Slow Laptop

[himecakie]

My laptop all of a sudden is running really slow, its been quite recent but it won't run fast again. I bought my laptop less than a month ago and started running slow like a week now.

 

The specs on my pc are dual core i5, 8GB ram, Nvidia geforce GT 630m, 1000GB hard drive.

 

Please help, I just can't seem to find anything to fix my pc. I've run disk clean up, defrag, used msconfig. Nothing works. When I turn on my pc, window loads really slow, and anything i open, it takes a while also, or even switching using alt tab etc.

[Plastic Nev]

Hi and welcome to Extreme Tech Support - Free PC Help,

sudden slow running can be a variety of things, but the most common is malware of some sort.

You haven't said which or what type of security you have in the way of firewall, anti-virus, or other malware protection.

Can you let us know what you do have. please.

 

To make a start in that area, please download, update, then run a scan with Malwarebytes, download the free version from here=

 

http://www.malwarebytes.org/

 

Just click on the white "Download Now" button, that sends you to a mirror site, that is normal.

download from that site the Malwarebytes program, not any other buttons on that page.

 

Once you have installed it, click the update to get the latest version, and run a scan. When it has finished it opens notepad with a log of what it found, please copy and paste that into your next reply.

 

Nev.

[himecakie]

Hi sorry, I already have malwarebyte, and I scanned my PC, nothing came up, I also have Microsoft security essentials and ccleaner for registry. I already done all of them but laptop is still running slow.

[Starbuck]

Let's see if OTL can throw any light on this:

 

• Download OTL to your desktop.
  right click on the link and select 'Save Link/Target As'.
   
  if you have problems, try this download link:
  OTL
  
• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  
• When the window appears, underneath Output at the top change it to Minimal Output.
  
• Check the boxes beside LOP Check and Purity Check

.

 

.

http://img.photobucket.com/albums/v708/starbuck50/new/Otllatest.png

 

Now copy the lines in bold below.

 

netsvcs

msconfig

%SYSTEMDRIVE%\*.*

%systemroot%\system32\Spool\prtprocs\w32x86\*.dll

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

%systemroot%\system32\drivers\*.sys /lockedfiles

%systemroot%\system32\*.exe /lockedfiles

%systemroot%\System32\config\*.sav

%PROGRAMFILES%\*

%USERPROFILE%\..|smtmp;true;true;true /FP

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU

hklm\software\clients\startmenuinternet|command /rs

hklm\software\clients\startmenuinternet|command /64 /rs

CREATERESTOREPOINT

 

• right click in the Custom Scans/Fixes window (under the blue bar) and choose Paste.
   
  http://img.photobucket.com/albums/v708/starbuck50/new%20forum/scan-fix.png
  .
  
• Click the Run Scan button.
   
  http://img.photobucket.com/albums/v708/starbuck50/runscan.png
   
  
• Do not change any settings unless otherwise told to do so. The scan wont take long.
  
• When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them with your next reply.

 

Thanks

[himecakie]

OTL.Txt

 

OTL logfile created on: 17/2/2012 22:36:55 - Run 1

OTL by OldTimer - Version 3.2.32.0 Folder = C:\Users\User\Downloads

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000C04 | Country: Hong Kong S.A.R. | Language: ZHH | Date Format: d/M/yyyy

 

6.36 Gb Total Physical Memory | 4.62 Gb Available Physical Memory | 72.65% Memory free

12.71 Gb Paging File | 10.93 Gb Available in Paging File | 85.94% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 456.45 Gb Total Space | 381.99 Gb Free Space | 83.69% Space Free | Partition Type: NTFS

Drive D: | 456.96 Gb Total Space | 456.86 Gb Free Space | 99.98% Space Free | Partition Type: NTFS

 

Computer Name: USER-PC | User Name: User | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - C:\Users\User\Downloads\OTL.exe (OldTimer Tools)

PRC - C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe (CyberLink Corp.)

PRC - C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe ()

PRC - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)

PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)

PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)

PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)

 

 

========== Modules (No Company Name) ==========

 

MOD - C:\Users\User\AppData\Local\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll ()

MOD - C:\Users\User\AppData\Local\Google\Chrome\Application\16.0.912.77\pdf.dll ()

MOD - C:\Users\User\AppData\Local\Google\Chrome\Application\16.0.912.77\avutil-51.dll ()

MOD - C:\Users\User\AppData\Local\Google\Chrome\Application\16.0.912.77\avformat-53.dll ()

MOD - C:\Users\User\AppData\Local\Google\Chrome\Application\16.0.912.77\avcodec-53.dll ()

MOD - C:\Users\User\AppData\Local\Google\Chrome\Application\16.0.912.77\gcswf32.dll ()

MOD - C:\Users\User\AppData\Local\Google\Chrome\APPLIC~1\160912~1.77\gcswf32.dll ()

MOD - C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll ()

MOD - C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll ()

MOD - C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe ()

MOD - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\sqlite.dll ()

 

 

========== Win32 Services (SafeList) ==========

 

SRV:64bit: - (ePowerSvc) -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated)

SRV:64bit: - (NisSrv) -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)

SRV:64bit: - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)

SRV:64bit: - (Live Updater Service) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Acer Incorporated)

SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel® Corporation)

SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)

SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)

SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)

SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)

SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Atheros Commnucations)

SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)

SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)

SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

SRV - (GREGService) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)

SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)

SRV - (IAStorDataMgrSvc) Intel® -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)

SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (NTI Corporation)

SRV - (UNS) Intel® -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)

SRV - (LMS) Intel® -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)

SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)

SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)

SRV - (NOBU) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation)

SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)

SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

 

 

========== Driver Services (SafeList) ==========

 

DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)

DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)

DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NTI Corporation)

DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NTI Corporation)

DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros)

DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros)

DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Atheros)

DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros)

DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Atheros)

DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros)

DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\drivers\btath_avdt.sys (Atheros)

DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Atheros)

DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)

DRV:64bit: - (Netaapl) -- C:\Windows\SysNative\drivers\netaapl64.sys (Apple Inc.)

DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)

DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)

DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)

DRV:64bit: - (bScsiMSa) -- C:\Windows\SysNative\drivers\bScsiMSa.sys (Broadcom Corporation)

DRV:64bit: - (k57nd60a) Broadcom NetLink -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (bScsiSDa) -- C:\Windows\SysNative\drivers\bScsiSDa.sys (Broadcom Corporation)

DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)

DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)

DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)

DRV:64bit: - (b57xdmp) -- C:\Windows\SysNative\drivers\b57xdmp.sys (Broadcom Corporation)

DRV:64bit: - (b57xdbd) -- C:\Windows\SysNative\drivers\b57xdbd.sys (Broadcom Corporation)

DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys (Intel® Corporation)

DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)

DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)

DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)

DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)

DRV:64bit: - (MEIx64) Intel® -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)

DRV:64bit: - (IntcDAud) Intel® -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)

DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)

DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)

DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)

DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)

DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)

DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)

DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)

DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)

DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)

DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)

DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com

IE - HKLM\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com

IE - HKCU\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\User\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\User\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

 

 

[2012/02/17 21:33:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\extensions

[2012/02/17 21:33:46 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}

 

========== Chrome ==========

 

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\User\AppData\Local\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\User\AppData\Local\Google\Chrome\Application\16.0.912.77\pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\User\AppData\Local\Google\Chrome\Application\16.0.912.77\gcswf32.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL

CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: Google Update (Enabled) = C:\Users\User\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

CHR - Extension: YouTube = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\

CHR - Extension: Google Search = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\

CHR - Extension: DealPly = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje\3.0.7.2_0\

CHR - Extension: Cath Kidston = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndlpkmaeinmnbiadacenijnhlolneopm\3_0\

CHR - Extension: uTorrentControl2 = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.3.3_0\

CHR - Extension: Gmail = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

 

O1 HOSTS File: ([2009/06/10 21:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2 - BHO: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)

O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)

O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly Technologies Ltd)

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)

O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)

O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)

O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2C141DF9-08FE-4FBB-A6D0-5DCB114C4660}: DhcpNameServer = 194.168.4.100 194.168.8.100

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{74A358C4-170F-478C-B4A1-294AB47C3D6C}: DhcpNameServer = 172.30.139.17 172.30.139.17

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B9E68A21-BC2F-4966-AA98-B7A131E87E55}: DhcpNameServer = 194.168.4.100 194.168.8.100

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)

O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

 

MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

MsConfig:64bit - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

MsConfig:64bit - StartUpReg: ArcadeMovieService - hkey= - key= - C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe (CyberLink Corp.)

MsConfig:64bit - StartUpReg: AthBtTray - hkey= - key= - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)

MsConfig:64bit - StartUpReg: AtherosBtStack - hkey= - key= - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations)

MsConfig:64bit - StartUpReg: BackupManagerTray - hkey= - key= - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)

MsConfig:64bit - StartUpReg: Dolby Advanced Audio v2 - hkey= - key= - C:\Dolby PCEE4\pcee4.exe (Dolby Laboratories Inc.)

MsConfig:64bit - StartUpReg: EA Core - hkey= - key= - C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (Electronic Arts)

MsConfig:64bit - StartUpReg: ETDCtrl - hkey= - key= - C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)

MsConfig:64bit - StartUpReg: Google Update - hkey= - key= - C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)

MsConfig:64bit - StartUpReg: HotKeysCmds - hkey= - key= - C:\Windows\SysNative\hkcmd.exe (Intel Corporation)

MsConfig:64bit - StartUpReg: IgfxTray - hkey= - key= - C:\Windows\SysNative\igfxtray.exe (Intel Corporation)

MsConfig:64bit - StartUpReg: IntelTBRunOnce - hkey= - key= - C:\Windows\SysNative\wscript.exe (Microsoft Corporation)

MsConfig:64bit - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)

MsConfig:64bit - StartUpReg: LManager - hkey= - key= - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)

MsConfig:64bit - StartUpReg: Norton Online Backup - hkey= - key= - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)

MsConfig:64bit - StartUpReg: Persistence - hkey= - key= - C:\Windows\SysNative\igfxpers.exe (Intel Corporation)

MsConfig:64bit - StartUpReg: Power Management - hkey= - key= - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)

MsConfig:64bit - StartUpReg: RtHDVBg_Dolby - hkey= - key= - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)

MsConfig:64bit - StartUpReg: RtHDVCpl - hkey= - key= - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

MsConfig:64bit - StartUpReg: Steam - hkey= - key= - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)

MsConfig:64bit - State: "bootini" - Reg Error: Key error.

MsConfig:64bit - State: "services" - Reg Error: Key error.

MsConfig:64bit - State: "startup" - Reg Error: Key error.

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 

========== Files/Folders - Created Within 30 Days ==========

 

[2012/02/17 22:25:05 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Adobe

[2012/02/17 22:14:05 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\sims 3 crack

[2012/02/17 22:05:44 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\WinZip

[2012/02/17 21:33:45 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Mozilla

[2012/02/17 21:33:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit

[2012/02/17 21:33:40 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Conduit

[2012/02/17 21:33:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrentControl2

[2012/02/17 21:30:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent

[2012/02/17 21:30:06 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\uTorrent

[2012/02/17 20:50:01 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\CrashDumps

[2012/02/17 19:38:18 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\the sims 3 late night

[2012/02/17 17:39:26 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jv16 PowerTools 2011

[2012/02/17 17:39:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\jv16 PowerTools 2011

[2012/02/17 17:34:44 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Malwarebytes

[2012/02/17 17:34:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2012/02/17 17:34:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2012/02/17 17:34:32 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2012/02/17 17:34:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2012/02/17 17:20:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip

[2012/02/17 17:20:13 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip

[2012/02/17 17:20:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinZip

[2012/02/17 17:19:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite

[2012/02/17 17:18:57 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys

[2012/02/17 17:18:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite

[2012/02/17 17:18:17 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\DAEMON Tools Lite

[2012/02/17 17:18:14 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite

[2012/02/17 17:17:46 | 000,000,000 | ---D | C] -- C:\Windows\pss

[2012/02/07 20:28:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache

[2012/02/07 18:10:40 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\ccleaner registry

[2012/02/07 09:36:12 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Electronic Arts

[2012/02/07 09:32:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts

[2012/02/07 09:02:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft WSE

[2012/02/07 09:01:41 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll

[2012/02/07 09:01:41 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll

[2012/02/07 08:45:29 | 005,044,064 | ---- | C] (Electronic Arts, Inc.) -- C:\Users\User\Desktop\TSLHost.dll

[2012/02/07 08:40:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts

[2012/02/07 07:55:45 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\music

[2012/02/07 07:49:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat

[2012/02/07 07:49:12 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat

[2012/02/07 07:47:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET

[2012/02/07 05:19:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

[2012/02/07 05:19:39 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

[2012/02/07 05:19:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly

[2012/02/07 05:19:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DealPly

[2012/02/07 05:07:20 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Apple Computer

[2012/02/07 05:07:20 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Apple Computer

[2012/02/07 05:07:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

[2012/02/07 05:07:12 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll

[2012/02/07 05:07:12 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll

[2012/02/07 05:07:12 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys

[2012/02/07 05:07:12 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE

[2012/02/07 05:06:33 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2012/02/07 05:06:32 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2012/02/07 05:06:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes

[2012/02/07 05:06:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer

[2012/02/07 05:06:32 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}

[2012/02/07 05:05:33 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Apple

[2012/02/07 05:05:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update

[2012/02/07 05:04:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple

[2012/02/07 05:04:43 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour

[2012/02/07 05:04:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour

[2012/02/07 05:04:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple

[2012/02/07 05:04:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple

[2012/02/07 04:21:11 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll

[2012/02/07 04:21:11 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2012/02/07 04:21:08 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll

[2012/02/07 04:21:08 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll

[2012/02/07 04:21:07 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2012/02/07 04:21:07 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2012/02/07 04:21:04 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll

[2012/02/07 04:21:04 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl

[2012/02/07 04:21:04 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl

[2012/02/07 04:21:03 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2012/02/07 04:21:02 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

[2012/02/06 17:22:38 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

[2012/02/06 17:04:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam

[2012/02/06 17:04:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam

[2012/02/06 17:04:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam

[2012/02/06 15:11:10 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe

[2012/02/06 15:11:10 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe

[2012/02/06 15:11:09 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll

[2012/02/06 15:11:08 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll

[2012/02/06 15:11:08 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll

[2012/02/06 15:11:08 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll

[2012/02/06 15:11:05 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll

[2012/02/06 15:11:03 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll

[2012/02/06 15:11:03 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll

[2012/02/06 15:11:02 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll

[2012/02/06 15:11:02 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll

[2012/02/06 15:11:02 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll

[2012/02/06 15:11:02 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll

[2012/02/06 15:11:00 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll

[2012/02/06 15:11:00 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll

[2012/02/06 15:10:58 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll

[2012/02/06 15:10:58 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll

[2012/02/06 15:10:58 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax

[2012/02/06 15:10:57 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax

[2012/02/06 15:10:28 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll

[2012/02/06 15:10:28 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll

[2012/02/06 15:10:26 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll

[2012/02/06 15:10:26 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll

[2012/02/06 15:10:07 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll

[2012/02/06 15:10:06 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll

[2012/02/06 15:10:06 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll

[2012/02/06 15:02:53 | 000,000,000 | RH-D | C] -- C:\MSOCache

[2012/02/05 23:11:12 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome

[2012/02/05 23:07:47 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Google

[2012/02/05 23:07:23 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Deployment

[2012/02/05 23:07:23 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Apps

[2012/02/05 06:27:33 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Microsoft Games

[2012/02/05 04:31:21 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\sociology

[2012/02/04 11:01:44 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Adobe

[2012/02/04 00:29:42 | 000,000,000 | ---D | C] -- C:\ProgramData\VirtualizedApplications

[2012/02/03 23:44:38 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Skype

[2012/02/03 22:49:09 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Diagnostics

[2012/02/03 06:47:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client

[2012/02/03 06:47:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client

[2012/02/03 06:44:02 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\SoftGrid Client

[2012/02/03 06:44:02 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\SoftGrid Client

[2012/02/03 06:43:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)

[2012/02/03 06:43:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER

[2012/02/03 06:43:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office

[2012/02/03 06:43:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Application Virtualization Client

[2012/02/03 06:43:02 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\TP

[2012/02/03 06:42:21 | 000,000,000 | R--D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices

[2012/02/03 06:42:21 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\BMExplorer

[2012/02/03 06:40:44 | 000,000,000 | ---D | C] -- C:\ProgramData\clear.fi

[2012/02/03 06:18:11 | 000,000,000 | -H-D | C] -- C:\book

[2012/02/03 06:18:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcerSystem

[2012/02/03 06:14:09 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Screensaver

[2012/02/03 06:14:04 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Atheros

[2012/02/03 06:13:48 | 000,000,000 | R--D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

[2012/02/03 06:13:48 | 000,000,000 | R--D | C] -- C:\Users\User\Searches

[2012/02/03 06:13:48 | 000,000,000 | R--D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

[2012/02/03 06:13:47 | 000,000,000 | -H-D | C] -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned

[2012/02/03 06:13:41 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Identities

