Computer randomly locks up or freezes. Along with aditional.

Author	All Replies
maspien join:2011-06-12 Bellevue, NE	Computer randomly locks up or freezes. Along with aditional. Hello, my computer seems to randomly lock up and freeze from time to time. It does not allways freeze hard maybe a few seconds and then resumes. It self. I can be doing something from web browsing to playing games offline and online. Though it seems like when I play a game it will "Pause" Then all of a sudden try and play a quick catch up like all the commands were qued up online and offline. Also I notice when I download something it will just randomly stop for anywhere to 5-10 minutes then resume back to full speed. I have tried wired and wireless connections across various networks. (I do alot of traveling.) And the issue follows. It is not all the time but enought notice. Finally I have seem some slow downs in general performance. Not enough to drive me up the wall, it could be age but doubt it for some reason. I do notice when I connect to the internet it seems my computer pauses for a moment like it is linking up to something. The internet also seems to like to bog down when loading pages every so softly. Like streaming video from youtube/hulu etc. Here is the post. Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Database version: 8020 Windows 6.1.7601 Service Pack 1 Internet Explorer 9.0.8112.16421 10/25/2011 3:03:20 PM mbam-log-2011-10-25 (15-03-20).txt Scan type: Full scan (C:\\|) Objects scanned: 375801 Time elapsed: 7 minute(s), 32 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
	to forum · permalink · 2011-10-25 16:38:30 ·
maspien join:2011-06-12 Bellevue, NE	OTL logfile created on: 10/25/2011 3:06:14 PM - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Joshua Dunn\Desktop 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 \| Country: United States \| Language: ENU \| Date Format: M/d/yyyy 5.99 Gb Total Physical Memory \| 3.88 Gb Available Physical Memory \| 64.68% Memory free 11.98 Gb Paging File \| 9.71 Gb Available in Paging File \| 81.02% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\Windows \| %ProgramFiles% = C:\Program Files (x86) Drive C: \| 238.47 Gb Total Space \| 31.69 Gb Free Space \| 13.29% Space Free \| Partition Type: NTFS Computer Name: JDUNN100711 \| User Name: Joshua Dunn \| Logged in as Administrator. Boot Mode: Normal \| Scan Mode: Current user \| Include 64bit Scans Company Name Whitelist: Off \| Skip Microsoft Files: Off \| No Company Name Whitelist: On \| File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011/10/25 15:04:59 \| 000,584,192 \| ---- \| M] (OldTimer Tools) -- C:\Users\Joshua Dunn\Desktop\OTL.exe PRC - [2011/09/29 14:20:50 \| 000,075,136 \| ---- \| M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2011/08/31 17:00:48 \| 000,449,608 \| ---- \| M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2011/08/31 17:00:48 \| 000,366,152 \| ---- \| M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2011/08/17 18:03:16 \| 003,077,528 \| ---- \| M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe PRC - [2011/08/03 18:46:44 \| 001,242,448 \| ---- \| M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe PRC - [2011/08/03 06:50:00 \| 002,255,464 \| ---- \| M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe PRC - [2011/08/03 03:31:42 \| 000,379,496 \| ---- \| M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2011/08/02 02:33:30 \| 004,910,912 \| ---- \| M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe PRC - [2011/07/28 18:08:12 \| 001,259,376 \| ---- \| M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe PRC - [2011/06/06 12:55:28 \| 000,064,952 \| ---- \| M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011/04/16 19:45:11 \| 000,130,008 \| R--- \| M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360 Premier Edition\Engine\5.1.0.29\ccSvcHst.exe PRC - [2011/04/08 12:59:52 \| 000,507,624 \| ---- \| M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe PRC - [2011/03/31 16:08:14 \| 000,080,896 \| ---- \| M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe PRC - [2010/04/27 16:39:38 \| 000,243,544 \| ---- \| M] (Microsoft Corp.) -- C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe PRC - [2009/04/10 19:26:08 \| 002,013,184 \| ---- \| M] () -- C:\Program Files (x86)\Hotkey\Hotkey.exe PRC - [2009/03/24 17:54:54 \| 000,029,696 \| ---- \| M] () -- C:\Program Files (x86)\Hotkey\PowerBiosServer.exe PRC - [2009/03/18 16:56:32 \| 000,075,048 \| ---- \| M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared Files\brs.exe PRC - [2008/12/24 05:26:56 \| 000,053,248 \| ---- \| M] (Chicony) -- C:\Program Files (x86)\Chicony\GameKey\ModPS2Key.exe PRC - [2008/12/24 05:26:56 \| 000,040,960 \| ---- \| M] (Chicony) -- C:\Program Files (x86)\Chicony\GameKey\Driver\ZGKY.exe PRC - [2008/12/05 16:44:28 \| 000,081,920 \| ---- \| M] (mychat) -- C:\Program Files (x86)\BisonCam\BisonHK.exe PRC - [2008/01/15 19:20:50 \| 000,103,720 \| ---- \| M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2011/10/11 21:11:47 \| 014,410,024 \| ---- \| M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll MOD - [2011/10/11 21:11:45 \| 000,194,344 \| ---- \| M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll MOD - [2011/10/11 21:11:43 \| 000,091,432 \| ---- \| M] () -- C:\Program Files (x86)\Steam\bin\avutil-50.dll MOD - [2011/10/11 21:11:41 \| 000,155,432 \| ---- \| M] () -- C:\Program Files (x86)\Steam\bin\avformat-52.dll MOD - [2011/10/11 21:11:39 \| 000,914,216 \| ---- \| M] () -- C:\Program Files (x86)\Steam\bin\avcodec-52.dll MOD - [2011/10/07 12:32:53 \| 001,051,136 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6e9a08576157b4aeb91a3aaa452fcb00\System.Management.ni.dll MOD - [2011/10/07 12:32:37 \| 000,212,992 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\86a2ec5efbcfcd1105475364d7975b15\System.ServiceProcess.ni.dll MOD - [2011/10/07 12:32:32 \| 012,433,408 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0d43c5e77ee7b8466700b16d7e7d4bb7\System.Windows.Forms.ni.dll MOD - [2011/10/07 12:32:14 \| 001,587,200 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\9e87dd8fe5d0f925d80a6a6eaf74fdb9\System.Drawing.ni.dll MOD - [2011/10/07 12:31:57 \| 007,963,648 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\3da7c6c1a0f26ae91883fd8b03ec192d\System.ni.dll MOD - [2011/10/07 12:31:51 \| 011,490,304 \| ---- \| M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\16b68fcaff063835ae0ee348a1201f2a\mscorlib.ni.dll MOD - [2011/08/17 18:03:16 \| 003,077,528 \| ---- \| M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe MOD - [2011/07/28 18:09:42 \| 000,096,112 \| ---- \| M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll MOD - [2011/07/28 18:08:12 \| 001,259,376 \| ---- \| M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe MOD - [2009/04/10 19:26:08 \| 002,013,184 \| ---- \| M] () -- C:\Program Files (x86)\Hotkey\Hotkey.exe MOD - [2009/01/19 20:09:10 \| 000,367,144 \| ---- \| M] () -- C:\Windows\system\BisonC07.dll MOD - [2008/12/03 16:12:02 \| 000,028,672 \| ---- \| M] () -- C:\Program Files (x86)\BisonCam\KBHookDLL.dll MOD - [2008/01/15 19:20:50 \| 000,013,096 \| ---- \| M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll MOD - [2008/01/15 19:20:46 \| 000,648,488 \| ---- \| M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:64bit: - [2009/07/13 20:41:27 \| 001,011,712 \| ---- \| M] (Microsoft Corporation) [On_Demand \| Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:64bit: - [2009/07/13 20:40:01 \| 000,193,536 \| ---- \| M] (Microsoft Corporation) [On_Demand \| Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:64bit: - [2008/06/03 05:34:24 \| 000,891,392 \| ---- \| M] (ATI Technologies Inc.) [Auto \| Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility) SRV - [2011/10/18 15:25:08 \| 000,014,216 \| ---- \| M] (Hi-Rez Studios) [Auto \| Running] -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService) SRV - [2011/09/29 14:20:50 \| 000,075,136 \| ---- \| M] () [Auto \| Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2011/08/31 17:00:48 \| 000,366,152 \| ---- \| M] (Malwarebytes Corporation) [Auto \| Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011/08/03 06:50:00 \| 002,255,464 \| ---- \| M] (NVIDIA Corporation) [Auto \| Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011/08/03 03:31:42 \| 000,379,496 \| ---- \| M] (NVIDIA Corporation) [Auto \| Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2011/06/06 12:55:28 \| 000,064,952 \| ---- \| M] (Adobe Systems Incorporated) [Auto \| Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011/06/02 14:08:43 \| 000,403,240 \| ---- \| M] (Valve Corporation) [On_Demand \| Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011/04/16 19:45:11 \| 000,130,008 \| R--- \| M] (Symantec Corporation) [Unknown \| Running] -- C:\Program Files (x86)\Norton 360 Premier Edition\Engine\5.1.0.29\ccSvcHst.exe -- (N360) SRV - [2011/03/31 16:08:14 \| 000,080,896 \| ---- \| M] () [Auto \| Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service) SRV - [2011/03/28 14:51:25 \| 004,323,256 \| ---- \| M] (INCA Internet Co., Ltd.) [On_Demand \| Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc) SRV - [2010/03/18 13:16:28 \| 000,130,384 \| ---- \| M] (Microsoft Corporation) [Auto \| Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/06/10 16:23:09 \| 000,066,384 \| ---- \| M] (Microsoft Corporation) [Disabled \| Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009/03/24 17:54:54 \| 000,029,696 \| ---- \| M] () [Auto \| Running] -- C:\Program Files (x86)\Hotkey\PowerBiosServer.exe -- (PowerBiosServer) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:64bit: - [2011/09/13 18:34:01 \| 000,174,200 \| ---- \| M] (Symantec Corporation) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent) DRV:64bit: - [2011/08/31 17:00:50 \| 000,025,416 \| ---- \| M] (Malwarebytes Corporation) [File_System \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2011/08/20 18:02:09 \| 000,270,912 \| ---- \| M] (DT Soft Ltd) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:64bit: - [2011/07/19 11:35:00 \| 000,015,360 \| ---- \| M] (June Fabrics Technology Inc.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\pneteth.sys -- (pneteth) DRV:64bit: - [2011/07/08 17:45:12 \| 000,386,168 \| R--- \| M] (Symantec Corporation) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symnets.sys -- (SymNetS) DRV:64bit: - [2011/07/06 12:44:00 \| 000,034,288 \| ---- \| M] (GEAR Software Inc.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2011/03/30 22:00:09 \| 000,744,568 \| R--- \| M] (Symantec Corporation) [File_System \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtsp64.sys -- (SRTSP) DRV:64bit: - [2011/03/30 22:00:09 \| 000,040,568 \| R--- \| M] (Symantec Corporation) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL) DRV:64bit: - [2011/03/22 07:27:46 \| 000,028,264 \| ---- \| M] (ITE Tech. Inc. ) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\ITECIRfilter.sys -- (ITECIRfilter) DRV:64bit: - [2011/03/14 21:31:23 \| 000,912,504 \| R--- \| M] (Symantec Corporation) [File_System \| Boot \| Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\SymEFA64.sys -- (SymEFA) DRV:64bit: - [2011/03/11 01:41:12 \| 000,107,904 \| ---- \| M] (Advanced Micro Devices) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 01:41:12 \| 000,027,008 \| ---- \| M] (Advanced Micro Devices) [Kernel \| Boot \| Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011/01/27 01:47:10 \| 000,450,680 \| R--- \| M] (Symantec Corporation) [Kernel \| Boot \| Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\SymDS64.sys -- (SymDS) DRV:64bit: - [2011/01/27 00:07:06 \| 000,171,128 \| R--- \| M] (Symantec Corporation) [Kernel \| System \| Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\Ironx64.sys -- (SymIRON) DRV:64bit: - [2010/11/20 08:33:35 \| 000,078,720 \| ---- \| M] (Hewlett-Packard Company) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/20 06:07:05 \| 000,059,392 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010/11/20 06:03:42 \| 000,020,992 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2010/09/23 00:36:48 \| 000,048,488 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2010/07/13 09:57:08 \| 000,069,736 \| ---- \| M] (ITE Tech. Inc. ) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\itecir.sys -- (itecir) DRV:64bit: - [2010/06/25 16:08:10 \| 000,036,928 \| ---- \| M] (Windows (R) Win 7 DDK provider) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot) DRV:64bit: - [2009/11/01 19:16:50 \| 000,033,736 \| ---- \| M] (HTC, Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64) DRV:64bit: - [2009/07/13 20:52:20 \| 000,194,128 \| ---- \| M] (AMD Technologies Inc.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/13 20:48:04 \| 000,065,600 \| ---- \| M] (LSI Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/13 20:45:55 \| 000,024,656 \| ---- \| M] (Promise Technology) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/07/13 19:35:32 \| 000,012,288 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam) DRV:64bit: - [2009/06/10 15:35:28 \| 005,434,368 \| ---- \| M] (Intel Corporation) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R) DRV:64bit: - [2009/06/10 15:34:33 \| 003,286,016 \| ---- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 15:34:28 \| 000,468,480 \| ---- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 15:34:23 \| 000,270,848 \| ---- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 15:31:59 \| 000,031,232 \| ---- \| M] (Hauppauge Computer Works, Inc.) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/03/13 10:11:16 \| 000,137,568 \| ---- \| M] (JMicron Technology Corporation) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR) DRV:64bit: - [2009/02/23 15:23:28 \| 001,222,056 \| ---- \| M] (Bison Electronics. Inc. ) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\BisonC07.sys -- (Cam5607) DRV:64bit: - [2009/01/21 08:49:48 \| 000,195,584 \| ---- \| M] (Realtek Corporation ) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\Rtlh64.sys -- (RTL8169) DRV:64bit: - [2008/09/17 16:14:00 \| 000,012,744 \| R--- \| M] (EnTech Taiwan) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysNative\drivers\Entech64.sys -- (ENTECH64) DRV:64bit: - [2008/03/27 09:57:26 \| 001,200,128 \| ---- \| M] (Motorola Inc.