2013/01/17 01:03:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2013/01/17 01:03:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2013/01/17 01:03:50 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2013/01/17 01:03:50 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2013/01/17 01:03:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2013/01/17 01:03:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2013/01/17 01:03:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2013/01/17 01:03:49 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2013/01/17 01:03:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2013/01/17 01:03:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2013/01/17 01:03:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2013/01/17 01:03:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2013/01/17 01:03:49 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2013/01/17 01:03:22 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe [2013/01/16 22:42:42 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Support Center [2013/01/16 22:42:41 | 000,000,000 | ---D | C] -- C:\ProgramData\PC-Doctor for Windows [2013/01/16 20:20:31 | 000,000,000 | ---D | C] -- C:\Users\Dell\AppData\Local\Programs [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Users\Dell\AppData\Local\*.tmp files -> C:\Users\Dell\AppData\Local\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013/04/13 21:05:17 | 000,000,135 | ---- | M] () -- C:\Windows\AutoKMS.ini [2013/04/13 16:47:44 | 000,001,678 | ---- | M] () -- C:\Users\Dell\Documents\cc_20130413_164740.reg [2013/04/13 11:12:44 | 005,773,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll [2013/04/13 11:12:44 | 004,916,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll [2013/04/13 11:12:44 | 003,174,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll [2013/04/13 11:12:44 | 001,123,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe [2013/04/13 11:12:44 | 001,048,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe [2013/04/13 11:12:44 | 000,384,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe [2013/04/13 11:12:44 | 000,322,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll [2013/04/13 11:12:44 | 000,269,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll [2013/04/13 11:12:44 | 000,243,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll [2013/04/13 11:12:44 | 000,228,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll [2013/04/13 11:12:44 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll [2013/04/13 11:12:44 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe [2013/04/13 11:12:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys [2013/04/13 11:12:44 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll [2013/04/13 11:12:44 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll [2013/04/13 11:12:44 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll [2013/04/13 11:12:44 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll [2013/04/13 11:12:44 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll [2013/04/13 11:12:44 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys [2013/04/13 11:12:44 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll [2013/04/13 11:12:44 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll [2013/04/13 11:12:44 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll [2013/04/13 11:12:44 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll [2013/04/13 11:12:44 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe [2013/04/13 11:12:08 | 001,448,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2013/02/09 13:27:20 | 000,022,704 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/02/09 13:27:20 | 000,022,704 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/02/09 13:19:31 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013/02/09 13:19:03 | 000,000,198 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job [2013/02/09 13:18:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/02/09 13:18:54 | 2074,480,639 | -HS- | M] () -- C:\hiberfil.sys [2013/02/09 13:06:01 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013/02/09 12:59:08 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/02/09 12:33:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-314255665-2411048613-93734686-1001UA.job [2013/02/09 02:52:01 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-314255665-2411048613-93734686-1001UA.job [2013/02/09 02:08:32 | 000,045,270 | ---- | M] () -- C:\Users\Dell\AppData\Roaming\room_v3.dat [2013/02/08 19:13:34 | 000,002,042 | ---- | M] () -- C:\Users\Dell\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2013/02/08 09:33:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-314255665-2411048613-93734686-1001Core.job [2013/02/08 09:11:02 | 000,726,444 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013/02/08 09:11:02 | 000,628,874 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013/02/08 09:11:02 | 000,111,026 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013/02/07 14:52:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-314255665-2411048613-93734686-1001Core.job [2013/01/30 12:35:46 | 000,193,687 | ---- | M] () -- C:\Users\Dell\Desktop\Permohonan Berjaya.pdf [2013/01/17 14:25:35 | 000,000,965 | ---- | M] () -- C:\Users\Dell\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk [2013/01/17 14:25:35 | 000,000,941 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk [2013/01/17 11:09:32 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013/01/17 11:09:32 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013/01/17 03:26:38 | 000,532,968 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013/01/16 20:15:40 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2013/01/14 11:25:31 | 000,000,600 | ---- | M] () -- C:\Users\Dell\PUTTY.RND [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Users\Dell\AppData\Local\*.tmp files -> C:\Users\Dell\AppData\Local\*.tmp -> ] ========== Files Created - No Company Name ========== [2013/04/13 21:05:17 | 000,000,198 | ---- | C] () -- C:\Windows\tasks\AutoKMS.job [2013/04/13 21:05:17 | 000,000,135 | ---- | C] () -- C:\Windows\AutoKMS.ini [2013/04/13 16:47:42 | 000,001,678 | ---- | C] () -- C:\Users\Dell\Documents\cc_20130413_164740.reg [2013/01/30 12:35:45 | 000,193,687 | ---- | C] () -- C:\Users\Dell\Desktop\Permohonan Berjaya.pdf [2013/01/17 14:25:35 | 000,000,965 | ---- | C] () -- C:\Users\Dell\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk [2013/01/17 14:25:35 | 000,000,941 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk [2012/10/16 03:03:38 | 000,000,600 | ---- | C] () -- C:\Users\Dell\PUTTY.RND [2012/05/23 18:49:34 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2012/05/23 18:49:32 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2012/05/23 18:49:32 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2012/05/23 18:49:32 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2012/05/23 18:49:32 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2012/05/15 22:25:57 | 000,014,848 | ---- | C] () -- C:\Users\Dell\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/04/08 01:26:42 | 000,315,392 | ---- | C] ( ) -- C:\Windows\SysWow64\sbcrreag.dll [2012/01/04 21:59:58 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2012/01/04 08:43:35 | 000,000,000 | ---- | C] () -- C:\Windows\PowerReg.dat [2011/12/29 11:42:57 | 000,000,000 | ---- | C] () -- C:\Users\Dell\AppData\Local\{0D466602-490D-4B5D-BDFB-28A517FC7FCF} [2011/12/04 15:38:31 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2011/12/04 15:38:31 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2011/12/04 15:38:31 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2011/11/09 23:48:08 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\suppdll.dll [2011/11/09 23:48:08 | 000,035,363 | ---- | C] () -- C:\Windows\SysWow64\windrvNT.sys [2011/11/09 19:05:46 | 002,212,096 | ---- | C] () -- C:\Windows\wweb32.dll [2011/11/08 08:37:29 | 000,000,000 | ---- | C] () -- C:\Users\Dell\AppData\Local\{9A18882D-D8A9-4C1E-9239-06BDD4820DC2} [2011/10/28 03:32:24 | 000,197,728 | ---- | C] () -- C:\Windows\WinVd32.sys [2011/10/28 03:32:21 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\WinFLsrv.exe [2011/10/27 16:38:05 | 000,059,663 | ---- | C] () -- C:\Windows\War3Unin.dat [2011/10/27 13:22:48 | 000,045,270 | ---- | C] () -- C:\Users\Dell\AppData\Roaming\room_v3.dat [2011/10/20 14:05:04 | 000,012,800 | ---- | C] () -- C:\Windows\DCEBoot64.exe [2011/10/20 13:36:29 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2011/03/15 07:19:46 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2011/03/15 07:19:46 | 000,207,376 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2011/03/15 07:19:45 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2011/03/15 07:19:21 | 000,000,096 | ---- | C] () -- C:\Windows\LaunApp.ini [2011/03/15 07:19:19 | 000,000,271 | ---- | C] () -- C:\Windows\WisPriority.ini [2011/03/15 07:19:19 | 000,000,035 | ---- | C] () -- C:\Windows\DELL_LANGCODE.ini [2011/03/15 07:19:19 | 000,000,033 | ---- | C] () -- C:\Windows\DELL_OSTYPE.ini [2011/03/15 07:19:19 | 000,000,032 | ---- | C] () -- C:\Windows\WisHWDest.ini [2011/03/15 07:19:19 | 000,000,028 | ---- | C] () -- C:\Windows\WisLangCode.ini [2011/03/15 07:19:19 | 000,000,023 | ---- | C] () -- C:\Windows\WisSysInfo.ini [2011/03/15 04:49:24 | 000,017,776 | ---- | C] () -- C:\Windows\EvtMessage.dll [2011/03/15 04:43:07 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll ========== ZeroAccess Check ========== [2009/07/14 12:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 13:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 12:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 09:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 20:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 09:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report >
-
And from Extre.txt : OTL Extras logfile created on: 2/8/2013 7:53:05 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dell\Downloads\Programs 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16438) Locale: 00000409 | Country: Malaysia | Language: ENM | Date Format: d/M/yyyy 7.91 Gb Total Physical Memory | 5.75 Gb Available Physical Memory | 72.73% Memory free 15.82 Gb Paging File | 13.47 Gb Available in Paging File | 85.16% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 227.02 Gb Total Space | 34.42 Gb Free Space | 15.16% Space Free | Partition Type: NTFS Drive E: | 223.99 Gb Total Space | 6.53 Gb Free Space | 2.92% Space Free | Partition Type: NTFS Computer Name: DELL-PC | User Name: Dell | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [ACDSee Pro 5.Manage] -- "C:\Program Files (x86)\ACD Systems\ACDSee Pro\5.0\ACDSeeQVPro5.exe" "%1" (ACD Systems International Inc.) Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [ACDSee Pro 5.Manage] -- "C:\Program Files (x86)\ACD Systems\ACDSee Pro\5.0\ACDSeeQVPro5.exe" "%1" (ACD Systems International Inc.) Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{03F57435-3118-4D6F-8FD1-E197688FB07B}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer | "{0B6EC88B-7630-4B6F-81ED-AC197CB17A35}" = rport=138 | protocol=17 | dir=out | app=system | "{104265B3-7B36-4369-BD7E-CD2E4D6268FA}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery | "{18498929-65D3-4E5C-9CFC-24BFA9F1C3B6}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{184FD988-3931-4F80-A105-C1FD65FCDB6C}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer | "{193CCC78-DFDC-4753-84EE-B4077C3770D2}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{2196ED6E-9768-4CB0-A8BE-D09F88A3F6B8}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{2D628E98-F733-463E-A085-4E81EC101CD6}" = lport=2869 | protocol=6 | dir=in | app=system | "{332F7A7E-4F91-478B-9CB9-087A12A9E1DB}" = rport=139 | protocol=6 | dir=out | app=system | "{3AD04BD9-402F-4D51-BA47-2E22811DA403}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{4047EFF9-5280-4627-AED2-F6945E3E6906}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{54E6F092-1F94-4568-8225-54142FBF9C5E}" = rport=137 | protocol=17 | dir=out | app=system | "{56303C9E-DC9B-4449-BD12-0BE1A9676E60}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{5CB31356-9D17-4593-BC77-6D3359F0D89F}" = lport=8370 | protocol=17 | dir=in | name=league of legends launcher | "{5EDF505C-9770-4386-B1C1-D9F52EAB2604}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery | "{6333BC86-CE6B-439F-9670-D9F89BCD7CB8}" = rport=445 | protocol=6 | dir=out | app=system | "{66954619-7C00-4C98-A5FB-DBAEBA1EC249}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{69F3FC23-8BE6-441C-9176-A120982B0FC0}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{7BA6B7FF-61F4-426E-A230-9D3EBD85D509}" = lport=138 | protocol=17 | dir=in | app=system | "{7C9D4AF8-039D-46ED-91B3-F9D5F08C6634}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{8F56AB87-E960-4A5D-9A44-DE402280515E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{9223F415-EFF2-498F-A1D1-22F92A71A8EF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{94DA2711-1498-4DE9-8C47-71A7D3D5D1F1}" = lport=445 | protocol=6 | dir=in | app=system | "{9551FACD-70EB-4270-8AEC-39EA704ECCF3}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{9813668A-3447-453B-B647-DBCDDAEED2CC}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | "{9B16D7D6-8098-4223-8D67-1A12BBC33730}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{A36A7E94-EBB9-4C69-91C7-5D8C3CBA9EA2}" = rport=10243 | protocol=6 | dir=out | app=system | "{AF3A9662-A4BD-45E4-AF98-D8F321BB3F75}" = lport=10243 | protocol=6 | dir=in | app=system | "{B7D6D166-982B-4F21-A032-80C2E5AE7528}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{BA194785-D5C2-489B-B2A6-AC60C8C56028}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{BE7F000F-3E74-499C-B4ED-AE63AD61F92A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{C15C6E59-02FC-45E1-96BE-D4D0E0C9B0B8}" = lport=8370 | protocol=6 | dir=in | name=league of legends launcher | "{C76E8479-C7EF-430E-9232-828D2920C767}" = lport=139 | protocol=6 | dir=in | app=system | "{DE64205D-8647-4CC6-A534-3C97970E2F58}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{DFEA9F20-51D0-427D-915F-5EB7F9A6E4FE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{E7D561A6-1696-4AA3-B21D-B350171B0776}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{EF5F72EB-5E0D-46D6-AB79-08DF5712312D}" = lport=137 | protocol=17 | dir=in | app=system | "{FA43E37D-CADE-4D1A-917D-E8E6E1D93988}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{038DE137-49DF-41AB-9DDD-331DEAC49776}" = protocol=6 | dir=in | app=c:\garenadownload\games\blackshot\blackshot_garenaplus_installer.exe | "{0473FA12-D9C3-4BAF-B9C1-5816E644272E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{04777E74-5A3F-4728-967D-60D1A346D062}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{066DB5D5-E04D-475E-96CD-07B5FD2792AF}" = protocol=17 | dir=in | app=c:\program files (x86)\giraffic\veoh_girafficwatchdog.exe | "{0A771CE4-5EA1-4D8B-9741-3F218C693299}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe | "{0F4087DB-929C-409C-8722-19FF9659141C}" = protocol=6 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe | "{115EDBA9-9708-496A-8FF4-B16A41106CB4}" = protocol=17 | dir=in | app=c:\users\dell\downloads\u\u1204.exe | "{19DA1BCD-07C3-4D68-A965-0A85125279E6}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{21F23768-62D0-4A27-A18D-4AEBC0D303AA}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe | "{2581DBC8-75E6-4B54-808A-8A2EA4AF72E0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | "{322A2854-417D-4414-A5E2-F8A25580E238}" = protocol=17 | dir=in | app=c:\users\dell\appdata\local\google\chrome\application\chrome.exe | "{33F3EF2B-95E5-4E7B-B554-D3A40D55D17B}" = protocol=6 | dir=in | app=c:\users\dell\downloads\u\u1204.exe | "{387F5879-0654-493F-88C5-6E9E03858237}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{3BC568BE-0DF7-4767-B1E5-3941C063F6E7}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{41473F1B-AF2A-4B98-B779-4E07F24B9F29}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | "{43CEB93F-42BD-4CE6-ACA7-216B2863B707}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe | "{4866C04B-A220-4713-A130-7EEB95BB2CE9}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{492FA6FE-1F28-4236-8542-FB46865699D9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{49BDEB37-98EC-42B1-A354-F77A83999AAD}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe | "{4B8A7064-4A30-4920-B312-FFCCCEEC76D4}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{4E612372-A08E-4337-A2CB-4BC906C3C802}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe | "{51267A0B-8864-4418-957B-D1ACFCB9022F}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe | "{536D6F55-1F47-4061-83E2-3E700D817B2D}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe | "{557608F0-EB04-41EE-93E3-9F04464CA1F0}" = protocol=6 | dir=in | app=c:\program files (x86)\giraffic\veoh_girafficwatchdog.exe | "{577C88A5-E769-4B78-8E3B-3786DCCD3937}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{59AD8D53-6203-47DD-BB4F-1E9919392554}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{5F686021-D370-4CD0-9193-F80413758D39}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe | "{6352B20D-DB29-4B00-B40C-49919BB981A9}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{63BC8F91-A7F4-4441-A533-8E6E00C5DD9C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{641BB4FA-7EB8-4D10-98C8-64325E4766EE}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{653820B7-76A0-4541-B983-45C48ECE1CAA}" = protocol=6 | dir=out | app=system | "{6AE3B214-EDDC-4B76-B5C7-4E2C12CC444F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{72D0B247-A670-40C3-B77E-B67742EB1349}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{764BA1E8-AF85-4C27-B302-FA41F04F39C3}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{78503B5D-B39C-4855-A109-F46D81FE670D}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | "{7986D4F0-33A3-42FC-9BF3-0F81D4C58479}" = protocol=17 | dir=in | app=c:\garenadownload\games\blackshot\blackshot_garenaplus_installer.exe | "{7C16F0F4-47B1-4FCE-805B-EFE32D84CC45}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{81D17DF0-E691-45CD-A1E5-6738F8F57A5E}" = protocol=17 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe | "{83F44EC1-0EA3-4221-AC51-4D208621280C}" = protocol=6 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe | "{84016A65-E7A7-4501-A847-8FC30544269C}" = protocol=6 | dir=in | app=c:\program files (x86)\giraffic\veoh_giraffic.exe | "{8544A3D6-F553-48F3-AC0C-4F8E9C9F16A4}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe | "{855BB13D-6AF4-4B80-91B5-1728F5A5855F}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{8626CFB3-D1AA-4221-9F0C-501058639964}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | "{8870E6B2-E9C1-44FE-B4CD-B14EAB5A5FA2}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe | "{8C0B523C-4C0E-401B-8CA5-AF987AE92DF5}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{8C1D4B3F-2DDE-4018-8BE6-4B71B8385BE4}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{93B4CB44-DC5A-459B-A95F-AE9F882D2A0A}" = protocol=17 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe | "{95C0E0E5-7F83-44D2-B42B-BFA79E5A10D3}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{95E04ED0-0CB4-43E2-86B3-2EF53904AF92}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe | "{9A407A71-9D48-4B3B-A135-533033FA4B84}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{9E4EBA20-0760-4865-8015-22DEF3154F00}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{9E6B01F0-4BAD-4FAA-A21E-24484FC23BBB}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | "{A168BB4E-1EAC-47C7-AE2E-11C68933D09D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{A4B40FD0-71DB-46F2-AE76-BE32C7668E95}" = protocol=17 | dir=in | app=c:\program files (x86)\giraffic\veoh_giraffic.exe | "{A5B3CF54-F86E-4972-B31B-F08523E742C5}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{AA997490-6043-478E-8014-220F21790F39}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe | "{B0937094-EC80-4451-9AF5-43EBE005AF44}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{B14060DD-DFD0-4425-A73C-C0187C5F6E17}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{B1C3A5A1-C762-40B7-A7CE-D3B5DB155A9E}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe | "{B3EFAD12-65D3-4207-B407-3BC0D618DFAD}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe | "{BE39FE60-75FF-48B8-A9A9-E5C2B47C8B96}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe | "{C34D03C0-350E-4CD0-8AA1-D3CBE818924A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{C3C97600-E5CE-4C43-A872-F86852510DAE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{C6D2B882-E9A6-4EC2-A0E9-2DAB161F460D}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | "{CA10E43E-30AB-4AE7-A8F4-3A518734F7AF}" = dir=in | app=c:\program files (x86)\dell\videostage\videostage.exe | "{D346B5D9-C112-4D8E-9274-D19E3AF99120}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | "{D3FF81F1-C8CF-41A4-ADCB-AEBAB04F061C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{D7053344-1B0A-4B19-B370-327F7547ADBE}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{D8860C91-F4E7-4255-82C6-3B6BC7E97277}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | "{DAEFA91B-CCB1-4666-B9C1-E1328D343BD8}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe | "{DBFE6A50-7B61-4B44-9BA3-46A65C96EE4B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{DCBF9F0E-9323-4010-9BE3-C9EC1F0DE3E4}" = dir=in | app=c:\program files (x86)\intel corporation\intel wireless display\widiapp.exe | "{E04ADED8-26C4-4BFB-BED6-B8B32CD7C932}" = protocol=6 | dir=in | app=c:\users\dell\appdata\local\google\chrome\application\chrome.exe | "{E0E7E2F5-11EA-4226-9C06-D9089DDD4416}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe | "{E851EFDE-F43F-455A-92B7-B3CC99C165BC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{E9D4FF25-B204-4EE2-9F4D-3AD21BDC25E4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "TCP Query User{11E7F14E-6457-4F1D-B317-0C50125D5DEC}C:\program files (x86)\dell\dell datasafe online\nobuclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dell\dell datasafe online\nobuclient.exe | "TCP Query User{1A02CA0A-91D4-4D09-A3AF-8AE92CD402A7}C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base15405\sc2.exe | "TCP Query User{3CFDB8EB-0AFB-45F7-8535-2A0A93B19E85}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | "TCP Query User{4243292B-1502-4BC3-BD85-2A1E0745FB21}C:\program files (x86)\garena plus\garenamessenger.exe" = protocol=6 | dir=in | app=c:\program files (x86)\garena plus\garenamessenger.exe | "TCP Query User{53E5DC94-C3BC-4D7F-BAF9-9A4A4590A0AF}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "TCP Query User{564AA070-77FC-4A20-BDDB-6A9AE544AFEA}C:\users\dell\downloads\ultrasurf\u1207.exe" = protocol=6 | dir=in | app=c:\users\dell\downloads\ultrasurf\u1207.exe | "TCP Query User{59CA5119-0D02-4B94-8BB3-7EA4FC324926}C:\windows\kmsemulator.exe" = protocol=6 | dir=in | app=c:\windows\kmsemulator.exe | "TCP Query User{5A3CB229-4C30-4355-A6FB-872B2D8DF8C2}C:\program files (x86)\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files (x86)\emule\emule.exe | "TCP Query User{62FCC3B2-FAD9-4199-9914-CB72C5E14CC3}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "TCP Query User{65265711-C4BA-4B0F-82C4-A6E7B0FD8B46}C:\program files (x86)\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\warcraft iii\war3.exe | "TCP Query User{74F5CAA8-8A88-413A-8BF1-AFC04B8D115B}C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe" = protocol=6 | dir=in | app=c:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe | "TCP Query User{7543E676-C7A6-4CCC-9B37-92F1A25B23CD}C:\program files (x86)\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\warcraft iii\war3.exe | "TCP Query User{7DF9AF5F-DEF2-4EE3-BAC1-869E60A48BDC}C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base15405\sc2.exe | "TCP Query User{A50F1F5B-81D1-485B-8C2E-CC159E811B60}C:\users\dell\downloads\ultrasurf\u1208.exe" = protocol=6 | dir=in | app=c:\users\dell\downloads\ultrasurf\u1208.exe | "TCP Query User{ACB96FEF-E700-45BD-8C5A-51E4F7C46495}C:\program files (x86)\garena plus\room\garena_room.exe" = protocol=6 | dir=in | app=c:\program files (x86)\garena plus\room\garena_room.exe | "TCP Query User{B6A01D8A-0B30-42D0-BF3A-670994299CFF}C:\program files (x86)\garena plus\room\garena_room.exe" = protocol=6 | dir=in | app=c:\program files (x86)\garena plus\room\garena_room.exe | "TCP Query User{B95B4F8A-F2AE-4F09-8EE4-E6226CBB1200}C:\windows\syswow64\java.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\java.exe | "TCP Query User{BBB72E73-8F1C-40EA-85DF-B9B8DDBBFB7B}C:\users\dell\downloads\ultrasurf\u1207.exe" = protocol=6 | dir=in | app=c:\users\dell\downloads\ultrasurf\u1207.exe | "TCP Query User{C3E805E1-E707-49EA-BE4A-BF4785CA6B5F}C:\users\dell\downloads\facegate\fg736p.exe" = protocol=6 | dir=in | app=c:\users\dell\downloads\facegate\fg736p.exe | "TCP Query User{C76F5AA9-4EB4-41A7-BC94-39CE8721E980}C:\program files (x86)\dell\dell datasafe online\nobuclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dell\dell datasafe online\nobuclient.exe | "TCP Query User{C8BE4D69-5FE8-405E-998E-350B11883BEA}C:\users\dell\downloads\ultrasurf\u1210.exe" = protocol=6 | dir=in | app=c:\users\dell\downloads\ultrasurf\u1210.exe | "TCP Query User{D6791BBB-B6AA-4F1B-99E1-DFBF93D74B15}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | "TCP Query User{D689BA26-F85B-474E-BD25-E95EFDB01C74}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe | "TCP Query User{EEF32A25-1DE6-4803-8217-7C7124D8D164}C:\users\dell\downloads\ultrasurf\u1208.exe" = protocol=6 | dir=in | app=c:\users\dell\downloads\ultrasurf\u1208.exe | "TCP Query User{F5E59A83-777B-4F7D-9897-34E46C0DF131}C:\users\dell\downloads\ultrasurf\u1210.exe" = protocol=6 | dir=in | app=c:\users\dell\downloads\ultrasurf\u1210.exe | "UDP Query User{004ED319-562B-466C-BC76-30C1D287E6A3}C:\users\dell\downloads\ultrasurf\u1208.exe" = protocol=17 | dir=in | app=c:\users\dell\downloads\ultrasurf\u1208.exe | "UDP Query User{0601DBC9-F28C-4D0F-BCF5-DBE3F712A785}C:\users\dell\downloads\ultrasurf\u1210.exe" = protocol=17 | dir=in | app=c:\users\dell\downloads\ultrasurf\u1210.exe | "UDP Query User{1C59A236-264F-4409-87A8-1C29DD7A1055}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "UDP Query User{1EA3B256-D4A3-482E-93B2-32EE28ECFC5E}C:\program files (x86)\dell\dell datasafe online\nobuclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dell\dell datasafe online\nobuclient.exe | "UDP Query User{368E4358-FCC3-4992-BC48-01B4F3A577ED}C:\users\dell\downloads\ultrasurf\u1207.exe" = protocol=17 | dir=in | app=c:\users\dell\downloads\ultrasurf\u1207.exe | "UDP Query User{37D85197-691E-4C3E-9737-2FC58BFEE73C}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | "UDP Query User{43D61913-377E-45AE-94DB-575C64A722D4}C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base15405\sc2.exe | "UDP Query User{44BBDA16-10C4-4B6B-AA4C-330511F50A8F}C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe" = protocol=17 | dir=in | app=c:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe | "UDP Query User{44BE742C-2E65-4DB4-82BE-EA7EB9D2DB06}C:\program files (x86)\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files (x86)\emule\emule.exe | "UDP Query User{48875DF9-8F7B-4344-8081-06E982D796DB}C:\users\dell\downloads\facegate\fg736p.exe" = protocol=17 | dir=in | app=c:\users\dell\downloads\facegate\fg736p.exe | "UDP Query User{64FC9FDF-68CC-4F92-BC69-5B04EB6B8B14}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe | "UDP Query User{6B03535F-0B87-4B51-9A3B-1EA0524FD0DE}C:\windows\kmsemulator.exe" = protocol=17 | dir=in | app=c:\windows\kmsemulator.exe | "UDP Query User{721ABC6F-B687-4F50-AEFF-615658E297F6}C:\windows\syswow64\java.