[2012/02/03 06:13:38 | 000,000,000 | R--D | C] -- C:\Users\User\Contacts

[2012/02/03 06:11:22 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\CyberLink

[2012/02/03 06:11:22 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Acer

[2012/02/03 06:11:10 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\PowerCinema

[2012/02/03 06:11:04 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\VirtualStore

[2012/02/03 06:10:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Family Protection

[2012/02/03 06:10:52 | 000,000,000 | --SD | C] -- C:\Users\User\AppData\Roaming\Microsoft

[2012/02/03 06:10:52 | 000,000,000 | R--D | C] -- C:\Users\User\Videos

[2012/02/03 06:10:52 | 000,000,000 | R--D | C] -- C:\Users\User\Saved Games

[2012/02/03 06:10:52 | 000,000,000 | R--D | C] -- C:\Users\User\Pictures

[2012/02/03 06:10:52 | 000,000,000 | R--D | C] -- C:\Users\User\Music

[2012/02/03 06:10:52 | 000,000,000 | R--D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

[2012/02/03 06:10:52 | 000,000,000 | R--D | C] -- C:\Users\User\Links

[2012/02/03 06:10:52 | 000,000,000 | R--D | C] -- C:\Users\User\Favorites

[2012/02/03 06:10:52 | 000,000,000 | R--D | C] -- C:\Users\User\Downloads

[2012/02/03 06:10:52 | 000,000,000 | R--D | C] -- C:\Users\User\Documents

[2012/02/03 06:10:52 | 000,000,000 | R--D | C] -- C:\Users\User\Desktop

[2012/02/03 06:10:52 | 000,000,000 | R--D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

[2012/02/03 06:10:52 | 000,000,000 | -HSD | C] -- C:\Users\User\AppData\Local\Temporary Internet Files

[2012/02/03 06:10:52 | 000,000,000 | -HSD | C] -- C:\Users\User\Templates

[2012/02/03 06:10:52 | 000,000,000 | -HSD | C] -- C:\Users\User\Start Menu

[2012/02/03 06:10:52 | 000,000,000 | -HSD | C] -- C:\Users\User\SendTo

[2012/02/03 06:10:52 | 000,000,000 | -HSD | C] -- C:\Users\User\Recent

[2012/02/03 06:10:52 | 000,000,000 | -HSD | C] -- C:\Users\User\PrintHood

[2012/02/03 06:10:52 | 000,000,000 | -HSD | C] -- C:\Users\User\NetHood

[2012/02/03 06:10:52 | 000,000,000 | -HSD | C] -- C:\Users\User\Documents\My Videos

[2012/02/03 06:10:52 | 000,000,000 | -HSD | C] -- C:\Users\User\Documents\My Pictures

[2012/02/03 06:10:52 | 000,000,000 | -HSD | C] -- C:\Users\User\Documents\My Music

[2012/02/03 06:10:52 | 000,000,000 | -HSD | C] -- C:\Users\User\My Documents

[2012/02/03 06:10:52 | 000,000,000 | -HSD | C] -- C:\Users\User\Local Settings

[2012/02/03 06:10:52 | 000,000,000 | -HSD | C] -- C:\Users\User\AppData\Local\History

[2012/02/03 06:10:52 | 000,000,000 | -HSD | C] -- C:\Users\User\Cookies

[2012/02/03 06:10:52 | 000,000,000 | -HSD | C] -- C:\Users\User\Application Data

[2012/02/03 06:10:52 | 000,000,000 | -HSD | C] -- C:\Users\User\AppData\Local\Application Data

[2012/02/03 06:10:52 | 000,000,000 | -H-D | C] -- C:\Users\User\AppData

[2012/02/03 06:10:52 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Temp

[2012/02/03 06:10:52 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Microsoft

[2012/02/03 06:10:52 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Media Center Programs

[2012/02/03 06:10:52 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Macromedia

[2012/02/03 06:09:21 | 000,000,000 | -HSD | C] -- C:\Recovery

 

========== Files - Modified Within 30 Days ==========

 

[2012/02/17 22:12:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3935956619-3466572111-3672290499-1001UA.job

[2012/02/17 21:32:15 | 000,000,951 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk

[2012/02/17 20:09:30 | 000,730,554 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2012/02/17 20:09:30 | 000,618,552 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2012/02/17 20:09:30 | 000,107,574 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2012/02/17 20:02:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012/02/17 19:50:40 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012/02/17 19:50:40 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012/02/17 19:42:40 | 824,594,431 | -HS- | M] () -- C:\hiberfil.sys

[2012/02/17 17:39:35 | 000,000,022 | -HS- | M] () -- C:\Windows\System5537 Data.Repository

[2012/02/17 17:39:35 | 000,000,022 | -HS- | M] () -- C:\Users\User\AppData\Roaming\Sys2662.Config.Repository.bin

[2012/02/17 17:39:26 | 000,001,897 | ---- | M] () -- C:\Users\User\Desktop\jv16 PowerTools 2011.lnk

[2012/02/17 17:34:39 | 000,001,117 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012/02/17 17:29:51 | 000,007,605 | ---- | M] () -- C:\Users\User\AppData\Local\Resmon.ResmonCfg

[2012/02/17 17:20:26 | 000,002,251 | ---- | M] () -- C:\Users\Public\Desktop\WinZip.lnk

[2012/02/17 17:19:31 | 000,001,958 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk

[2012/02/17 17:18:57 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys

[2012/02/17 17:10:19 | 000,000,370 | ---- | M] () -- C:\Windows\wininit.ini

[2012/02/10 08:25:31 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3935956619-3466572111-3672290499-1001Core.job

[2012/02/08 17:36:19 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_netaapl64_01009.Wdf

[2012/02/08 17:20:40 | 000,282,712 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2012/02/07 20:29:15 | 000,002,543 | ---- | M] () -- C:\Users\User\Desktop\Microsoft PowerPoint Viewer .lnk