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\smserial.sys -- (smserial) DRV:64bit: - [2007/12/07 20:12:56 \| 000,320,048 \| ---- \| M] (Synaptics, Inc.) [Kernel \| On_Demand \| Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2005/03/29 03:30:38 \| 000,008,192 \| ---- \| M] () [Kernel \| Disabled \| Stopped] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor) DRV - [2011/10/14 18:10:08 \| 001,155,704 \| ---- \| M] (Symantec Corporation) [Kernel \| System \| Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20111014.001\BHDrvx64.sys -- (BHDrvx64) DRV - [2011/09/13 01:00:00 \| 002,048,632 \| ---- \| M] (Symantec Corporation) [Kernel \| On_Demand \| Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20111025.002\EX64.SYS -- (NAVEX15) DRV - [2011/09/13 01:00:00 \| 000,481,912 \| ---- \| M] (Symantec Corporation) [Kernel \| System \| Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl) DRV - [2011/09/13 01:00:00 \| 000,136,824 \| ---- \| M] (Symantec Corporation) [Kernel \| On_Demand \| Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2011/09/13 01:00:00 \| 000,117,880 \| ---- \| M] (Symantec Corporation) [Kernel \| On_Demand \| Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20111025.002\ENG64.SYS -- (NAVENG) DRV - [2011/09/12 06:25:02 \| 000,488,568 \| ---- \| M] (Symantec Corporation) [Kernel \| System \| Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20111022.030\IDSviA64.sys -- (IDSVia64) DRV - [2009/07/13 20:19:10 \| 000,019,008 \| ---- \| M] (Microsoft Corporation) [File_System \| On_Demand \| Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2009/03/18 16:56:18 \| 000,146,928 \| ---- \| M] (CyberLink Corp.) [2009/06/19 15:34:17] [Kernel \| Auto \| Running] -- C:\Program Files (x86)\CyberLink\PowerDVD\000.fcl -- ({95808DC4-FA4A-4C74-92FE-5B863F82066B}) DRV - [2004/06/22 17:44:50 \| 000,005,632 \| ---- \| M] (EnTech Taiwan) [Kernel \| On_Demand \| Stopped] -- C:\Windows\SysWOW64\drivers\Entech64.sys -- (ENTECH64) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = »www.falcon-nw.com/ IE - HKCU\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No CLSID value found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=0.80.0: C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/07/29 20:04:49 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\IPSFFPlgn\ [2011/09/27 22:00:40 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\coFFPlgn_2011_7_2_3 [2011/10/25 14:51:54 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\Firefox [2011/10/12 11:19:54 \| 000,000,000 \| ---D \| M] O1 HOSTS File: ([2006/09/18 16:37:24 \| 000,000,761 \| ---- \| M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (DivX Plus Web Player HTML5 ) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\5.1.0.29\CoIEPlg.dll (Symantec Corporation) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\5.1.0.29\IPS\IPSBHO.dll (Symantec Corporation) O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\5.1.0.29\CoIEPlg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\5.1.0.29\CoIEPlg.dll (Symantec Corporation) O4:64bit: - HKLM..\Run: [BisonHK] C:\Program Files (x86)\BisonCam\BisonHK.exe (mychat) O4:64bit: - HKLM..\Run: [BisonInst0402] C:\Program Files (x86)\BisonCam\InitDriverx64.exe (Bison Inc.) O4:64bit: - HKLM..\Run: [LchGKey] C:\Program Files (x86)\Chicony\GameKey\LchGKey.exe (CHICOY) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.) O4:64bit: - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe (cyberlink) O4 - HKLM..\Run: [Bing Bar] C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe (Microsoft Corp.) O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe () O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [P2Go_Menu] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe () O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} »download.microsoft.com/download/···trol.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} »www.nvidia.com/content/DriverDow···_nvd.cab (System Requirements Lab Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} »java.sun.com/update/1.6.0/jinsta···i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} »java.sun.com/update/1.6.0/jinsta···i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} »java.sun.com/update/1.6.0/jinsta···i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} »fpdownload2.macromedia.com/get/f···lash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3EF753F9-AEC1-4F99-8601-6093179B19BD}: DhcpNameServer = 192.168.0.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O24 - Desktop WallPaper: O24 - Desktop BackupWallPaper: O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{5611b516-da98-11e0-b499-001060976274}\Shell - "" = AutoRun O33 - MountPoints2\{5611b516-da98-11e0-b499-001060976274}\Shell\AutoRun\command - "" = F:\TL-Bootstrap.exe O33 - MountPoints2\{cdcb5bc9-85a7-11e0-9145-0090f5903376}\Shell - "" = AutoRun O33 - MountPoints2\{cdcb5bc9-85a7-11e0-9145-0090f5903376}\Shell\AutoRun\command - "" = E:\TL-Bootstrap.exe O33 - MountPoints2\{ce41b36e-87d9-11e0-b10b-0090f5903376}\Shell - "" = AutoRun O33 - MountPoints2\{ce41b36e-87d9-11e0-b10b-0090f5903376}\Shell\AutoRun\command - "" = F:\TL-Bootstrap.exe O34 - HKLM BootExecute: (autocheck autochk ) O35:64bit:* - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011/10/25 15:04:56 \| 000,584,192 \| ---- \| C] (OldTimer Tools) -- C:\Users\Joshua Dunn\Desktop\OTL.exe [2011/10/25 14:53:59 \| 000,000,000 \| ---D \| C] -- C:\Users\Joshua Dunn\AppData\Roaming\Malwarebytes [2011/10/25 14:53:51 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011/10/25 14:53:51 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Malwarebytes [2011/10/25 14:53:48 \| 000,025,416 \| ---- \| C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011/10/25 14:53:48 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011/10/25 14:53:11 \| 009,852,544 \| ---- \| C] (Malwarebytes Corporation ) -- C:\Users\Joshua Dunn\Desktop\mbam-setup-1.51.2.1300.exe [2011/10/25 14:52:29 \| 000,000,000 \| ---D \| C] -- C:\Users\Joshua Dunn\AppData\Local\{43300C96-3226-465A-B2A4-F2E77384DAE5} [2011/10/25 14:52:16 \| 000,000,000 \| ---D \| C] -- C:\Users\Joshua Dunn\AppData\Local\{0701BF93-7BEB-4089-A006-CC353A5E6798} [2011/10/25 14:52:01 \| 000,000,000 \| ---D \| C] -- C:\Users\Joshua Dunn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD [2011/10/25 14:49:19 \| 000,446,464 \| ---- \| C] (OldTimer Tools) -- C:\Users\Joshua Dunn\Desktop\TFC.exe [2011/10/25 14:26:19 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Trend Micro [2011/10/25 14:26:19 \| 000,000,000 \| ---D \| C] -- C:\Users\Joshua Dunn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis [2011/10/25 00:27:18 \| 000,000,000 \| ---D \| C] -- C:\Users\Joshua Dunn\AppData\Local\{1158617A-A06D-499F-B750-C15705038B1C} [2011/10/25 00:27:07 \| 000,000,000 \| ---D \| C] -- C:\Users\Joshua Dunn\AppData\Local\{5AF7DE4E-32BF-4941-8295-A6B1BF7C884D} [2011/10/23 14:14:06 \| 000,746,515 \| ---- \| C] (CheatHappens) -- C:\Users\Joshua Dunn\Desktop\ddd-maspien.exe [2011/10/20 15:30:06 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios [2011/10/20 15:30:06 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Hi-Rez Studios [2011/10/20 15:30:05 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Hi-Rez Studios [2011/10/20 15:23:03 \| 000,000,000 \| ---D \| C] -- C:\Users\Joshua Dunn\AppData\Local\{975725A5-8139-4EC9-ABE0-2CE66C79B112} [2011/10/20 15:22:51 \| 000,000,000 \| ---D \| C] -- C:\Users\Joshua Dunn\AppData\Local\{8370CB0E-730B-4A5B-B350-20ACD1C0F476} [2011/10/20 00:17:03 \| 000,000,000 \| ---D \| C] -- C:\Users\Joshua Dunn\AppData\Roaming\acccore [2011/10/20 00:17:02 \| 000,000,000 \| ---D \| C] -- C:\Users\Joshua Dunn\AppData\Local\AOL [2011/10/20 00:17:02 \| 000,000,000 \| ---D \| C] -- C:\Users\Joshua Dunn\AppData\Local\AIM [2011/10/20 00:16:54 