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\java.exe | "UDP Query User{78974266-5E9D-48C8-BE1B-F2FF0AC2F32C}C:\program files (x86)\garena plus\garenamessenger.exe" = protocol=17 | dir=in | app=c:\program files (x86)\garena plus\garenamessenger.exe | "UDP Query User{7A9A9C7F-17A7-4E30-8F8C-492DD4AECBFF}C:\program files (x86)\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\warcraft iii\war3.exe | "UDP Query User{8EF83253-634C-4226-8508-22BF7E9F64B3}C:\program files (x86)\dell\dell datasafe online\nobuclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dell\dell datasafe online\nobuclient.exe | "UDP Query User{91A8BD13-EC1D-485B-AD21-305BA1E96883}C:\users\dell\downloads\ultrasurf\u1208.exe" = protocol=17 | dir=in | app=c:\users\dell\downloads\ultrasurf\u1208.exe | "UDP Query User{95D89752-670C-4E0F-99E2-34A7A8B67DF3}C:\program files (x86)\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\warcraft iii\war3.exe | "UDP Query User{972B2314-6FEB-49C8-B427-45FED4F9B985}C:\users\dell\downloads\ultrasurf\u1210.exe" = protocol=17 | dir=in | app=c:\users\dell\downloads\ultrasurf\u1210.exe | "UDP Query User{9C849903-B6C1-4460-A509-D522CD5F2180}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | "UDP Query User{9FEDA122-1B16-469D-9B3C-B13074B706F4}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "UDP Query User{AFEA15C5-B56C-4DAC-82A2-959C268A18E2}C:\program files (x86)\garena plus\room\garena_room.exe" = protocol=17 | dir=in | app=c:\program files (x86)\garena plus\room\garena_room.exe | "UDP Query User{B51514D1-CAA6-40F3-8CAB-BB3896116AC6}C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base15405\sc2.exe | "UDP Query User{B795E4F4-A81F-4C29-8E84-8FB2135DB792}C:\users\dell\downloads\ultrasurf\u1207.exe" = protocol=17 | dir=in | app=c:\users\dell\downloads\ultrasurf\u1207.exe | "UDP Query User{C5F59D20-7732-43B8-8E36-5AE1C1252028}C:\program files (x86)\garena plus\room\garena_room.exe" = protocol=17 | dir=in | app=c:\program files (x86)\garena plus\room\garena_room.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{058EB68D-8F07-4E07-BD3B-B97D18E092F0}" = AVG 2013 "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp 1.0 RC3 "{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes "{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant "{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables "{26A24AE4-039D-4CA4-87B4-2F86416023FF}" = Java 6 Update 23 (64-bit) "{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}" = Intel® PROSet/Wireless WiFi Software "{2C5BEF49-4219-4751-9106-39604462939D}" = Face Recognition "{3015F546-6C3E-4E6A-B564-BCDF88C0BA2A}" = Intel® PROSet/Wireless Software for Bluetooth® Technology "{502275B0-3DA3-44D8-8702-066525CAAE98}" = AVG 2013 "{5783F2D7-7001-0409-0102-0060B0CE6BBA}" = AutoCAD 2009 - English "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources "{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64) "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources "{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010 "{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 306.97 "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 306.97 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 306.97 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.10.8 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0213 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.12.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Intel® Turbo Boost Technology Monitor 2.0 "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "AutoCAD 2009 - English" = AutoCAD 2009 - English "AVG" = AVG 2013 "CCleaner" = CCleaner "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "PC-Doctor for Windows" = Dell Support Center "ProInst" = Intel PROSet Wireless "Speccy" = Speccy "WinRAR archiver" = WinRAR 4.01 (64-bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{01386D1F-ADE7-43B4-A4E9-312FC5BC726F}_is1" = SWF Opener "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3 "{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting "{09E2111C-16B1-4DDF-BF0D-F994C9A12350}" = Adobe Setup "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup "{12BAA98C-F8DD-4BC9-BBE6-1C8463114197}" = BlackBerry Device Software Updater "{17D26CDD-B87C-412B-92F0-2D5DD4313522}" = Facebook Messenger 2.1.4651.0 "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD YouTube Downloader & Converter 3.7 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java 6 Update 37 "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections "{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3 "{2A0F2CC5-3065-492C-8380-B03AA7106B1A}" = Dell Product Registration "{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger "{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress "{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{35E0BA9D-3AFE-402A-99CA-D94FE1E73D18}" = ACDSee Pro 5 "{37F8C732-02B5-41A2-9F5B-D94EAC2226AB}" = Angry Birds Seasons "{39D06E77-8921-4056-8901-36D0035BAECA}" = Dell Stage "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology "{3E8A1ADF-B72C-47FE-85F6-F7A73C487F6C}" = Dell MusicStage "{3F2A323E-60C4-41E8-8CCB-9715D1D750C3}" = Angry Birds Space "{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion "{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings "{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver "{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01) "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack "{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3 "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter "{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core "{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide "{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online "{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3 "{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{84B6D6A7-1BA4-41C1-B02C-829393913183}" = BlackBerry Device Software v6.0.0 for the BlackBerry 9300 smartphone "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3 "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support "{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010 "{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010 "{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010 "{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010 "{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010 "{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 "{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010 "{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010 "{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010 "{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010 "{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010 "{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010 "{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010 "{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3 "{91DDF870-EE18-44D8-9D93-F4C122B80908}" = Seagate Drive Settings Installer "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}" = Celcom Broadband "{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader "{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars "{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh "{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module "{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps "{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.4) MUI "{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime "{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0 "{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3 "{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2 "{C4401B9F-F462-44F3-B96E-390AF4DC0EE6}_is1" = Rename Expert 4.2.0 "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client "{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX "{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings "{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage "{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio "{E4335E82-17B3-460F-9E70-39D9BC269DB3}" = Dell PhotoStage "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger "{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3 "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter "{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter "{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 2.02.002 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics "{F84906ED-BB54-4889-B131-FED9C9056FC8}" = Intel® Wireless Display "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center "{F909BB1B-3FC1-4EDA-AF1F-8F1A89163591}" = BlackBerry Desktop Software 6.1 "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "4F6D5E84-5826-4394-9F40-3A9A19165651_is1" = Pandora Service "AC3Filter" = AC3Filter (remove only) "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe_c14ac4070fd9614ffe63f4bb533db2c" = Add or Remove Adobe Creative Suite 3 Design Premium "Advanced Audio FX Engine" = Advanced Audio FX Engine "Advanced SystemCare 6_is1" = Advanced SystemCare 6 "Any Video Converter_is1" = Any Video Converter 3.3.2 "AVS4YOU Video Converter 7_is1" = AVS Video Converter 8 "BlackBerry_Desktop" = BlackBerry Desktop Software 6.1 "Camfrog 6.1" = Camfrog Video Chat 6.1 "Dell Webcam Central" = Dell Webcam Central "DFX" = DFX "DomDomSoft Manga Downloader" = DomDomSoft Manga Downloader (remove only) "Giraffic" = Veoh Giraffic Video Accelerator "HotspotShield" = Hotspot Shield 1.34 "InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver "InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "InstallShield_{91DDF870-EE18-44D8-9D93-F4C122B80908}" = Seagate Drive Settings Installer "InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage "Internet Download Manager" = Internet Download Manager "Jubler" = Jubler subtitle editor "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 8.0.6 "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100 "MegaTitle Beta 1" = MegaTitle Beta 1 "Mozilla Firefox 18.0 (x86 en-US)" = Mozilla Firefox 18.0 (x86 en-US) "MozillaMaintenanceService" = Mozilla Maintenance Service "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Office14.PROPLUS" = Microsoft Office Professional Plus 2010 "Open Codecs" = Xiph.Org Open Codecs 0.85.17777 "PANDORATV VIDEO STREAMER_is1" = PANDORATV VIDEO STREAMER "pcsx2-r4600" = PCSX2 - Playstation 2 Emulator "RealAlt_is1" = Real Alternative 2.0.2 "Revo Uninstaller" = Revo Uninstaller 1.93 "StarCraft II" = StarCraft II "Steam App 570" = Dota 2 "uTorrent" = µTorrent "Veoh Web Player Beta" = Veoh Web Player "VirtualCloneDrive" = VirtualCloneDrive "VLC media player" = VLC media player 2.0.2 "Warcraft III" = Warcraft III "WinLiveSuite" = Windows Live Essentials "WordWeb" = WordWeb "Yahoo! Messenger" = Yahoo! Messenger "Yahoo! Software Update" = Yahoo! Software Update ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "9204f5692a8faf3b" = Dell System Detect "bd4d3a0508d364f5" = Dell Driver Download Manager "Google Chrome" = Google Chrome "MyFreeCodec" = MyFreeCodec "Warcraft III" = Warcraft III: All Products "webmdshow" = WebM Project Directshow Filters ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 8/15/2012 6:04:23 AM | Computer Name = Dell-PC | Source = Application Hang | ID = 1002 Description = The program iexplore.exe version 9.0.8112.16447 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1b8c Start Time: 01cd7acd3dbdcd83 Termination Time: 17 Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Report Id: Error - 8/17/2012 2:52:07 PM | Computer Name = Dell-PC | Source = Google Update | ID = 20 Description = Error - 8/17/2012 10:19:49 PM | Computer Name = Dell-PC | Source = PandoraService.exe | ID = 0 Description = Error - 8/19/2012 10:29:53 AM | Computer Name = Dell-PC | Source = PandoraService.exe | ID = 0 Description = Error - 8/20/2012 9:41:24 AM | Computer Name = Dell-PC | Source = PandoraService.exe | ID = 0 Description = Error - 8/20/2012 10:46:04 PM | Computer Name = Dell-PC | Source = PandoraService.exe | ID = 0 Description = Error - 8/21/2012 8:44:57 AM | Computer Name = Dell-PC | Source = Application Hang | ID = 1002 Description = The program iexplore.exe version 9.0.8112.16448 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1a3c Start Time: 01cd7f99ff04e449 Termination Time: 27 Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Report Id: Error - 8/21/2012 8:46:26 AM | Computer Name = Dell-PC | Source = Application Hang | ID = 1002 Description = The program iexplore.exe version 9.0.8112.16448 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 19f8 Start Time: 01cd7f9ac5078134 Termination Time: 18 Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Report Id: Error - 