[2012/02/07 09:01:33 | 000,002,080 | ---- | M] () -- C:\Users\Public\Desktop\The Sims3.lnk

[2012/02/07 05:19:41 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2012/02/07 05:07:15 | 000,001,787 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

[2012/02/07 04:24:40 | 001,671,254 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2012/02/06 17:29:58 | 000,000,219 | ---- | M] () -- C:\Users\User\Desktop\Alien Swarm.url

[2012/02/06 17:22:38 | 000,000,219 | ---- | M] () -- C:\Users\User\Desktop\Left 4 Dead 2.url

[2012/02/06 17:04:34 | 000,000,921 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk

[2012/02/05 23:11:13 | 000,002,277 | ---- | M] () -- C:\Users\User\Desktop\Google Chrome.lnk

[2012/02/05 05:32:36 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

[2012/02/03 23:44:36 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk

[2012/02/03 22:08:54 | 000,108,227 | ---- | M] () -- C:\Windows\SysWow64\license.rtf

[2012/02/03 22:08:54 | 000,108,227 | ---- | M] () -- C:\Windows\SysNative\license.rtf

[2012/02/03 06:48:14 | 000,001,445 | ---- | M] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2012/02/03 06:48:05 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif

[2012/02/03 06:45:34 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf

[2012/02/03 06:43:59 | 000,002,465 | ---- | M] () -- C:\Users\User\Desktop\Microsoft Word Starter 2010.lnk

[2012/02/03 06:13:52 | 000,000,847 | ---- | M] () -- C:\Users\User\Desktop\Downloads.lnk

 

========== Files Created - No Company Name ==========

 

[2012/02/17 21:30:57 | 000,000,951 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk

[2012/02/17 17:39:35 | 000,000,022 | -HS- | C] () -- C:\Windows\System5537 Data.Repository

[2012/02/17 17:39:35 | 000,000,022 | -HS- | C] () -- C:\Users\User\AppData\Roaming\Sys2662.Config.Repository.bin

[2012/02/17 17:39:26 | 000,001,897 | ---- | C] () -- C:\Users\User\Desktop\jv16 PowerTools 2011.lnk

[2012/02/17 17:34:39 | 000,001,117 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012/02/17 17:29:51 | 000,007,605 | ---- | C] () -- C:\Users\User\AppData\Local\Resmon.ResmonCfg

[2012/02/17 17:20:26 | 000,002,251 | ---- | C] () -- C:\Users\Public\Desktop\WinZip.lnk

[2012/02/17 17:19:29 | 000,001,958 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk

[2012/02/08 17:36:19 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_netaapl64_01009.Wdf

[2012/02/07 20:29:15 | 000,002,543 | ---- | C] () -- C:\Users\User\Desktop\Microsoft PowerPoint Viewer .lnk

[2012/02/07 09:33:38 | 000,000,370 | ---- | C] () -- C:\Windows\wininit.ini

[2012/02/07 09:26:39 | 000,001,151 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Download Manager.lnk

[2012/02/07 09:01:33 | 000,002,080 | ---- | C] () -- C:\Users\Public\Desktop\The Sims3.lnk

[2012/02/07 08:45:20 | 000,030,048 | ---- | C] () -- C:\Users\User\Desktop\TS3.exe

[2012/02/07 06:39:41 | 000,001,290 | ---- | C] () -- C:\Users\User\Desktop\dfrgui.lnk

[2012/02/07 05:19:41 | 000,000,826 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2012/02/07 05:07:15 | 000,001,787 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk

[2012/02/07 05:05:29 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk

[2012/02/06 17:29:58 | 000,000,219 | ---- | C] () -- C:\Users\User\Desktop\Alien Swarm.url

[2012/02/06 17:22:38 | 000,000,219 | ---- | C] () -- C:\Users\User\Desktop\Left 4 Dead 2.url

[2012/02/06 17:04:34 | 000,000,921 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk

[2012/02/05 23:11:13 | 000,002,277 | ---- | C] () -- C:\Users\User\Desktop\Google Chrome.lnk

[2012/02/05 23:07:47 | 000,000,904 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3935956619-3466572111-3672290499-1001UA.job

[2012/02/05 23:07:47 | 000,000,852 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3935956619-3466572111-3672290499-1001Core.job

[2012/02/05 05:32:36 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

[2012/02/04 00:26:05 | 000,002,465 | ---- | C] () -- C:\Users\User\Desktop\Microsoft Word Starter 2010.lnk

[2012/02/03 06:48:14 | 000,001,445 | ---- | C] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2012/02/03 06:48:05 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif

[2012/02/03 06:47:34 | 000,001,901 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk

[2012/02/03 06:45:34 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf

[2012/02/03 06:43:40 | 001,671,254 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2012/02/03 06:13:52 | 000,001,417 | ---- | C] () -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk

[2012/02/03 06:13:49 | 000,001,451 | ---- | C] () -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

[2012/02/03 06:13:48 | 000,000,847 | ---- | C] () -- C:\Users\User\Desktop\Downloads.lnk

[2012/02/03 06:10:52 | 000,000,290 | ---- | C] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk

[2012/02/03 06:10:52 | 000,000,272 | ---- | C] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk

[2011/10/14 15:38:07 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin

[2011/10/14 15:38:06 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin

[2011/10/14 15:38:04 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll

[2011/10/14 15:38:01 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin

[2011/10/14 15:38:00 | 013,906,944 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll

[2009/07/14 05:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2009/07/14 02:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT

[2009/07/14 02:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat

[2009/07/14 00:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009/07/13 23:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009/07/13 21:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2009/06/10 21:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

 

========== LOP Check ==========

 

[2012/02/17 20:04:02 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DAEMON Tools Lite

[2012/02/03 06:14:09 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Screensaver

[2012/02/17 19:40:35 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\SoftGrid Client