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\AIM [2011/10/20 00:16:53 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIM [2011/10/20 00:16:52 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\AIM [2011/10/20 00:16:51 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Common Files\Software Update Utility [2011/10/20 00:16:51 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Common Files\AOL [2011/10/18 16:52:53 \| 000,000,000 \| ---D \| C] -- C:\Users\Joshua Dunn\AppData\Local\{96A36CCC-BD1E-4516-B311-ABAA0008CE80} [2011/10/18 16:52:41 \| 000,000,000 \| ---D \| C] -- C:\Users\Joshua Dunn\AppData\Local\{B11D09C8-9190-4572-BF78-EEFD91E288BA} [2011/10/15 15:43:32 \| 000,000,000 \| ---D \| C] -- C:\Users\Joshua Dunn\Documents\Agot [2011/10/13 23:54:02 \| 000,000,000 \| ---D \| C] -- C:\Users\Joshua Dunn\AppData\Local\CCP [2011/10/13 23:03:50 \| 000,000,000 \| ---D \| C] -- C:\Users\Joshua Dunn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EVE [2011/10/13 22:56:19 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\CCP [2011/10/13 21:50:45 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\CCP [2011/10/12 22:55:58 \| 000,000,000 \| ---D \| C] -- C:\Users\Joshua Dunn\Documents\Might & Magic Heroes VI [2011/10/12 22:45:58 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RIFT [2011/10/12 22:45:57 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\RIFT Game [2011/10/12 22:43:43 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Ubisoft [2011/10/12 14:20:47 \| 000,000,000 \| ---D \| C] -- C:\Users\Joshua Dunn\AppData\Local\{9EC130D8-D576-4D8B-AF5D-A7CDE7F97678} [2011/10/12 11:19:54 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\MSN Toolbar [2011/10/12 11:19:48 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Bing Bar Installer [2011/10/12 11:19:42 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\HP Photo Creations [2011/10/12 11:19:42 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\HP Photo Creations [2011/10/12 11:19:31 \| 000,000,000 \| ---D \| C] -- C:\Users\Joshua Dunn\AppData\Roaming\HpUpdate [2011/10/12 11:19:16 \| 000,361,320 \| ---- \| C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\HPDiscoPM8e11.dll [2011/10/12 11:19:15 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP [2011/10/12 11:18:47 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\HP [2011/10/12 11:18:44 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\HP [2011/10/12 11:17:49 \| 000,000,000 \| ---D \| C] -- C:\Program Files\HP [2011/10/12 11:17:24 \| 000,000,000 \| ---D \| C] -- C:\Users\Joshua Dunn\AppData\Local\HP [2011/10/11 23:31:49 \| 000,000,000 \| ---D \| C] -- C:\Users\Joshua Dunn\AppData\Local\{45D463EE-7BEE-4099-B3E3-001DDB84DE16} [2011/10/11 23:31:36 \| 000,000,000 \| ---D \| C] -- C:\Users\Joshua Dunn\AppData\Local\{8987383F-98F4-4DD6-BB0C-F56B91DE9F4C} [2011/10/11 09:30:29 \| 000,000,000 \| ---D \| C] -- C:\Users\Joshua Dunn\AppData\Local\{A281A1D9-2C77-43C5-A696-9C63A2A48E4F} [2011/10/11 09:30:18 \| 000,000,000 \| ---D \| C] -- C:\Users\Joshua Dunn\AppData\Local\{AFC824B3-DAEE-4EE0-A806-743AA922130E} [2011/10/08 21:02:56 \| 000,000,000 \| ---D \| C] -- C:\Users\Joshua Dunn\AppData\Local\{FE421B45-B867-425D-930F-C4952DF0D1EC} [2011/10/08 21:02:45 \| 000,000,000 \| ---D \| C] -- C:\Users\Joshua Dunn\AppData\Local\{9C79F099-68FF-49E5-9E8C-CF30683325F9} [2011/10/07 07:25:05 \| 000,000,000 \| ---D \| C] -- C:\89a240e0de5e84d8e2e5 [2011/10/06 21:37:53 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Black Isle [2011/10/06 16:44:37 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Common Files\Adobe [2011/10/06 16:42:31 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Adobe [2011/10/06 16:42:30 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Common Files\Adobe AIR [2011/10/05 13:48:00 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Bethesda Softworks [2011/10/05 08:29:40 \| 000,000,000 \| ---D \| C] -- C:\Users\Joshua Dunn\AppData\Local\{4D9BA737-5314-42F5-AF45-7BDF9A18F3ED} [2011/10/04 13:28:06 \| 000,000,000 \| ---D \| C] -- C:\Users\Joshua Dunn\AppData\Local\{899BADDA-24F4-401E-BBD1-2BCC414E7B9F} [2011/10/04 13:27:53 \| 000,000,000 \| ---D \| C] -- C:\Users\Joshua Dunn\AppData\Local\{157643D9-0B3C-44B8-B773-135AFCA332A8} [2011/10/04 11:00:16 \| 000,096,256 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2011/10/04 11:00:16 \| 000,072,704 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2011/10/04 11:00:14 \| 002,303,488 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2011/10/04 11:00:14 \| 000,248,320 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2011/10/04 11:00:14 \| 000,237,056 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2011/10/04 11:00:14 \| 000,231,936 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2011/10/04 11:00:14 \| 000,176,640 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2011/10/04 11:00:12 \| 000,818,176 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2011/10/04 11:00:12 \| 000,716,800 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2011/10/04 10:55:53 \| 000,319,488 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll [2011/10/04 10:55:53 \| 000,212,992 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll [2011/10/04 10:55:53 \| 000,199,680 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll [2011/10/04 10:55:53 \| 000,163,840 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll [2011/10/04 10:55:53 \| 000,163,840 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll [2011/10/04 10:55:53 \| 000,122,880 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll [2011/10/04 10:55:53 \| 000,106,496 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll [2011/10/04 10:55:53 \| 000,106,496 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll [2011/10/04 10:55:53 \| 000,086,016 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll [2011/10/04 10:55:53 \| 000,081,920 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll [2011/10/04 10:55:17 \| 001,162,752 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2011/10/04 10:55:17 \| 000,421,888 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2011/10/04 10:55:17 \| 000,362,496 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2011/10/04 10:55:17 \| 000,338,432 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2011/10/04 10:55:17 \| 000,243,200 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2011/10/04 10:55:17 \| 000,214,528 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2011/10/04 10:55:17 \| 000,025,600 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2011/10/04 10:55:17 \| 000,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2011/10/04 10:55:17 \| 000,014,336 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2011/10/04 10:55:17 \| 000,013,312 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2011/10/04 10:55:17 \| 000,006,144 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2011/10/04 10:55:17 \| 000,005,120 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2011/10/04 10:55:17 \| 000,005,120 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2011/10/04 10:55:17 \| 000,005,120 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2011/10/04 10:55:17 \| 000,004,608 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2011/10/04 10:55:17 \| 000,004,608 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2011/10/04 10:55:17 \| 000,004,608 