8/21/2012 8:50:16 AM | Computer Name = Dell-PC | Source = Application Hang | ID = 1002 Description = The program iexplore.exe version 9.0.8112.16448 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 560 Start Time: 01cd7f9afa6a8402 Termination Time: 16 Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Report Id: Error - 8/22/2012 11:17:01 AM | Computer Name = Dell-PC | Source = Application Hang | ID = 1002 Description = The program winamp.exe version 5.6.2.3189 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 13f8 Start Time: 01cd80566f62deb9 Termination Time: 11 Application Path: C:\Program Files (x86)\Winamp\winamp.exe Report Id: 6690fb05-ec6c-11e1-98d0-bc7737134f1f [ Dell Events ] Error - 2/6/2013 3:01:01 PM | Computer Name = Dell-PC | Source = DataSafe | ID = 17 Description = The process was interrupted before completion. Error - 2/6/2013 3:28:22 PM | Computer Name = Dell-PC | Source = DataSafe | ID = 17 Description = The process was interrupted before completion. Error - 2/6/2013 3:28:22 PM | Computer Name = Dell-PC | Source = DataSafe | ID = 17 Description = The process was interrupted before completion. Error - 2/7/2013 4:31:29 AM | Computer Name = Dell-PC | Source = DataSafe | ID = 17 Description = The process was interrupted before completion. Error - 2/7/2013 4:31:29 AM | Computer Name = Dell-PC | Source = DataSafe | ID = 17 Description = The process was interrupted before completion. Error - 2/7/2013 5:06:08 AM | Computer Name = Dell-PC | Source = DataSafe | ID = 17 Description = The process was interrupted before completion. Error - 2/7/2013 5:06:08 AM | Computer Name = Dell-PC | Source = DataSafe | ID = 17 Description = The process was interrupted before completion. Error - 2/7/2013 7:23:41 AM | Computer Name = Dell-PC | Source = DataSafe | ID = 17 Description = The process was interrupted before completion. Error - 2/7/2013 7:23:41 AM | Computer Name = Dell-PC | Source = DataSafe | ID = 17 Description = The process was interrupted before completion. Error - 2/7/2013 9:08:07 PM | Computer Name = Dell-PC | Source = DataSafe | ID = 17 Description = The process was interrupted before completion. [ Media Center Events ] Error - 11/12/2011 2:19:59 AM | Computer Name = Dell-PC | Source = MCUpdate | ID = 0 Description = 2:19:59 PM - Error connecting to the internet. 2:19:59 PM - Unable to contact server.. Error - 11/12/2011 2:20:05 AM | Computer Name = Dell-PC | Source = MCUpdate | ID = 0 Description = 2:20:04 PM - Error connecting to the internet. 2:20:04 PM - Unable to contact server.. Error - 11/12/2011 3:20:10 AM | Computer Name = Dell-PC | Source = MCUpdate | ID = 0 Description = 3:20:10 PM - Error connecting to the internet. 3:20:10 PM - Unable to contact server.. Error - 11/12/2011 3:20:16 AM | Computer Name = Dell-PC | Source = MCUpdate | ID = 0 Description = 3:20:15 PM - Error connecting to the internet. 3:20:15 PM - Unable to contact server.. Error - 11/12/2011 4:20:21 AM | Computer Name = Dell-PC | Source = MCUpdate | ID = 0 Description = 4:20:21 PM - Error connecting to the internet. 4:20:21 PM - Unable to contact server.. Error - 11/12/2011 4:20:27 AM | Computer Name = Dell-PC | Source = MCUpdate | ID = 0 Description = 4:20:26 PM - Error connecting to the internet. 4:20:26 PM - Unable to contact server.. Error - 11/12/2011 5:20:32 AM | Computer Name = Dell-PC | Source = MCUpdate | ID = 0 Description = 5:20:32 PM - Error connecting to the internet. 5:20:32 PM - Unable to contact server.. Error - 11/12/2011 5:20:37 AM | Computer Name = Dell-PC | Source = MCUpdate | ID = 0 Description = 5:20:37 PM - Error connecting to the internet. 5:20:37 PM - Unable to contact server.. Error - 11/26/2011 11:00:32 AM | Computer Name = Dell-PC | Source = MCUpdate | ID = 0 Description = 11:00:32 PM - Error connecting to the internet. 11:00:32 PM - Unable to contact server.. Error - 11/26/2011 11:00:40 AM | Computer Name = Dell-PC | Source = MCUpdate | ID = 0 Description = 11:00:37 PM - Error connecting to the internet. 11:00:37 PM - Unable to contact server.. [ System Events ] Error - 2/8/2013 3:47:58 AM | Computer Name = Dell-PC | Source = Service Control Manager | ID = 7000 Description = The windrvNT service failed to start due to the following error: %%2 Error - 2/8/2013 4:00:06 AM | Computer Name = Dell-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Visual C++ 2010 Service Pack 1 Redistributable Package (KB2565063). Error - 2/8/2013 4:00:34 AM | Computer Name = Dell-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Visual C++ 2010 Service Pack 1 Redistributable Package (KB2565063). Error - 2/8/2013 4:01:07 AM | Computer Name = Dell-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2742595). Error - 2/8/2013 7:33:03 AM | Computer Name = Dell-PC | Source = Service Control Manager | ID = 7009 Description = A timeout was reached (30000 milliseconds) while waiting for the AVGIDSAgent service to connect. Error - 2/8/2013 7:33:03 AM | Computer Name = Dell-PC | Source = Service Control Manager | ID = 7000 Description = The AVGIDSAgent service failed to start due to the following error: %%1053 Error - 2/8/2013 7:33:32 AM | Computer Name = Dell-PC | Source = Service Control Manager | ID = 7009 Description = A timeout was reached (30000 milliseconds) while waiting for the AVGIDSAgent service to connect. Error - 2/8/2013 7:33:32 AM | Computer Name = Dell-PC | Source = Service Control Manager | ID = 7000 Description = The AVGIDSAgent service failed to start due to the following error: %%1053 Error - 2/8/2013 7:33:34 AM | Computer Name = Dell-PC | Source = Service Control Manager | ID = 7009 Description = A timeout was reached (30000 milliseconds) while waiting for the AVGIDSAgent service to connect. Error - 2/8/2013 7:33:34 AM | Computer Name = Dell-PC | Source = Service Control Manager | ID = 7000 Description = The AVGIDSAgent service failed to start due to the following error: %%1053 < End of report >
-
..continued < %SYSTEMDRIVE%\*.* > [2009/07/14 09:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr [2009/04/29 00:27:09 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2011/03/15 07:11:08 | 000,004,000 | -H-- | M] () -- C:\dell.sdr [2012/10/11 21:38:34 | 000,000,014 | ---- | M] () -- C:\end [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt [2007/11/07 08:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt [2007/11/07 08:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt [2007/11/07 08:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini [2013/02/08 15:47:29 | 2074,480,639 | -HS- | M] () -- C:\hiberfil.sys [2007/11/07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe [2007/11/07 08:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini [2007/11/07 08:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll [2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll [2007/11/07 08:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll [2007/11/07 08:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll [2007/11/07 08:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll [2007/11/07 08:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll [2007/11/07 08:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll [2007/11/07 08:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll [2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll [2012/04/14 17:21:56 | 000,005,551 | ---- | M] () -- C:\ipconfig.txt [2006/12/01 23:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll [2013/02/08 15:47:28 | 4197,629,951 | -HS- | M] () -- C:\pagefile.sys [2011/10/28 03:32:25 | 000,000,507 | ---- | M] () -- C:\Sys_LogWin.log [2007/11/07 08:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp [2007/11/07 08:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab [2007/11/07 08:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI [2012/04/14 16:44:31 | 000,004,371 | ---- | M] () -- C:\WirelessDiagLog.csv < %systemroot%\system32\Spool\prtprocs\w32x86\*.dll > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\system32\*.exe /lockedfiles > < %systemroot%\System32\config\*.sav > < %PROGRAMFILES%\* > [2009/07/14 12:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini < %USERPROFILE%\..|smtmp;true;true;true /FP > < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dows\WindowsUpdate\AU > < hklm\software\clients\startmenuinternet|command /rs > HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2013/01/16 20:47:25 | 000,864,768 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2013/01/16 20:47:25 | 000,864,768 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2013/01/16 20:47:25 | 000,864,768 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files (x86)\Mozilla Firefox\firefox.exe [2013/01/16 20:47:27 | 000,917,552 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2013/01/16 20:47:27 | 000,917,552 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2013/01/16 20:47:27 | 000,917,552 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\Dell\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2013/01/26 10:35:08 | 001,248,208 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\Dell\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2013/01/26 10:35:08 | 001,248,208 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\Dell\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2013/01/26 10:35:08 | 001,248,208 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\Dell\AppData\Local\Google\Chrome\Application\chrome.exe" [2013/01/26 10:35:08 | 001,248,208 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2012/11/14 15:14:10 | 000,775,184 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2012/11/14 15:14:10 | 000,775,184 | ---- | M] (Microsoft Corporation) < hklm\software\clients\startmenuinternet|command /64 /rs > 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2013/01/16 20:47:25 | 000,864,768 | ---- | M] (Mozilla Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2013/01/16 20:47:25 | 000,864,768 | ---- | M] (Mozilla Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2013/01/16 20:47:25 | 000,864,768 | ---- | M] (Mozilla Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE [2013/01/16 20:47:27 | 000,917,552 | ---- | M] (Mozilla Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2013/01/16 20:47:27 | 000,917,552 | ---- | M] (Mozilla Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2013/01/16 20:47:27 | 000,917,552 | ---- | M] (Mozilla Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2013/01/26 10:35:08 | 001,248,208 | ---- | M] (Google Inc.) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2013/01/26 10:35:08 | 001,248,208 | ---- | M] (Google Inc.) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2013/01/26 10:35:08 | 001,248,208 | ---- | M] (Google Inc.) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2013/01/26 10:35:08 | 001,248,208 | ---- | M] (Google Inc.) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2012/11/14 15:14:10 | 000,050,688 | ---- | M] (Microsoft Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2012/11/14 15:14:10 | 000,050,688 | ---- | M] (Microsoft Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2012/11/14 15:14:10 | 000,050,688 | ---- | M] (Microsoft Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2012/11/14 15:14:10 | 000,775,184 | ---- | M] (Microsoft Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE [2012/11/14 15:14:10 | 000,775,184 | ---- | M] (Microsoft Corporation) < End of report >
-
Finally done! From OTL.txt: OTL logfile created on: 2/8/2013 7:53:05 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dell\Downloads\Programs 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16438) Locale: 00000409 | Country: Malaysia | Language: ENM | Date Format: d/M/yyyy 7.91 Gb Total Physical Memory | 5.75 Gb Available Physical Memory | 72.73% Memory free 15.82 Gb Paging File | 13.47 Gb Available in Paging File | 85.16% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 227.02 Gb Total Space | 34.42 Gb Free Space | 15.16% Space Free | Partition Type: NTFS Drive E: | 223.99 Gb Total Space | 6.53 Gb Free Space | 2.92% Space Free | Partition Type: NTFS Computer Name: DELL-PC | User Name: Dell | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Dell\Downloads\Programs\OTL_2.exe (OldTimer Tools) PRC - C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.) PRC - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation) PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe () PRC - C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (Tonec Inc.) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Garena Plus\ggspawn.dll () MOD - C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll () MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll () MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll () MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll () MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll () MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll () MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll () MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\libxml2.dll () MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe () MOD - C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll () MOD - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF () ========== Services (SafeList) ========== SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com) SRV:64bit: - (STacSV) -- C:\Program Files\IDT\WDM\stacsv64.exe (IDT, Inc.) SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel® Corporation) SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe () SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation) SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel® Corporation) SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV:64bit: - (AESTFilters) -- C:\Program Files\IDT\WDM\AESTSr64.exe (Andrea Electronics Corporation) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) SRV - (avgfws) -- C:\Program Files (x86)\AVG\AVG2013\avgfws.exe (AVG Technologies CZ, s.r.o.) SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.) SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) SRV - (AdvancedSystemCareService6) -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe (IObit) SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (Giraffic) -- C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe (Giraffic) SRV - (PanService) -- C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe (Pandora.TV) SRV - (Bluetooth OBEX Service) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation) SRV - (Bluetooth Media Service) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation) SRV - (Bluetooth Device Monitor) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation) SRV - (Autodesk Licensing Service) -- C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe (Autodesk) SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.) SRV - (Sony Ericsson PCCompanion) -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe (Avanquest Software) SRV - (FreeAgentGoFlex Service) -- C:\Program Files (x86)\Seagate\DriveSettings\Sync\SeagateDriveSettingsService.exe (Seagate Technology LLC) SRV - (RoxWatch12) -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe (Sonic Solutions) SRV - (RoxMediaDB12OEM) -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe (Sonic Solutions) SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (FAService) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe (Sensible Vision ) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (NOBU) -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe (Dell, Inc.) SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe (SoftThinks SAS) SRV - (UI Assistant Service) -- C:\Program Files (x86)\Celcom Broadband\AssistantServices.exe () SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (HssTrayService) -- C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.exe () SRV - (HotspotShieldService) -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe () SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (YahooAUService) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.) ========== Driver Services (SafeList) ========== DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys (AVG Technologies CZ, s.r.o. ) DRV:64bit: - (AVGIDSHA) -- C:\Windows\SysNative\drivers\avgidsha.sys (AVG Technologies CZ, s.r.o. ) DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation) DRV:64bit: - (nvkflt) -- C:\Windows\SysNative\drivers\nvkflt.sys (NVIDIA Corporation) DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (IDMWFP) -- C:\Windows\SysNative\drivers\idmwfp.sys (Tonec Inc.) DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (Avgloga) -- C:\Windows\SysNative\drivers\avgloga.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (Avgfwfd) -- C:\Windows\SysNative\drivers\avgfwd6a.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(http://www.devguru.co.kr)) DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(http://www.devguru.co.kr)) DRV:64bit: - (iBtFltCoex) -- C:\Windows\SysNative\drivers\iBtFltCoex.sys (Intel Corporation) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (btmhsf) -- C:\Windows\SysNative\drivers\btmhsf.sys (Intel Corporation) DRV:64bit: - (btmaux) -- C:\Windows\SysNative\drivers\btmaux.sys (Intel Corporation) DRV:64bit: - (RimUsb) -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys (Research In Motion Limited) DRV:64bit: - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV:64bit: - (RimVSerPort) -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys (Research in Motion Ltd) DRV:64bit: - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.) DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation) DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG) DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation) DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation) DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV:64bit: - (wdkmd) -- C:\Windows\SysNative\drivers\WDKMD.sys (Intel Corporation) DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys (Intel® Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (CtClsFlt) -- C:\Windows\SysNative\drivers\CtClsFlt.sys (Creative Technology Ltd.) DRV:64bit: - (ivusb) -- C:\Windows\SysNative\drivers\ivusb.sys (Initio Corporation) DRV:64bit: - (massfilter) -- C:\Windows\SysNative\drivers\massfilter.sys (MBB Incorporated) DRV:64bit: - (ZTEusbser6k) -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys (ZTE Incorporated) DRV:64bit: - (ZTEusbnmea) -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys (ZTE Incorporated) DRV:64bit: - (ZTEusbmdm6k) -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys (ZTE Incorporated) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (taphss) -- C:\Windows\SysNative\drivers\taphss.sys (AnchorFree Inc) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (ROOTMODEM) -- C:\Windows\SysNative\drivers\rootmdm.sys (Microsoft Corporation) DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (mcdbus) -- C:\Windows\SysNative\drivers\mcdbus.sys (MagicISO, Inc.) DRV:64bit: - (s0017unic) -- C:\Windows\SysNative\drivers\s0017unic.sys (MCCI Corporation) DRV:64bit: - (s0017obex) -- C:\Windows\SysNative\drivers\s0017obex.sys (MCCI Corporation) DRV:64bit: - (s0017nd5) -- C:\Windows\SysNative\drivers\s0017nd5.sys (MCCI Corporation) DRV:64bit: - (s0017mdm) -- C:\Windows\SysNative\drivers\s0017mdm.sys (MCCI Corporation) DRV:64bit: - (s0017mgmt) -- C:\Windows\SysNative\drivers\s0017mgmt.sys (MCCI Corporation) DRV:64bit: - (s0017mdfl) -- C:\Windows\SysNative\drivers\s0017mdfl.sys (MCCI Corporation) DRV:64bit: - (s0017bus) -- C:\Windows\SysNative\drivers\s0017bus.sys (MCCI Corporation) DRV:64bit: - (FACAP) -- C:\Windows\SysNative\drivers\facap.sys (Sensible Vision ) DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation) DRV - (windrvNT) -- C:\Windows\SysWOW64\windrvNT.sys () DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultNetworkProfile = 19156277 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.my/ IE - HKCU\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - No CLSID value found IE - HKCU\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {32919C6B-F0E6-4090-9DCC-0FDD7E058B6F} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKCU\..\SearchScopes\{32919C6B-F0E6-4090-9DCC-0FDD7E058B6F}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={C8168158-3418-4A6F-B72D-09091E1F89AE}&mid=d0221718f89047d0819e6d3e71f7a6ec-93a10a9967e522c238f09cb0b1f5d9bf2afdd182&lang=en&ds=is015&pr=sa&d=2012-07-05 19:09:41&v=11.1.0.12&sap=dsp&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandora.tv/npmini,version=1.0: C:\Program Files (x86)\PANDORA.TV\Launcher\npmini.dll (pandora.tv) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll () FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Dell\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Dell\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Dell\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll (Facebook, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fassoxpcom@sensiblevision.com: C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso\ [2011/03/15 05:06:39 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/01/16 20:47:27 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/01/25 15:30:28 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\wcapturex@deskperience.com: C:\Program Files (x86)\WordWeb\WCaptureMoz [2011/11/09 19:05:45 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Dell\AppData\Roaming\IDM\idmmzcc5 [2012/11/10 23:39:40 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Dell\AppData\Roaming\IDM\idmmzcc5 [2012/11/10 23:39:40 | 000,000,000 | ---D | M] [2013/02/08 19:13:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dell\AppData\Roaming\mozilla\Extensions [2012/10/17 15:01:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012/07/25 18:07:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012/09/05 13:10:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012/10/17 15:01:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2013/01/16 20:47:27 | 000,262,704 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012/07/05 19:09:32 | 000,003,750 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml [2012/09/13 15:40:38 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2013/01/16 20:28:35 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml ========== Chrome ========== CHR - homepage: http://www.google.com.my/ CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}, CHR - homepage: http://www.google.com.my/ CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Dell\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Dell\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Dell\AppData\Local\Google\Chrome\Application\24.0.1312.57\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Dell\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll CHR - plugin: Java Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: mini execute plugin (Enabled) = C:\Program Files (x86)\PANDORA.TV\Launcher\npmini.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Facebook Desktop (Enabled) = C:\Users\Dell\AppData\Local\Facebook\Messenger\2.0.4517.0\npFbDesktopPlugin.dll CHR - plugin: Google Update (Enabled) = C:\Users\Dell\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - Extension: YouTube = C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\ CHR - Extension: VKontakte.ru Downloader = C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\cenmhkmhodnigfjgefjpclkoidioipji\0.2.2.7_0\ CHR - Extension: Adblock Plus = C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.4_0\ CHR - Extension: Tampermonkey = C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo\2.11.3062_0\ CHR - Extension: Session Buddy = C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko\3.1.4_0\ CHR - Extension: IDM Integration = C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.14.4_0\ CHR - Extension: Reload All Tabs = C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpkdnfkjhdkcpimadpdcgapffceacjem\1.2.11_0\ CHR - Extension: Google Mail Checker = C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\ CHR - Extension: Yahoo Mail Widget = C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\opeeoaeaoifnbgnigifffgcmfcfimijl\1.8.5_0\ CHR - Extension: Marc Ecko = C:\Users\Dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\opjonmehjfmkejjifhhknofdnacklmjk\2_0\ O1 HOSTS File: ([2012/02/11 12:20:52 | 000,000,858 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 173.212.255.178 ad.garenanow.com O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.) O2:64bit: - BHO: (SSOIEAddonBHO Class) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll (Sensible Vision ) O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\hssie\HssIE_64.dll (AnchorFree Inc.) O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.) O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (SSOIEAddonBHO Class) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll (Sensible Vision ) O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\hssie\HssIE.dll (AnchorFree Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found. O4:64bit: - HKLM..\Run: [bLEServicesCtrl] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [bTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation) O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [FAStartup] File not found O4 - HKCU..\Run: [iDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.) O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe (Softthinks) O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil64_11_5_502_146_ActiveX.exe -update activex File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm () O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm () O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm () O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm () O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: dell.com ([]* in Trusted sites) O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Reg Error: Key error.) O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {682C59F5-478C-4421-9070-AD170D143B77} http://www.dell.com/support/troubleshooting/Content/Ode/pcd86.cab (Launcher Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} http://xserv.dell.com/DellDriverScanner/DellSystem.CAB (DellSystem.Scanner) O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{56B38CFA-DCB1-459C-82B7-D102964AA3EC}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{56B38CFA-DCB1-459C-82B7-D102964AA3EC}: NameServer = 8.8.8.8,8.8.4.