[2012/02/03 06:44:18 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TP

[2012/02/17 22:31:33 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\uTorrent

[2009/07/14 05:08:49 | 000,009,782 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 

========== Purity Check ==========

 

 

 

========== Custom Scans ==========

 

 

< %SYSTEMDRIVE%\*.* >

[2011/10/14 15:42:23 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK

[2012/02/17 19:42:40 | 824,594,431 | -HS- | M] () -- C:\hiberfil.sys

[2012/02/17 19:42:45 | 2531,115,007 | -HS- | M] () -- C:\pagefile.sys

 

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >

 

< %systemroot%\*. /mp /s >

 

< %systemroot%\system32\*.dll /lockedfiles >

 

< %systemroot%\Tasks\*.job /lockedfiles >

 

< %systemroot%\system32\drivers\*.sys /lockedfiles >

 

< %systemroot%\system32\*.exe /lockedfiles >

 

< %systemroot%\System32\config\*.sav >

 

< %PROGRAMFILES%\* >

[2009/07/14 04:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

 

< %USERPROFILE%\..|smtmp;true;true;true /FP >

 

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dows\WindowsUpdate\AU >

 

< hklm\software\clients\startmenuinternet|command /rs >

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2012/01/20 05:35:36 | 001,047,024 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2012/01/20 05:35:36 | 001,047,024 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/01/20 05:35:36 | 001,047,024 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe" [2012/01/20 05:35:36 | 001,047,024 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/09/21 09:28:12 | 000,074,240 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/09/21 09:28:12 | 000,074,240 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/09/21 09:28:12 | 000,074,240 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2011/09/21 09:28:13 | 000,748,336 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2011/09/21 09:28:13 | 000,748,336 | ---- | M] (Microsoft Corporation)

 

< hklm\software\clients\startmenuinternet|command /64 /rs >

64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2012/01/20 05:35:36 | 001,047,024 | ---- | M] (Google Inc.)

64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2012/01/20 05:35:36 | 001,047,024 | ---- | M] (Google Inc.)

64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2012/01/20 05:35:36 | 001,047,024 | ---- | M] (Google Inc.)

64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2012/01/20 05:35:36 | 001,047,024 | ---- | M] (Google Inc.)

64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2011/09/21 09:28:11 | 000,089,088 | ---- | M] (Microsoft Corporation)

64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2011/09/21 09:28:11 | 000,089,088 | ---- | M] (Microsoft Corporation)

64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2011/09/21 09:28:11 | 000,089,088 | ---- | M] (Microsoft Corporation)

64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2011/09/21 09:28:13 | 000,748,336 | ---- | M] (Microsoft Corporation)

64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2011/09/21 09:28:13 | 000,748,336 | ---- | M] (Microsoft Corporation)

 

 

< End of report >

[himecakie]

Extras.txt

 

OTL Extras logfile created on: 17/2/2012 22:36:55 - Run 1

OTL by OldTimer - Version 3.2.32.0 Folder = C:\Users\User\Downloads

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000C04 | Country: Hong Kong S.A.R. | Language: ZHH | Date Format: d/M/yyyy

 

6.36 Gb Total Physical Memory | 4.62 Gb Available Physical Memory | 72.65% Memory free

12.71 Gb Paging File | 10.93 Gb Available in Paging File | 85.94% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 456.45 Gb Total Space | 381.99 Gb Free Space | 83.69% Space Free | Partition Type: NTFS

Drive D: | 456.96 Gb Total Space | 456.86 Gb Free Space | 99.98% Space Free | Partition Type: NTFS

 

Computer Name: USER-PC | User Name: User | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

 

========== Shell Spawning ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

========== Authorized Applications List ==========

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware

"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector

"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant

"{206BD2C5-DE08-4577-A0D7-D441A79D5A3A}" = Windows Live Remote Client Resources

"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)

"{42738DB0-FC3E-4672-A99B-9372F5696E30}" = Microsoft Security Client

"{4710662C-8204-4334-A977-B1AC9E547819}" = Broadcom Card Reader Driver Installer

"{5E11C972-1E76-45FE-8F92-14E0D1140B1B}" = iTunes

"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources

"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour

"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support

"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources

"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources

"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{AE91E0F3-C49A-4EF4-8B98-A07BD409EB90}" = Windows Live Remote Service Resources

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 285.64

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 285.64

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.5.20

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components

"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Intel® Turbo Boost Technology Monitor 2.0

"{C91DCB72-F5BB-410D-A91A-314F5D1B4284}" = Broadcom NetLink Controller

"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter

"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client

"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit

"CCleaner" = CCleaner

"Elantech" = ETDWare PS/2-X64 8.0.6.3_WHQL

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft Security Client" = Microsoft Security Essentials

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{000F2A10-9CDF-47BF-9CF2-9AC87567B433}" = Windows Live Photo Common

"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Acer Crystal Eye Webcam

"{03241D8D-2217-42F7-9FCB-6A68D141C14D}" = Windows Live 软件包

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Backup Manager V3

"{14C4C3B6-F1F4-401F-8C86-03E8E19AAC8C}" = clear.fi

"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = clear.fi

"{28921580-E4BB-11E0-9FD7-1CC1DEF07CBE}" = Evernote v. 4.5.1

"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common

"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger

"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh

"{2D49C296-BCCA-4800-BAF6-A0269EBDCF74}" = Windows Live Messenger

"{317D56AC-0DB3-48F5-929A-42032DAC9AD7}" = Windows Live Writer

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support

"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery

"{368BEC2C-B7A2-4762-9213-2D8465D533CA}" = Windows Live UX Platform Language Pack

"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management

"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology

"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup

"{43AAE145-83CF-4C96-9A5E-756CEFCE879F}" = clear.fi Client

"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = The Sims?3 Late Night

"{4C774C35-E0AF-72E1-136A-2BF666702268}" = Fooz Kids

"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack

"{588CE0C0-860B-49A8-AFCF-3C69465B345F}" = Windows Live Mesh

"{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}" = newsXpresso

"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components

"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7115EEBC-DA7B-434C-B81C-EA5B26EA9A94}" = Windows Live Writer Resources