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2011/10/04 10:55:17 \| 000,004,096 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2011/10/04 10:55:17 \| 000,004,096 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2011/10/04 10:55:17 \| 000,004,096 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2011/10/04 10:55:17 \| 000,004,096 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2011/10/04 10:55:17 \| 000,004,096 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2011/10/04 10:55:17 \| 000,004,096 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2011/10/04 10:55:17 \| 000,004,096 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2011/10/04 10:55:17 \| 000,003,584 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2011/10/04 10:55:17 \| 000,003,584 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2011/10/04 10:55:17 \| 000,003,584 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2011/10/04 10:55:17 \| 000,003,584 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2011/10/04 10:55:17 \| 000,003,584 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2011/10/04 10:55:17 \| 000,003,584 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2011/10/04 10:55:17 \| 000,003,584 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2011/10/04 10:55:17 \| 000,003,584 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2011/10/04 10:55:17 \| 000,003,584 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2011/10/04 10:55:17 \| 000,003,584 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2011/10/04 10:55:17 \| 000,003,584 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2011/10/04 10:55:17 \| 000,003,584 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2011/10/04 10:55:17 \| 000,003,584 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2011/10/04 10:55:17 \| 000,003,072 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2011/10/04 10:55:17 \| 000,003,072 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2011/10/04 10:55:17 \| 000,003,072 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2011/10/04 10:55:17 \| 000,003,072 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2011/10/04 10:55:17 \| 000,003,072 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2011/10/04 10:55:17 \| 000,003,072 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2011/10/04 10:55:17 \| 000,003,072 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2011/10/04 10:55:17 \| 000,003,072 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2011/10/04 10:55:17 \| 000,003,072 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2011/10/04 10:55:17 \| 000,003,072 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2011/10/04 10:55:17 \| 000,003,072 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2011/10/04 10:55:17 \| 000,003,072 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2011/10/04 10:55:17 \| 000,003,072 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2011/10/04 10:55:17 \| 000,003,072 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2011/10/04 10:55:17 \| 000,003,072 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2011/10/04 10:55:17 \| 000,003,072 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2011/10/04 10:55:17 \| 000,003,072 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2011/10/04 10:55:17 \| 000,003,072 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2011/10/04 10:55:17 \| 000,003,072 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2011/10/04 10:55:17 \| 000,003,072 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2011/10/04 10:55:17 \| 000,003,072 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2011/10/04 10:55:17 \| 000,003,072 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2011/10/04 10:55:16 \| 000,007,680 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2011/10/04 10:55:16 \| 000,006,144 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2011/10/04 10:55:16 \| 000,004,608 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2011/10/04 10:55:16 \| 000,004,096 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2011/10/04 10:55:16 \| 000,004,096 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2011/10/04 10:55:16 \| 000,003,584 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2011/10/04 10:55:16 \| 000,003,072 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2011/10/04 10:55:16 \| 000,003,072 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2011/10/04 10:55:16 \| 000,003,072 \| -H-- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2011/10/04 10:55:16 \| 000,002,048 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2011/10/04 10:54:43 \| 005,561,216 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2011/10/04 10:54:43 \| 003,967,872 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2011/10/04 10:54:43 \| 003,912,576 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2011/09/29 14:34:09 \| 000,000,000 \| ---D \| C] -- C:\Users\Joshua Dunn\AppData\Local\PunkBuster [2011/09/29 14:25:59 \| 000,000,000 \| ---D \| C] -- C:\Users\Joshua Dunn\Documents\Battlefield 3 Open Beta [2011/09/29 14:25:20 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Battlelog Web Plugins [2011/09/29 14:21:32 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\EA Core [2011/09/29 14:21:23 \| 000,000,000 \| -H-D \| C] -- C:\Program Files (x86)\Common Files\EAInstaller [2011/09/29 13:33:32 \| 000,000,000 \| ---D \| C] -- C:\Users\Joshua Dunn\AppData\Roaming\Origin [2011/09/29 13:33:27 \| 000,000,000 \| ---D \| C] -- C:\Users\Joshua Dunn\AppData\Local\Origin [2011/09/29 13:33:12 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin [2011/09/29 13:32:26 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Origin [2011/09/29 13:32:22 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Origin Games [2011/09/29 13:32:20 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Electronic Arts [2011/09/29 13:32:04 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\Origin [2011/09/27 22:01:56 \| 000,000,000 \| ---D \| C] -- C:\Users\Joshua Dunn\AppData\Local\{016498E5-1245-4205-B8FE-7328A65F3757} [2011/09/27 22:01:46 \| 000,000,000 \| ---D \| C] -- C:\Users\Joshua Dunn\AppData\Local\{B7104937-D9FD-4959-8FAB-58DC342A764E} [2011/09/27 01:12:35 \| 000,000,000 \| ---D \| C] -- C:\Users\Joshua Dunn\AppData\Local\{7D9D69E9-6441-4468-A220-5A57587FE2D1} [2011/09/26 18:36:21 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Wars - The Old Republic [2011/09/26 18:36:15 \| 000,000,000 \| ---D \| C] -- C:\Program Files (x86)\EA [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011/10/25 15:04:59 \| 000,584,192 \| ---- \| M] (OldTimer Tools) -- C:\Users\Joshua Dunn\Desktop\OTL.exe [2011/10/25 14:59:08 \| 000,724,492 \| ---- \| M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011/10/25 14:59:08 \| 000,622,406 \| ---- \| M] () -- C:\Windows\SysNative\perfh009.dat [2011/10/25 14:59:08 \| 000,106,490 \| ---- \| M] () -- C:\Windows\SysNative\perfc009.dat [2011/10/25 14:59:00 \| 000,009,712 \| -H-- \| M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/10/25 14:59:00 \| 000,009,712 \| -H-- \| M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/10/25 14:53:53 \| 000,001,118 \| ---- \| M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/10/25 14:53:27 \| 009,852,544 \| ---- \| M] (Malwarebytes Corporation ) -- C:\Users\Joshua Dunn\Desktop\mbam-setup-1.51.2.1300.exe [2011/10/25 14:51:55 \| 000,000,362 \| RHS- \| M] () -- C:\ProgramData\ntuser.pol [2011/10/25 14:51:48 \| 000,067,584 \| --S- \| M] () -- C:\Windows\bootstat.dat [2011/10/25 14:51:42 \| 529,973,247 \| -HS- \| M] () -- C:\hiberfil.sys [2011/10/25 14:49:19 \| 000,446,464 \| ---- \| M] (OldTimer Tools) -- C:\Users\Joshua Dunn\Desktop\TFC.exe [2011/10/25 14:26:19 \| 000,003,003 \| ---- \| M] () -- C:\Users\Joshua Dunn\Desktop\HiJackThis.lnk [2011/10/25 14:07:24 \| 000,001,220 \| ---- \| M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk [2011/10/23 12:13:30 \| 000,746,515 \| ---- \| M] (CheatHappens) -- C:\Users\Joshua Dunn\Desktop\ddd-maspien.exe [2011/10/20 15:30:06 \| 000,002,039 \| ---- \| M] () -- C:\Users\Public\Desktop\Hi-Command.lnk [2011/10/20 00:17:02 \| 000,000,375 \| -H-- \| M] () -- C:\IPH.PH [2011/10/20 00:16:53 \| 000,001,944 \| ---- \| M] () -- C:\Users\Joshua Dunn\Application Data\Microsoft\Internet Explorer\Quick Launch\AIM.lnk [2011/10/20 00:16:53 \| 000,001,920 \| ---- \| M] () -- C:\Users\Public\Desktop\AIM.lnk [2011/10/15 17:21:25 \| 000,270,142 \| ---- \| M] () -- C:\Users\Joshua Dunn\Desktop\Minecraft.exe [2011/10/13 23:03:51 \| 000,001,900 \| ---- \| M] () -- C:\Users\Joshua Dunn\Desktop\EVE.lnk [2011/10/12 22:46:23 \| 000,001,940 \| ---- \| M] () -- C:\Users\Public\Desktop\Play RIFT.lnk [2011/10/08 12:51:37 \| 000,280,904 \| ---- \| M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2011/10/08 12:51:37 \| 000,280,904 \| ---- \| M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011/10/08 12:44:40 \| 000,280,904 \| ---- \| M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2011/10/04 13:27:55 \| 000,414,368 \| ---- \| M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2011/09/29 22:21:59 \| 000,000,000 \| ---- \| M] () -- C:\Users\Joshua Dunn\Documents\portrait-of-an-elf-female-with-tattoos-on-face-and-earring-and-necklace.pl6wfdx.partial [2011/09/29 22:21:35 \| 000,000,000 \| ---- \| M] () -- C:\Users\Joshua Dunn\Documents\portrait-of-an-elf-female-with-tattoos-on-face-and-earring-and-necklace.40wvcu8.partial [2011/09/29 21:49:46 \| 000,027,469 \| ---- \| M] () -- C:\Users\Joshua Dunn\Documents\Druid_Elf_and_Tiger_by_Maidenkitty.jpg [2011/09/29 14:20:50 \| 000,075,136 \| ---- \| M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011/09/29 13:33:12 \| 000,000,988 \| ---- \| M] () -- C:\Users\Public\Desktop\Origin.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011/10/25 14:53:53 \| 000,001,118 \| ---- \| C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/10/25 14:26:19 \| 000,003,003 \| ---- \| C] () -- C:\Users\Joshua Dunn\Desktop\HiJackThis.lnk [2011/10/20 15:30:06 \| 000,002,039 \| ---- \| C] () -- C:\Users\Public\Desktop\Hi-Command.lnk [2011/10/20 00:16:53 \| 000,001,944 \| ---- \| C] () -- C:\Users\Joshua Dunn\Application Data\Microsoft\Internet Explorer\Quick Launch\AIM.lnk [2011/10/20 00:16:53 \| 000,001,920 \| ---- \| C] () -- C:\Users\Public\Desktop\AIM.lnk [2011/10/20 00:16:39 \| 000,000,375 \| -H-- \| C] () -- C:\IPH.PH [2011/10/15 17:21:23 \| 000,270,142 \| ---- \| C] () -- C:\Users\Joshua Dunn\Desktop\Minecraft.exe [2011/10/13 23:03:51 \| 000,001,900 \| ---- \| C] () -- C:\Users\Joshua Dunn\Desktop\EVE.lnk [2011/10/12 22:46:21 \| 000,001,940 \| ---- \| C] () -- C:\Users\Public\Desktop\Play RIFT.lnk [2011/10/06 16:45:00 \| 000,002,441 \| ---- \| C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2011/09/29 22:21:59 \| 000,000,000 \| ---- \| C] () -- C:\Users\Joshua Dunn\Documents\portrait-of-an-elf-female-with-tattoos-on-face-and-earring-and-necklace.pl6wfdx.partial [2011/09/29 22:21:35 \| 000,000,000 \| ---- \| C] () -- C:\Users\Joshua Dunn\Documents\portrait-of-an-elf-female-with-tattoos-on-face-and-earring-and-necklace.40wvcu8.partial [2011/09/29 21:52:25 \| 000,027,469 \| ---- \| C] () -- C:\Users\Joshua Dunn\Documents\Druid_Elf_and_Tiger_by_Maidenkitty.jpg [2011/09/29 14:34:25 \| 000,280,904 \| ---- \| C] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2011/09/29 14:20:53 \| 000,280,904 \| ---- \| C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011/09/29 14:20:53 \| 000,280,904 \| ---- \| C] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2011/09/29 14:20:50 \| 000,075,136 \| ---- \| C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011/09/29 13:33:12 \| 000,000,988 \| ---- \| C] () -- C:\Users\Public\Desktop\Origin.lnk [2011/08/03 03:31:54 \| 000,311,912 \| ---- \| C] () -- C:\Windows\SysWow64\nvStreaming.exe [2011/06/04 14:52:14 \| 000,000,362 \| RHS- \| C] () -- C:\ProgramData\ntuser.pol [2011/05/19 19:14:10 \| 000,731,106 \| ---- \| C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2009/07/14 00:38:36 \| 000,067,584 \| --S- \| C] () -- C:\Windows\bootstat.dat [2009/07/13 21:35:51 \| 000,000,741 \| ---- \| C] () -- C:\Windows\SysWow64\NOISE.DAT [2009/07/13 21:34:42 \| 000,215,943 \| ---- \| C] () -- C:\Windows\SysWow64\dssec.dat [2009/07/13 19:10:29 \| 000,043,131 \| ---- \| C] () -- C:\Windows\mib.bin [2009/07/13 18:42:10 \| 000,064,000 \| ---- \| C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/13 16:03:59 \| 000,364,544 \| ---- \| C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009/06/19 16:58:43 \| 000,000,012 \| ---- \| C] () -- C:\Windows\bthservsdp.dat [2009/06/19 16:34:11 \| 000,015,190 \| ---- \| C] () -- C:\Windows\M3000Twn.ini [2009/06/19 16:34:11 \| 000,000,189 \| ---- \| C] () -- C:\Windows\OEM.ini [2009/06/19 14:15:48 \| 000,117,248 \| ---- \| C] () -- C:\Windows\SysWow64\EhStorAuthn.dll [2009/06/10 16:26:10 \| 000,673,088 \| ---- \| C] () -- C:\Windows\SysWow64\mlang.dat [2008/08/27 12:22:17 \| 000,000,000 \| ---- \| C] () -- C:\Windows\ativpsrm.bin [2008/07/29 13:52:58 \| 000,003,972 \| ---- \| C] () -- C:\Windows\SysWow64\drivers\PciBus.sys [2008/06/03 05:02:02 \| 003,107,788 \| ---- \| C] () -- C:\Windows\SysWow64\atiumdva.dat [color=#E56717]========== LOP Check ==========[/color] [2011/10/16 16:31:20 \| 000,000,000 \| ---D \| M] -- C:\Users\Joshua Dunn\AppData\Roaming\.minecraft [2011/10/20 00:17:11 \| 000,000,000 \| ---D \| M] -- C:\Users\Joshua Dunn\AppData\Roaming\acccore [2011/09/18 15:10:36 \| 000,000,000 \| ---D \| M] -- C:\Users\Joshua Dunn\AppData\Roaming\BitTorrent [2011/06/04 16:50:26 \| 000,000,000 \| ---D \| M] -- C:\Users\Joshua Dunn\AppData\Roaming\DAEMON Tools Lite [2011/09/12 16:36:05 \| 000,000,000 \| ---D \| M] -- C:\Users\Joshua Dunn\AppData\Roaming\FTPRush [2011/07/18 22:57:22 \| 000,000,000 \| ---D \| M] -- C:\Users\Joshua Dunn\AppData\Roaming\GetRightToGo [2011/08/20 22:00:48 \| 000,000,000 \| ---D \| M] -- C:\Users\Joshua Dunn\AppData\Roaming\Kalypso Media [2011/07/02 00:25:35 \| 000,000,000 \| ---D \| M] -- C:\Users\Joshua Dunn\AppData\Roaming\Mumble [2011/09/29 13:33:32 \| 000,000,000 \| ---D \| M] -- C:\Users\Joshua Dunn\AppData\Roaming\Origin [2011/10/12 22:46:10 \| 000,000,000 \| ---D \| M] -- C:\Users\Joshua Dunn\AppData\Roaming\RIFT [2011/07/14 18:18:14 \| 000,000,000 \| ---D \| M] -- C:\Users\Joshua Dunn\AppData\Roaming\The Creative Assembly [2011/08/21 02:38:06 \| 000,000,000 \| ---D \| M] -- C:\Users\Joshua Dunn\AppData\Roaming\Tropico 4 [2011/08/18 18:07:57 \| 000,000,000 \| ---D \| M] -- C:\Users\Joshua Dunn\AppData\Roaming\wargaming.net [2011/09/27 01:12:03 \| 000,032,616 \| ---- \| M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color]
	to forum · permalink · 2011-10-25 16:40:36 ·