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C551F905-4ED9-411A-9628-72188B93FEAF}: NameServer = 202.188.0.133,202.188.1.5 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O20 - Winlogon\Notify\FastAccess: DllName - (C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll) - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll () O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{7b619fff-0061-11e1-8764-bc7737134f1f}\Shell - "" = AutoRun O33 - MountPoints2\{7b619fff-0061-11e1-8764-bc7737134f1f}\Shell\AutoRun\command - "" = F:\autorun1.exe O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^DFX.lnk - C:\Program Files (x86)\DFX\DFX.exe - () MsConfig:64bit - StartUpReg: AccuWeatherWidget - hkey= - key= - C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe () MsConfig:64bit - StartUpReg: ACPW05EN - hkey= - key= - C:\Program Files (x86)\ACD Systems\ACDSee Pro\5.0\ACDSeeProInTouch2.exe (ACD Systems) MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: Advanced SystemCare 6 - hkey= - key= - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe (IObit) MsConfig:64bit - StartUpReg: Apoint - hkey= - key= - C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.) MsConfig:64bit - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) MsConfig:64bit - StartUpReg: BCSSync - hkey= - key= - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation) MsConfig:64bit - StartUpReg: BTMTrayAgent - hkey= - key= - C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) MsConfig:64bit - StartUpReg: Dell DataSafe Online - hkey= - key= - C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.) MsConfig:64bit - StartUpReg: Dell Registration - hkey= - key= - C:\Program Files (x86)\System Registration\prodreg.exe (Dell, Inc.) MsConfig:64bit - StartUpReg: Dell Webcam Central - hkey= - key= - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd) MsConfig:64bit - StartUpReg: DellStage - hkey= - key= - C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe () MsConfig:64bit - StartUpReg: Desktop Disc Tool - hkey= - key= - c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe () MsConfig:64bit - StartUpReg: Facebook Update - hkey= - key= - C:\Users\Dell\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) MsConfig:64bit - StartUpReg: FATrayAlert - hkey= - key= - C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe (Sensible Vision ) MsConfig:64bit - StartUpReg: GarenaPlus - hkey= - key= - C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe () MsConfig:64bit - StartUpReg: Google Update - hkey= - key= - C:\Users\Dell\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) MsConfig:64bit - StartUpReg: HotKeysCmds - hkey= - key= - C:\Windows\SysNative\hkcmd.exe (Intel Corporation) MsConfig:64bit - StartUpReg: IAStorIcon - hkey= - key= - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) MsConfig:64bit - StartUpReg: IDMan - hkey= - key= - C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.) MsConfig:64bit - StartUpReg: IgfxTray - hkey= - key= - C:\Windows\SysNative\igfxtray.exe (Intel Corporation) MsConfig:64bit - StartUpReg: IntelTBRunOnce - hkey= - key= - C:\Windows\SysNative\wscript.exe (Microsoft Corporation) MsConfig:64bit - StartUpReg: IntelWireless - hkey= - key= - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation) MsConfig:64bit - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.) MsConfig:64bit - StartUpReg: KiesAirMessage - hkey= - key= - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics) MsConfig:64bit - StartUpReg: KiesPDLR - hkey= - key= - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung) MsConfig:64bit - StartUpReg: KiesPreload - hkey= - key= - C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung) MsConfig:64bit - StartUpReg: KiesTrayAgent - hkey= - key= - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) MsConfig:64bit - StartUpReg: NUSB3MON - hkey= - key= - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) MsConfig:64bit - StartUpReg: Persistence - hkey= - key= - C:\Windows\SysNative\igfxpers.exe (Intel Corporation) MsConfig:64bit - StartUpReg: QuickSet - hkey= - key= - C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.) MsConfig:64bit - StartUpReg: RemoteControl - hkey= - key= - C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.) MsConfig:64bit - StartUpReg: RIMBBLaunchAgent.exe - hkey= - key= - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited) MsConfig:64bit - StartUpReg: RoxWatchTray - hkey= - key= - c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions) MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) MsConfig:64bit - StartUpReg: SysTrayApp - hkey= - key= - C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.) MsConfig:64bit - StartUpReg: UIExec - hkey= - key= - C:\Program Files (x86)\Celcom Broadband\UIExec.exe () MsConfig:64bit - StartUpReg: VirtualCloneDrive - hkey= - key= - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG) MsConfig:64bit - State: "bootini" - Reg Error: Key error. MsConfig:64bit - State: "services" - Reg Error: Key error. MsConfig:64bit - State: "startup" - Reg Error: Key error. CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2013/04/13 11:12:44 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll [2013/04/13 11:12:44 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll [2013/04/13 11:12:44 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll [2013/04/13 11:12:44 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe [2013/04/13 11:12:44 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe [2013/04/13 11:12:44 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe [2013/04/13 11:12:44 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll [2013/04/13 11:12:44 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll [2013/04/13 11:12:44 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll [2013/04/13 11:12:44 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll [2013/04/13 11:12:44 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll [2013/04/13 11:12:44 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe [2013/04/13 11:12:44 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys [2013/04/13 11:12:44 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll [2013/04/13 11:12:44 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll [2013/04/13 11:12:44 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll [2013/04/13 11:12:44 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll [2013/04/13 11:12:44 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll [2013/04/13 11:12:44 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys [2013/04/13 11:12:44 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll [2013/04/13 11:12:44 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll [2013/04/13 11:12:44 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll [2013/04/13 11:12:44 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll [2013/04/13 11:12:44 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe [2013/04/13 11:12:08 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2013/04/12 11:17:19 | 000,000,000 | ---D | C] -- C:\Hotspot Shield [2013/04/12 11:16:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield [2013/04/12 11:16:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hotspot Shield [2013/04/11 14:16:55 | 000,000,000 | ---D | C] -- C:\Users\Dell\Desktop\SygicMapAura [2013/02/08 19:13:10 | 000,000,000 | ---D | C] -- C:\Users\Dell\AppData\Roaming\Mozilla [2013/02/08 16:00:33 | 000,000,000 | ---D | C] -- C:\b30021412d5f797dbe4f9609 [2013/02/08 16:00:23 | 000,000,000 | ---D | C] -- C:\b5f401ee95af519fb810b4a43dfd [2013/02/06 22:26:39 | 000,000,000 | ---D | C] -- C:\Users\Dell\AppData\Roaming\AVG2013 [2013/02/06 21:28:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG [2013/02/06 21:26:15 | 000,000,000 | -H-D | C] -- C:\$AVG [2013/02/06 21:26:15 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013 [2013/02/06 21:25:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG [2013/02/06 21:06:32 | 000,000,000 | ---D | C] -- C:\Users\Dell\AppData\Local\MFAData [2013/02/06 21:06:32 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData [2013/02/06 21:06:32 | 000,000,000 | ---D | C] -- C:\Users\Dell\AppData\Local\Avg2013 [2013/02/02 19:04:20 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur [2013/02/02 17:19:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2013/01/25 15:33:00 | 000,000,000 | ---D | C] -- C:\Users\Dell\Documents\Biomed Sem 1 [2013/01/21 14:35:05 | 000,000,000 | ---D | C] -- C:\GarenaDownload [2013/01/17 15:47:30 | 000,000,000 | ---D | C] -- C:\Users\Dell\Desktop\Aura [2013/01/17 15:47:22 | 000,000,000 | ---D | C] -- C:\Users\Dell\DesktopAura [2013/01/17 14:27:12 | 000,000,000 | ---D | C] -- C:\Users\Dell\AppData\Local\CRE [2013/01/17 03:02:29 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2013/01/17 03:02:29 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2013/01/17 03:02:29 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2013/01/17 03:02:28 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2013/01/17 01:05:56 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2013/01/17 01:05:56 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll [2013/01/17 01:04:48 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll [2013/01/17 01:04:48 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll [2013/01/17 01:04:48 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2013/01/17 01:04:47 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll [2013/01/17 01:04:42 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs [2013/01/17 01:04:42 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs [2013/01/17 01:04:41 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs [2013/01/17 01:04:41 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs [2013/01/17 01:04:40 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs [2013/01/17 01:04:40 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs [2013/01/17 01:04:40 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs [2013/01/17 01:04:40 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs [2013/01/17 01:04:39 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs [2013/01/17 01:04:37 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs [2013/01/17 01:04:35 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs [2013/01/17 01:04:34 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs [2013/01/17 01:04:34 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs [2013/01/17 01:04:34 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs [2013/01/17 01:04:34 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs [2013/01/17 01:04:34 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs [2013/01/17 01:04:34 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs [2013/01/17 01:04:33 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll [2013/01/17 01:04:33 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll [2013/01/17 01:04:33 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs [2013/01/17 01:04:33 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs [2013/01/17 01:04:33 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs [2013/01/17 01:04:32 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll [2013/01/17 01:04:32 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll [2013/01/17 01:04:29 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs [2013/01/17 01:04:29 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs [2013/01/17 01:04:29 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs [2013/01/17 01:04:29 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs [2013/01/17 01:04:29 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs [2013/01/17 01:04:28 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs [2013/01/17 01:04:28 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs [2013/01/17 01:04:28 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs [2013/01/17 01:04:02 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2013/01/17 01:04:01 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2013/01/17 01:03:59 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2013/01/17 01:03:59 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2013/01/17 01:03:59 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2013/01/17 01:03:59 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2013/01/17 01:03:59 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2013/01/17 01:03:59 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2013/01/17 01:03:59 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2013/01/17 01:03:59 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2013/01/17 01:03:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2013/01/17 01:03:56 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2013/01/17 01:03:56 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2013/01/17 01:03:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2013/01/17 01:03:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2013/01/17 01:03:55 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2013/01/17 01:03:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2013/01/17 01:03:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2013/01/17 01:03:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2013/01/17 01:03:54 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2013/01/17 01:03:54 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2013/01/17 01:03:54 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2013/01/17 01:03:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2013/01/17 01:03:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2013/01/17 01:03:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2013/01/17 01:03:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2013/01/17 01:03:54 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2013/01/17 01:03:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2013/01/17 01:03:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2013/01/17 01:03:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2013/01/17 