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{753F0A72-59C3-41CE-A36A-F2DF2079275C}" = Windows Live Mail

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{7B982EBD-D017-4527-BF1A-FC489EC6B100}" = Windows Live 照片库

"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime

"{8D68CE08-9A14-4B7B-9857-3C646A2F34C7}" = Fooz Kids Platform

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English

"{903EDF14-4E28-4463-AA5E-4AEE71C0263B}" = Windows Live Movie Maker

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010

"{95140000-00AF-0409-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail

"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer

"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.0) MUI

"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call

"{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}" = clear.fi

"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX

"{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}" = Dolby Advanced Audio v2

"{BAEE89D5-6E87-4F89-9603-A1C100479181}" = Windows Live Messenger

"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims?3

"{C28D96C0-6A90-459E-A077-A6706F4EC0FC}" = Bing Bar

"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail

"{CD95F661-A5C4-44F5-A6AA-ECDD91C240C2}" = WinZip 15.5

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack

"{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9

"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources

"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime

"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger

"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer

"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater

"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心

"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center

"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR

"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials

"Acer Registration" = Acer Registration

"Acer Screensaver" = Acer ScreenSaver

"Acer Welcome Center" = Welcome Center

"Adobe AIR" = Adobe AIR

"DAEMON Tools Lite" = DAEMON Tools Lite

"DealPly" = DealPly

"EADM" = EA Download Manager

"FoozKids" = Fooz Kids

"Identity Card" = Identity Card

"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Acer Crystal Eye Webcam

"InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Acer Backup Manager

"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = clear.fi

"InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}" = newsXpresso

"InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9

"LManager" = Launch Manager

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000

"Office14.Click2Run" = Microsoft Office Click-to-Run 2010

"Steam App 550" = Left 4 Dead 2

"Steam App 630" = Alien Swarm

"uTorrent" = µTorrent

"uTorrentControl2 Toolbar" = uTorrentControl2 Toolbar

"WinLiveSuite" = Windows Live 程式集

 

========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Google Chrome" = Google Chrome

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 3/2/2012 2:40:16 | Computer Name = User-PC | Source = WinMgmt | ID = 10

Description =

 

Error - 3/2/2012 2:43:52 | Computer Name = User-PC | Source = WinMgmt | ID = 10

Description =

 

Error - 3/2/2012 18:19:38 | Computer Name = User-PC | Source = WinMgmt | ID = 10

Description =

 

Error - 3/2/2012 20:29:42 | Computer Name = User-PC | Source = CVHSVC | ID = 100

Description = Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}):

DownloadLatest Failed:

 

Error - 4/2/2012 6:08:44 | Computer Name = User-PC | Source = WinMgmt | ID = 10

Description =

 

Error - 4/2/2012 6:18:49 | Computer Name = User-PC | Source = CVHSVC | ID = 100

Description = Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}):

DownloadLatest Failed:

 

Error - 4/2/2012 23:44:36 | Computer Name = User-PC | Source = WinMgmt | ID = 10

Description =

 

Error - 4/2/2012 23:50:50 | Computer Name = User-PC | Source = WinMgmt | ID = 10

Description =

 

Error - 5/2/2012 0:00:53 | Computer Name = User-PC | Source = CVHSVC | ID = 100

Description = Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}):

DownloadLatest Failed:

 

[ System Events ]

Error - 6/2/2012 10:52:47 | Computer Name = User-PC | Source = Microsoft Antimalware | ID = 2001

Description = %%860 has encountered an error trying to update signatures. New Signature

Version: Previous Signature Version: 0.0.0.0 Update Source: %%851 Update Stage: %%852

 

 

Source

Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094

 

 

Signature

Type: %%800 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:

Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server

name or address could not be resolved

 

Error - 6/2/2012 10:52:47 | Computer Name = User-PC | Source = Microsoft Antimalware | ID = 2001

Description = %%860 has encountered an error trying to update signatures. New Signature

Version: Previous Signature Version: 0.0.0.0 Update Source: %%851 Update Stage: %%852

 

 

Source

Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094

 

 

Signature

Type: %%801 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:

Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server

name or address could not be resolved

 

Error - 6/2/2012 10:52:47 | Computer Name = User-PC | Source = Microsoft Antimalware | ID = 2001

Description = %%860 has encountered an error trying to update signatures. New Signature

Version: Previous Signature Version: 0.0.0.0 Update Source: %%851 Update Stage: %%852

 

 

Source

Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094

 

 

Signature

Type: %%800 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:

Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server

name or address could not be resolved

 

Error - 6/2/2012 10:52:47 | Computer Name = User-PC | Source = Microsoft Antimalware | ID = 2001

Description = %%860 has encountered an error trying to update signatures. New Signature

Version: Previous Signature Version: 0.0.0.0 Update Source: %%851 Update Stage: %%852

 

 

Source

Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094

 

 

Signature

Type: %%801 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:

Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server

name or address could not be resolved

 

Error - 6/2/2012 10:52:47 | Computer Name = User-PC | Source = Microsoft Antimalware | ID = 2001

Description = %%860 has encountered an error trying to update signatures. New Signature

Version: Previous Signature Version: 0.0.0.0 Update Source: %%851 Update Stage: %%852

 

 

Source

Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094

 

 

Signature

Type: %%800 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:

Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server

name or address could not be resolved

 

Error - 6/2/2012 10:52:48 | Computer Name = User-PC | Source = Microsoft Antimalware | ID = 2001

Description = %%860 has encountered an error trying to update signatures. New Signature

Version: Previous Signature Version: 0.0.0.0 Update Source: %%851 Update Stage: %%852

 

 