maspien join:2011-06-12 Bellevue, NE	reply to maspien OTL Extras logfile created on: 10/25/2011 3:06:14 PM - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Joshua Dunn\Desktop 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 \| Country: United States \| Language: ENU \| Date Format: M/d/yyyy 5.99 Gb Total Physical Memory \| 3.88 Gb Available Physical Memory \| 64.68% Memory free 11.98 Gb Paging File \| 9.71 Gb Available in Paging File \| 81.02% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\Windows \| %ProgramFiles% = C:\Program Files (x86) Drive C: \| 238.47 Gb Total Space \| 31.69 Gb Free Space \| 13.29% Space Free \| Partition Type: NTFS Computer Name: JDUNN100711 \| User Name: Joshua Dunn \| Logged in as Administrator. Boot Mode: Normal \| Scan Mode: Current user \| Include 64bit Scans Company Name Whitelist: Off \| Skip Microsoft Files: Off \| No Company Name Whitelist: On \| File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [color=#E56717]========== Shell Spawning ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{13AC9B67-96DE-4DF6-9FB8-974DD24A7AD6}" = HP Photosmart Plus B210 series Basic Device Software "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007 "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 280.26 "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 280.26 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 280.26 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 280.19 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.4.28 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "7C3D7B9AED2853754423059625FF478FBA0C0A75" = Windows Driver Package - Synaptics (SynTP) Mouse (12/06/2007 10.1.8.0) "87F00D67B8F04E9B904B2503B0892139DFC57FAC" = Windows Driver Package - Synaptics (HidUsb) HIDClass (12/06/2007 10.1.8.0) "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "SMSERIAL" = Motorola SM56 Data Fax Modem "SynTPDeinstKey" = Synaptics Pointing Device Driver "WinRAR archiver" = WinRAR 4.00 (64-bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{068B65E6-8960-4FAD-B143-126D86F228EE}" = Cisco SDM "{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{164714B6-46BC-4649-9A30-A6ED32F03B5A}" = Hotkey "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks v.0.6.6 "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver "{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26 "{344E827D-A8E8-46AA-A8AC-F7287F228A9B}" = Multimedia Keyboard Driver "{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic "{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Command "{40580068-9B10-40B5-9548-536CE88AB23C}" = ITECIR "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{45C8D17D-B5E0-4e93-8370-4329AB16D2A0}" = Battlefield 3™ Open Beta "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4BB1DCED-84D3-47F9-B718-5947E904593E}" = BisonCam, NB Pro "{4F7177E9-2B54-48B4-AAFD-03FA1F87A542}" = Bing Bar Platform "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = CyberLink PowerDVD "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update "{7F5FDEA1-D0AC-4D80-9D95-59775FCCFA40}" = HP Photosmart Plus B210 series Help "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_STANDARDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_STANDARDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007 "{90120000-001A-0409-0000-0000000FF1CE}_STANDARDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_STANDARDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_STANDARDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_STANDARDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_STANDARDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002A-0000-1000-0000000FF1CE}_STANDARDR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-0409-1000-0000000FF1CE}_STANDARDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_STANDARDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_STANDARDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0116-0409-1000-0000000FF1CE}_STANDARDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{91120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007 "{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195 "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5 "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1) "{ACEB2BAF-96DF-48FD-ADD5-43842D4C443D}" = Adobe AIR "{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D7A0A22A-C132-4B6F-8D68-67B95117DE93}" = RIFT "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "AIM_7" = AIM 7 "Battlelog Web Plugins" = Battlelog Web Plugins "BitTorrent" = BitTorrent "DAEMON Tools Lite" = DAEMON Tools Lite "DivX Setup.divx.com" = DivX Setup "ESN Sonar-0.70.0" = ESN Sonar "EVE" = EVE Online (remove only) "FTPRush_is1" = FTPRush v1 Unicode "HP Photo Creations" = HP Photo Creations "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "InstallShield_{D7A0A22A-C132-4B6F-8D68-67B95117DE93}" = RIFT "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300 "N360" = Norton 360 Premier Edition "NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Origin" = Origin "Planescape Torment_is1" = Planescape Torment "PunkBusterSvc" = PunkBuster Services "SecuROM Diagnostic Tool" = SecuROM Diagnostic Tool "SoftwareUpdUtility" = Download Updater (AOL LLC) "STANDARDR" = Microsoft Office Standard 2007 "Steam App 39200" = Dungeon Siege 2 "Steam App 40400" = AI War: Fleet Command "Steam App 55150" = Warhammer 40,000 Space Marine "Steam App 620" = Portal 2 "Steam App 8930" = Sid Meier's Civilization V "Steam App 97110" = Kohan: Immortal Sovereigns "Steam App 97120" = Kohan: Ahriman's Gift "Steam App 97130" = Kohan II: Kings of War "Steam App 99100" = Dungeons & Dragons: Daggerdale "SystemRequirementsLab" = System Requirements Lab "WinLiveSuite" = Windows Live Essentials "World of Warcraft" = World of Warcraft "Yahoo! Messenger" = Yahoo! Messenger [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Tropico 4" = Tropico 4 1.00 [color=#E56717]========== Last 10 Event Log Errors ==========[/color] Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! Results of screen317's Security Check version 0.99.24 Windows 7 x64 [color=red](UAC is disabled!)[/color] Internet Explorer 9 `````````````````````````````` [u]Antivirus/Firewall Check:[/u] Windows Firewall Enabled! Norton 360 [size=1]WMI entry may not exist for antivirus; attempting automatic update.