01:03:53 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2013/01/17 01:03:53 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2013/01/17 01:03:53 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2013/01/17 01:03:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2013/01/17 01:03:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2013/01/17 01:03:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2013/01/17 01:03:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2013/01/17 01:03:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2013/01/17 01:03:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2013/01/17 01:03:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2013/01/17 01:03:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2013/01/17 01:03:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2013/01/17 01:03:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2013/01/17 01:03:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2013/01/17 01:03:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2013/01/17 01:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2013/01/17 01:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2013/01/17 01:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2013/01/17 01:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2013/01/17 01:03:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2013/01/17 01:03:51 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2013/01/17 01:03:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2013/01/17 01:03:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2013/01/17 01:03:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2013/01/17 01:03:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2013/01/17 01:03:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2013/01/17 01:03:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2013/01/17 01:03:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2013/01/17 01:03:50 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2013/01/17 01:03:50 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2013/01/17 01:03:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2013/01/17 01:03:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2013/01/17 01:03:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2013/01/17 01:03:49 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2013/01/17 01:03:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2013/01/17 01:03:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2013/01/17 01:03:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2013/01/17 01:03:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2013/01/17 01:03:49 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2013/01/17 01:03:22 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe [2013/01/16 22:42:42 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Support Center [2013/01/16 22:42:41 | 000,000,000 | ---D | C] -- C:\ProgramData\PC-Doctor for Windows [2013/01/16 20:20:31 | 000,000,000 | ---D | C] -- C:\Users\Dell\AppData\Local\Programs [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Users\Dell\AppData\Local\*.tmp files -> C:\Users\Dell\AppData\Local\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013/04/13 21:05:17 | 000,000,135 | ---- | M] () -- C:\Windows\AutoKMS.ini [2013/04/13 16:47:44 | 000,001,678 | ---- | M] () -- C:\Users\Dell\Documents\cc_20130413_164740.reg [2013/04/13 11:12:44 | 005,773,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll [2013/04/13 11:12:44 | 004,916,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll [2013/04/13 11:12:44 | 003,174,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll [2013/04/13 11:12:44 | 001,123,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe [2013/04/13 11:12:44 | 001,048,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe [2013/04/13 11:12:44 | 000,384,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe [2013/04/13 11:12:44 | 000,322,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll [2013/04/13 11:12:44 | 000,269,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll [2013/04/13 11:12:44 | 000,243,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll [2013/04/13 11:12:44 | 000,228,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll [2013/04/13 11:12:44 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll [2013/04/13 11:12:44 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe [2013/04/13 11:12:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys [2013/04/13 11:12:44 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll [2013/04/13 11:12:44 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll [2013/04/13 11:12:44 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll [2013/04/13 11:12:44 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll [2013/04/13 11:12:44 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll [2013/04/13 11:12:44 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys [2013/04/13 11:12:44 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll [2013/04/13 11:12:44 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll [2013/04/13 11:12:44 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll [2013/04/13 11:12:44 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll [2013/04/13 11:12:44 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe [2013/04/13 11:12:08 | 001,448,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2013/02/08 19:59:03 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/02/08 19:33:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-314255665-2411048613-93734686-1001UA.job [2013/02/08 19:32:12 | 000,014,022 | ---- | M] () -- C:\Users\Dell\Desktop\attach.zip [2013/02/08 19:13:34 | 000,002,042 | ---- | M] () -- C:\Users\Dell\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2013/02/08 19:00:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013/02/08 18:56:24 | 000,045,270 | ---- | M] () -- C:\Users\Dell\AppData\Roaming\room_v3.dat [2013/02/08 17:52:01 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-314255665-2411048613-93734686-1001UA.job [2013/02/08 17:48:32 | 000,022,704 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/02/08 17:48:32 | 000,022,704 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/02/08 15:48:04 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013/02/08 15:47:33 | 000,000,198 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job [2013/02/08 15:47:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/02/08 15:47:29 | 2074,480,639 | -HS- | M] () -- C:\hiberfil.sys [2013/02/08 09:33:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-314255665-2411048613-93734686-1001Core.job [2013/02/08 09:11:02 | 000,726,444 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013/02/08 09:11:02 | 000,628,874 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013/02/08 09:11:02 | 000,111,026 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013/02/07 14:52:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-314255665-2411048613-93734686-1001Core.job [2013/01/31 20:09:58 | 868,940,407 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013/01/30 12:35:46 | 000,193,687 | ---- | M] () -- C:\Users\Dell\Desktop\Permohonan Berjaya.pdf [2013/01/27 22:21:10 | 000,365,568 | ---- | M] () -- C:\Users\Dell\Desktop\gmer.exe [2013/01/17 14:25:35 | 000,000,965 | ---- | M] () -- C:\Users\Dell\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk [2013/01/17 14:25:35 | 000,000,941 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk [2013/01/17 11:09:32 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013/01/17 11:09:32 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013/01/17 03:26:38 | 000,532,968 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013/01/16 20:15:40 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2013/01/14 11:25:31 | 000,000,600 | ---- | M] () -- C:\Users\Dell\PUTTY.RND [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Users\Dell\AppData\Local\*.tmp files -> C:\Users\Dell\AppData\Local\*.tmp -> ] ========== Files Created - No Company Name ========== [2013/04/13 21:05:17 | 000,000,198 | ---- | C] () -- C:\Windows\tasks\AutoKMS.job [2013/04/13 21:05:17 | 000,000,135 | ---- | C] () -- C:\Windows\AutoKMS.ini [2013/04/13 16:47:42 | 000,001,678 | ---- | C] () -- C:\Users\Dell\Documents\cc_20130413_164740.reg [2013/02/08 19:32:12 | 000,014,022 | ---- | C] () -- C:\Users\Dell\Desktop\attach.zip [2013/02/08 19:16:25 | 000,365,568 | ---- | C] () -- C:\Users\Dell\Desktop\gmer.exe [2013/01/31 20:09:58 | 868,940,407 | ---- | C] () -- C:\Windows\MEMORY.DMP [2013/01/30 12:35:45 | 000,193,687 | ---- | C] () -- C:\Users\Dell\Desktop\Permohonan Berjaya.pdf [2013/01/17 14:25:35 | 000,000,965 | ---- | C] () -- C:\Users\Dell\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk [2013/01/17 14:25:35 | 000,000,941 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk [2012/10/16 03:03:38 | 000,000,600 | ---- | C] () -- C:\Users\Dell\PUTTY.RND [2012/05/23 18:49:34 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2012/05/23 18:49:32 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2012/05/23 18:49:32 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2012/05/23 18:49:32 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2012/05/23 18:49:32 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2012/05/15 22:25:57 | 000,014,848 | ---- | C] () -- C:\Users\Dell\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/04/08 01:26:42 | 000,315,392 | ---- | C] ( ) -- C:\Windows\SysWow64\sbcrreag.dll [2012/01/04 21:59:58 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2012/01/04 08:43:35 | 000,000,000 | ---- | C] () -- C:\Windows\PowerReg.dat [2011/12/29 11:42:57 | 000,000,000 | ---- | C] () -- C:\Users\Dell\AppData\Local\{0D466602-490D-4B5D-BDFB-28A517FC7FCF} [2011/12/04 15:38:31 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2011/12/04 15:38:31 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2011/12/04 15:38:31 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2011/11/09 23:48:08 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\suppdll.dll [2011/11/09 23:48:08 | 000,035,363 | ---- | C] () -- C:\Windows\SysWow64\windrvNT.sys [2011/11/09 19:05:46 | 002,212,096 | ---- | C] () -- C:\Windows\wweb32.dll [2011/11/08 08:37:29 | 000,000,000 | ---- | C] () -- C:\Users\Dell\AppData\Local\{9A18882D-D8A9-4C1E-9239-06BDD4820DC2} [2011/10/28 03:32:24 | 000,197,728 | ---- | C] () -- C:\Windows\WinVd32.sys [2011/10/28 03:32:21 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\WinFLsrv.exe [2011/10/27 16:38:05 | 000,059,663 | ---- | C] () -- C:\Windows\War3Unin.dat [2011/10/27 13:22:48 | 000,045,270 | ---- | C] () -- C:\Users\Dell\AppData\Roaming\room_v3.dat [2011/10/20 14:05:04 | 000,012,800 | ---- | C] () -- C:\Windows\DCEBoot64.exe [2011/10/20 13:36:29 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011/03/15 07:19:46 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2011/03/15 07:19:46 | 000,207,376 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2011/03/15 07:19:45 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2011/03/15 07:19:21 | 000,000,096 | ---- | C] () -- C:\Windows\LaunApp.ini [2011/03/15 07:19:19 | 000,000,271 | ---- | C] () -- C:\Windows\WisPriority.ini [2011/03/15 07:19:19 | 000,000,035 | ---- | C] () -- C:\Windows\DELL_LANGCODE.ini [2011/03/15 07:19:19 | 000,000,033 | ---- | C] () -- C:\Windows\DELL_OSTYPE.ini [2011/03/15 07:19:19 | 000,000,032 | ---- | C] () -- C:\Windows\WisHWDest.ini [2011/03/15 07:19:19 | 000,000,028 | ---- | C] () -- C:\Windows\WisLangCode.ini [2011/03/15 07:19:19 | 000,000,023 | ---- | C] () -- C:\Windows\WisSysInfo.ini [2011/03/15 04:49:24 | 000,017,776 | ---- | C] () -- C:\Windows\EvtMessage.dll [2011/03/15 04:43:07 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll ========== ZeroAccess Check ========== [2009/07/14 12:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 13:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 12:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 09:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 20:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 09:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== ========== Purity Check ========== ========== Custom Scans ========== ========== Drive Information ========== Physical Drives --------------- Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media Interface type: IDE Media Type: Fixed hard disk media Model: SAMSUNG HM500JJ Partitions: 4 Status: OK Status Info: 0 Partitions --------------- DeviceID: Disk #0, Partition #0 PartitionType: Unknown Bootable: False BootPartition: False PrimaryPartition: True Size: 100.00MB Starting Offset: 1048576 Hidden sectors: 0 DeviceID: Disk #0, Partition #1 PartitionType: Installable File System Bootable: True BootPartition: True PrimaryPartition: True Size: 15.00GB Starting Offset: 105906176 Hidden sectors: 0 DeviceID: Disk #0, Partition #2 PartitionType: Installable File System Bootable: False BootPartition: False PrimaryPartition: True Size: 227.00GB Starting Offset: 15834546176 Hidden sectors: 0 DeviceID: Disk #0, Partition #3 PartitionType: Extended w/Extended Int 13 Bootable: False BootPartition: False PrimaryPartition: False Size: 224.00GB Starting Offset: 259601203200 Hidden sectors: 0
-
@KenB The scanners are Avast, MBAM and SUPERAntiSpyware (in that order). Avast detect 1 malware, Next MBAM detect none, and SUPERAntiSpyware detect about 73 stuff. i copied the log in the post above.