Source

Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=0.0.0.0&sig=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094

 

 

Signature

Type: %%800 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:

Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server

name or address could not be resolved

 

Error - 6/2/2012 10:52:48 | Computer Name = User-PC | Source = Microsoft Antimalware | ID = 2001

Description = %%860 has encountered an error trying to update signatures. New Signature

Version: Previous Signature Version: 0.0.0.0 Update Source: %%851 Update Stage: %%852

 

 

Source

Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=0.0.0.0&sig=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094

 

 

Signature

Type: %%801 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:

Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server

name or address could not be resolved

 

Error - 6/2/2012 10:52:48 | Computer Name = User-PC | Source = Microsoft Antimalware | ID = 2001

Description = %%860 has encountered an error trying to update signatures. New Signature

Version: Previous Signature Version: 0.0.0.0 Update Source: %%851 Update Stage: %%852

 

 

Source

Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=0.0.0.0&sig=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094

 

 

Signature

Type: %%800 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:

Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server

name or address could not be resolved

 

Error - 6/2/2012 10:52:48 | Computer Name = User-PC | Source = Microsoft Antimalware | ID = 2001

Description = %%860 has encountered an error trying to update signatures. New Signature

Version: Previous Signature Version: 0.0.0.0 Update Source: %%851 Update Stage: %%852

 

 

Source

Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=0.0.0.0&sig=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094

 

 

Signature

Type: %%801 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:

Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server

name or address could not be resolved

 

Error - 6/2/2012 10:52:48 | Computer Name = User-PC | Source = Microsoft Antimalware | ID = 2001

Description = %%860 has encountered an error trying to update signatures. New Signature

Version: Previous Signature Version: 0.0.0.0 Update Source: %%851 Update Stage: %%852

 

 

Source

Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=0.0.0.0&sig=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094

 

 

Signature

Type: %%800 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:

Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server

name or address could not be resolved

 

 

< End of report >

[Starbuck]

Download CKScanner

 

Important - Save it to your desktop.

Doubleclick CKScanner.exe and click Search For Files.

After a very short time, when the cursor hourglass disappears, click Save List To File.

A message box will verify the file has been saved.

Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

[himecakie]

CKScanner - Additional Security Risks - These are not necessarily bad

c:\users\user\desktop\sims 3 crack\# installation guide.pdf

c:\users\user\desktop\sims 3 crack\ambitions\ts3ep02.exe

c:\users\user\desktop\sims 3 crack\ambitions\tslhost.dll

c:\users\user\desktop\sims 3 crack\base game\ts3.exe

c:\users\user\desktop\sims 3 crack\base game\tslhost.dll

c:\users\user\desktop\sims 3 crack\fast lane stuff\ts3sp02.exe

c:\users\user\desktop\sims 3 crack\fast lane stuff\tslhost.dll

c:\users\user\desktop\sims 3 crack\high end loft stuff\ts3sp01.exe

c:\users\user\desktop\sims 3 crack\high end loft stuff\tslhost.dll

c:\users\user\desktop\sims 3 crack\master suite stuff & pets & town life stuff & generations\ts3w.exe

c:\users\user\desktop\sims 3 crack\master suite stuff & pets & town life stuff & generations\tslhost.dll

c:\users\user\desktop\sims 3 crack\outdoor living stuff\ts3sp03.exe

c:\users\user\desktop\sims 3 crack\outdoor living stuff\tslhost.dll

c:\users\user\desktop\sims 3 crack\world adventures\ts3ep01.exe

c:\users\user\desktop\sims 3 crack\world adventures\tslhost.dll

c:\users\user\desktop\the sims 3 late night\# crack\1. late night\ts3ep03.exe

c:\users\user\desktop\the sims 3 late night\# crack\1. late night\tslhost.dll

c:\users\user\desktop\the sims 3 late night\# crack\2. the sims 3\ts3.exe

c:\users\user\desktop\the sims 3 late night\# crack\2. the sims 3\tslhost.dll

c:\users\user\desktop\the sims 3 late night\# crack\3. world adventures\ts3ep01.exe

c:\users\user\desktop\the sims 3 late night\# crack\3. world adventures\tslhost.dll

c:\users\user\desktop\the sims 3 late night\# crack\4. high end loft stuff\ts3sp01.exe

c:\users\user\desktop\the sims 3 late night\# crack\4. high end loft stuff\tslhost.dll

c:\users\user\desktop\the sims 3 late night\# crack\5. ambitions\ts3ep02.exe

c:\users\user\desktop\the sims 3 late night\# crack\5. ambitions\tslhost.dll

c:\users\user\desktop\the sims 3 late night\# crack\6. fast lane stuff\ts3sp02.exe

c:\users\user\desktop\the sims 3 late night\# crack\6. fast lane stuff\tslhost.dll

c:\users\user\desktop\the sims 3 pet\# crack\ts3w.exe

c:\users\user\desktop\the sims 3 pet\# crack\tslhost.dll

scanner sequence 3.ZZ.11.BONAVA

----- EOF -----

 

 

 

 

 

 

 

 

-------------------------------------------------------------------------

Mind my crack, it should of been safe since I previously downloaded it on my pc before hand. Before i transferred it on to the laptop. Nothing happened to my pc or that I know of.

[Starbuck]

Mind my crack, it should of been safe since I previously downloaded it on my pc before hand

At the end of the day, Cracks and Keygens are actually illegal.

Whilst there are any on the system we are unable to help you.

Quite often Staff on these sites do work with Vendors and if we are seen to allow the use of Illegal cracks etc it doesn't look very good for us.

So our policy concerning these is that we won't offer help if we see them in reports.

If you remove them and confirm this has been done, we can continue.

 

Thanks

[Comicclock]

Most likely malware.I had the exact same issue before in my laptop and went extremely slow. I tried to use security software to check but cant remove it tho :-( So eventually I had to reinstall the Windows unfortunately. Wish I knew how to do back then :-(