-
The scanner that detected those is SUPERAntiSpyware. mainly minor cookies i think. Here is the log: SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 02/05/2013 at 03:53 PM Application Version : 5.6.1014 Core Rules Database Version : 9970 Trace Rules Database Version: 7782 Scan type : Complete Scan Total Scan Time : 00:41:43 Operating System Information Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601) UAC On - Limited User Memory items scanned : 421 Memory threats detected : 0 Registry items scanned : 80079 Registry threats detected : 0 File items scanned : 71948 File threats detected : 73 Adware.Tracking Cookie C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Cookies\KP2EESK1.txt [ /flagcounter.com ] C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Cookies\LNV6A912.txt [ /atdmt.com ] C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Cookies\7NJHU3WV.txt [ /server.cpmstar.com ] http://www.presentermedia.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .presentermedia.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .presentermedia.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .presentermedia.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .histats.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .histats.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .histats.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .imrworldwide.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .imrworldwide.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .flagcounter.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .dmtracker.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] in.getclicky.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] insight.torbit.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .xiti.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .yadro.ru [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .legolas-media.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .premiumtv.122.2o7.net [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] accounts.google.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] wstat.wibiya.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] m1.webstats.motigo.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] a.6164.v10.altmedia.my [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .altmedia.122.2o7.net [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tracker.digitalfive.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tracker.digitalfive.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tracker.digitalfive.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .mediafire.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] uk.sitestat.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] uk.sitestat.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .accounts.google.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .accounts.google.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] statse.webtrendslive.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .gostats.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .gostats.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .legolas-media.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .legolas-media.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tns-counter.ru [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .doubleclick.net [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .mediafire.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .mediafire.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .mediafire.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] loader.altmedia.my [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .flagcounter.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .stats.complex.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .stats.complex.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .stats.complex.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .stats.slashgear.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .stats.slashgear.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .stats.slashgear.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .stats.slashgear.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .stats.slashgear.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .hearstmagazines.112.2o7.net [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] accounts.google.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .c.gigcount.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] counters.gigya.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .flagcounter.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .flagcounter.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .microsoftsto.112.2o7.net [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .2o7.net [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .flagcounter.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .123count.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .123count.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .123count.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] accounts.google.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] accounts.google.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .statcounter.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .statcounter.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] c0.histats.12mlbe.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] accounts.google.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] accounts.google.com [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .singaporetourismboard.122.2o7.net [ C:\USERS\DELL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
-
Here we goes: Malwarebytes Anti-Malware 1.70.0.1100 http://www.malwarebytes.org Database version: v2013.02.05.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16439 Dell :: DELL-PC [administrator] 5/2/2013 3:54:37 PM mbam-log-2013-02-05 (15-54-37).txt Scan type: Full scan (C:\|E:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 554950 Time elapsed: 1 hour(s), 16 minute(s), 11 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
-
Hello~ Recently my laptop is so fail. It used to run very smoothly. 1) Long ago i updated my bluetooth adapter driver, and the caused malfunction. I downloaded the driver from Dell Support website (apparently there are 3 under 'Network', and i get a lucky shot) and the bluetooth is fucntioning once again. however i checked through the device manager and found '!' marks on Bluetooth Peripheral Device. something is not right... 2) Recent windows update (automatically) has failed to install over and over again, hence prompting to redownload the same update every time i turn on the laptop. Specifically, its is 'security update for the .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2: January 8, 2013 (KB2742595)'.. There is another update coming (also tagged as Important) but come to fail as well. So currently there is 2 pending updates... 3) While im having these problem, the boot time has increases noticeably. Long black screen appears before the login page turn up. Some says this is related to device/driver error. im not sure myself. 4) Very recently i have my Avast Antivirus not working (turned off) and every time i ask it to turn on or resume, nothing happens. It remain not-functioning and so, i uninstall Avast and adopt AVG Antivirus. i think this is around when i was installing the bluetooth driver from Dell. it works though! but the '!' mark persist. 5) Before my Avast failed, i did scan my laptop for virus/malwares in safe mode. Using Avast, SUPERSpyware and Malwarebyte, i managed to remove a few of them but the cleaning has done nothing good to the problem. and by the way before that, i also performed clean boot (msconfig, hiding all Microsoft services, bla3) as stated in the following link: http://support.microsoft.com/kb/929135 So these are the things that has changed my super cool laptop in to something else. The speed is also noticeably slower than usual.. especially when doing too many stuff like gaming and all. Here are the specs: [TABLE=width: 100%] [TR=bgcolor: #F0F0F0] [TD]Name[/TD] [TD]Windows 7 Home Premium x64 Service Pack 1[/TD] [/TR] [TR] [TD]Features[/TD] [TD]Terminal Services in Remote Admin Mode, 64 Bit Edition, Media Center Edition, Multiprocessor Free, OEM-Version[/TD] [/TR] [TR=bgcolor: #F0F0F0] [TD]SKU[/TD] [TD]Home Basic Premium Edition[/TD] [/TR] [TR] [TD]Activation Status[/TD] [TD]Activated[/TD] [/TR] [TR=bgcolor: #F0F0F0] [TD]Checked Build[/TD] [TD]No[/TD] [/TR] [TR] [TD]UAC Enabled[/TD] [TD]Yes[/TD] [/TR] [TR=bgcolor: #F0F0F0] [TD]Boot Device[/TD] [TD]\Device\HarddiskVolume2[/TD] [/TR] [TR] [TD]System Device[/TD] [TD]\Device\HarddiskVolume3[/TD] [/TR] [TR=bgcolor: #F0F0F0] [TD]Kernel Version[/TD] [TD]6.1.7601.17944[/TD] [/TR] [TR] [TD]Security[/TD] [TD]256 bits[/TD] [/TR] [TR=bgcolor: #F0F0F0] [TD]Product Name[/TD] [TD]Windows 7 Home Premium[/TD] [/TR] [TR] [TD]Build Lab[/TD] [TD]7601.win7sp1_gdr.120830-0333[/TD] [/TR] [TR=bgcolor: #F0F0F0] [TD] [/TD] [TD] [/TD] [/TR] [TR] [TD]License Status[/TD] [TD]Licensed (Windows Operating System - Windows® 7, OEM_SLP channel)[/TD] [/TR] [TR=bgcolor: #F0F0F0] [TD]Hardware DEP Available[/TD] [TD]Yes[/TD] [/TR] [TR] [TD]DEP for 32 Bits Applications[/TD] [TD]Yes[/TD] [/TR] [TR=bgcolor: #F0F0F0] [TD]DEP for Drivers[/TD] [TD]Yes[/TD] [/TR] [TR] [TD]DEP Policy[/TD] [TD]OptIn (only Windows system binaries)[/TD] [/TR] [TR=bgcolor: #F0F0F0] [TD]Windows Update's version number[/TD] [TD]7.6.7600.256[/TD] [/TR] [TR] [TD]Owner[/TD] [TD]Dell[/TD] [/TR] [TR=bgcolor: #F0F0F0] [TD] [/TD] [TD] [/TD] [/TR] [TR] [TD] [/TD] [TD] [/TD] [/TR] [TR=bgcolor: #F0F0F0] [TD]Restore Points[/TD] [TD] [/TD] [/TR] [TR] [TD]Installed AVG 2013[/TD] [TD]2013-02-06 13:24:51[/TD] [/TR] [TR=bgcolor: #F0F0F0] [TD]Installed AVG 2013[/TD] [TD]2013-02-06 13:25:39[/TD] [/TR] [TR] [TD]Windows Update[/TD] [TD]2013-02-06 15:06:37[/TD] [/TR] [TR=bgcolor: #F0F0F0] [TD]Windows Update[/TD] [TD]2013-02-06 19:00:26[/TD] [/TR] [TR] [TD]Windows Update[/TD] [TD]2013-02-06 19:28:51[/TD] [/TR] [TR=bgcolor: #F0F0F0] [TD]Windows Update[/TD] [TD]2013-02-07 19:00:10[/TD] [/TR] [TR] [TD]Windows Update[/TD] [TD]2013-02-08 01:35:14[/TD] [/TR] [TR=bgcolor: #F0F0F0] [TD]Windows Update[/TD] [TD]2013-02-08 07:59:13[/TD] [/TR] [TR] [TD]Windows Update[/TD] [TD]2013-02-08 08:00:07[/TD] [/TR] [TR=bgcolor: #F0F0F0] [TD] [/TD] [TD] [/TD] [/TR] [TR] [TD]User Name[/TD] [TD]Dell[/TD] [/TR] [TR=bgcolor: #F0F0F0] [TD]Workgroup[/TD] [TD]WORKGROUP[/TD] [/TR] [TR] [TD]Computer Name[/TD] [TD]DELL-PC[/TD] [/TR] [TR=bgcolor: #F0F0F0] [TD]Language[/TD] [TD]English (Malaysia)[/TD] [/TR] [TR] [TD]Installation Time[/TD] [TD]2011-10-20 13:26:53[/TD] [/TR] [TR=bgcolor: #F0F0F0] [TD]Boot Time[/TD] [TD]2013-02-08 15:45:18[/TD] [/TR] [TR] [TD]Up Time[/TD] [TD]1 Hour 58 Minutes 41 seconds[/TD] [/TR] [/TABLE] Pls help me. i want my old super cool laptop back!