[/size] ``````````````````````````````` [u]Anti-malware/Other Utilities Check:[/u] Malwarebytes' Anti-Malware Java(TM) 6 Update 26 [color=red]Out of date Java installed![/color] Adobe Reader X (10.1.1) ```````````````````````````````` Process Check: [u]objlist.exe by Laurent[/u] Norton ccSvcHst.exe Malwarebytes' Anti-Malware mbamservice.exe Malwarebytes' Anti-Malware mbamgui.exe ``````````End of Log```````````` QuickScan Beta 32-bit v0.9.9.99 ------------------------------- Scan date: Tue Oct 25 15:23:12 2011 Machine ID: F4F420B0 No infection found. ------------------- Processes --------- (unsigned) HotKey 4104 C:\Program Files (x86)\Hotkey\Hotkey.exe (unsigned) PassThruSvr Application 1488 C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe (verified) hpwuSchd Application 4704 C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (verified) Adobe Acrobat Update Service 1664 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (verified) Bing Bar 4756 C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe (verified) Chicony HOTKEY Driver 4484 C:\Program Files (x86)\Chicony\GameKey\Driver\ZGKY.exe (verified) cyberlink brs 3896 C:\Program Files (x86)\CyberLink\Shared Files\brs.exe (verified) CyberLink MediaLibray Service 4136 C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (verified) DAEMON Tools Lite 3864 C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (verified) DivX Update 4660 C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe (verified) Hotkey Driver 2512 C:\Program Files (x86)\Chicony\GameKey\ModPS2Key.exe (verified) Java(TM) Platform SE Auto Updater 2 0 1440 C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (verified) Java(TM) Platform SE Auto Updater 2 0 4240 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (verified) Malwarebytes' Anti-Malware 3792 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (verified) Malwarebytes' Anti-Malware 2124 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (verified) mychat BisonHK 3580 C:\Program Files (x86)\BisonCam\BisonHK.exe (verified) NVIDIA Update Components 6224 C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (verified) PnkBstrA.exe 2180 C:\Windows\SysWOW64\PnkBstrA.exe (verified) PowerBiosServer 2392 C:\Program Files (x86)\Hotkey\PowerBiosServer.exe (verified) PowerDVD 4204 C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe (verified) Steam 3744 C:\Program Files (x86)\Steam\Steam.exe (verified) Stereo Vision Control Panel API Server 768 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (verified) Symantec Security Technologies 1912 C:\Program Files (x86)\Norton 360 Premier Edition\Engine\5.1.0.29\ccSvcHst.exe (verified) Symantec Security Technologies 2640 C:\Program Files (x86)\Norton 360 Premier Edition\Engine\5.1.0.29\ccSvcHst.exe (verified) Windows Live Messenger 3760 C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (verified) Windows® Internet Explorer 3852 C:\Program Files (x86)\Internet Explorer\iexplore.exe (verified) Windows® Internet Explorer 4148 C:\Program Files (x86)\Internet Explorer\iexplore.exe (verified) Windows® Internet Explorer 5368 C:\Program Files (x86)\Internet Explorer\iexplore.exe (verified) Windows® Internet Explorer 5536 C:\Program Files (x86)\Internet Explorer\iexplore.exe Network activity ---------------- Process mswinext.exe (4756) connected on port 80 (HTTP) --> 65.55.17.39 Process mswinext.exe (4756) connected on port 80 (HTTP) --> 207.46.216.54 Process iexplore.exe (5536) connected on port 80 (HTTP) --> 74.125.227.71 Process iexplore.exe (5536) connected on port 80 (HTTP) --> 74.125.227.71 Process iexplore.exe (5536) connected on port 80 (HTTP) --> 69.171.229.15 Process iexplore.exe (5536) connected on port 80 (HTTP) --> 66.235.142.20 Process iexplore.exe (5536) connected on port 80 (HTTP) --> 91.199.104.31 Process iexplore.exe (5536) connected on port 80 (HTTP) --> 66.235.142.20 Process iexplore.exe (5536) connected on port 80 (HTTP) --> 80.86.110.21 Autoruns and critical files --------------------------- (unsigned) Bison Inc. Pcam C:\Program Files (x86)\BisonCam\InitDriverx64.exe (verified) hpwuSchd Application C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (verified) Language Application C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe (verified) Adobe Reader and Acrobat Manager C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (verified) Bing Bar C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe (verified) cyberlink brs C:\Program Files (x86)\CyberLink\Shared Files\brs.exe (verified) CyberLink MediaLibray Service C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (verified) DAEMON Tools Lite C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (verified) DivX Update C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe (verified) HD Audio Control Panel C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (verified) Java(TM) Platform SE Auto Updater 2 0 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (verified) Launch a application. C:\Program Files (x86)\Chicony\GameKey\LchGKey.exe (verified) Malwarebytes' Anti-Malware C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (verified) Microsoft® Windows® Operating System C:\Windows\ehome\ehTray.exe (verified) Microsoft® Windows® Operating System C:\Windows\system32\userinit.exe (verified) mychat BisonHK C:\Program Files (x86)\BisonCam\BisonHK.exe (verified) Pando Media Booster C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe (verified) PowerDVD C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe (verified) Realtek Voice Manager C:\Program Files\Realtek\Audio\HDA\Skytel.exe (verified) Skype C:\Program Files (x86)\Skype\Phone\Skype.exe (verified) SM56 Helper Win32 Utility C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (verified) StartMen Application C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (verified) Steam C:\Program Files (x86)\Steam\Steam.exe (verified) Synaptics Pointing Device Driver C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (verified) Windows Live Messenger C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe Browser plugins --------------- (unsigned) ESN Launch Mozilla Plugin C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll (unsigned) Java(TM) Platform SE 6 U26 C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (verified) AcroIEHelperShim Library c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll (verified) Adobe Acrobat C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (verified) Adobe® Flash® Player ActiveX C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe (verified) Bing Bar c:\program files (x86)\msn toolbar\platform\5.0.1449.0\npwinext.dll (verified) BitDefender QuickScan C:\Windows\Downloaded Program Files\qsax.dll (verified) DivX Plus Web Player HTML5 C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (verified) DivX VOD Helper Plug-in C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (verified) DivX Web Player C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (verified) ESN Sonar API C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll (verified) Java(TM) Platform SE 6 U26 C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (verified) Microsoft® CoReXT C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (verified) Microsoft® CoReXT C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (verified) Microsoft® CoReXT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (verified) Microsoft® Windows® Operating System C:\Windows\system32\mswsock.dll (verified) Microsoft® Windows® Operating System C:\Windows\system32\napinsp.dll (verified) Microsoft® Windows® Operating System C:\Windows\system32\NLAapi.dll (verified) Microsoft® Windows® Operating System C:\Windows\system32\pnrpnsp.dll (verified) Microsoft® Windows® Operating System C:\Windows\System32\winrnr.dll (verified) Microsoft® Windows® Operating System C:\Windows\system32\wshbth.dll (verified) Norton Confidential C:\Program Files (x86)\Norton 360 Premier Edition\Engine\5.1.0.29\coIEPlg.dll (verified) NVIDIA 3D Vision C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (verified) NVIDIA 3D VISION C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (verified) Pando Web Plugin C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (verified) Silverlight Plug-In c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll (verified) Symantec Intrusion Detection C:\Program Files (x86)\Norton 360 Premier Edition\Engine\5.1.0.29\IPS\IPSBHO.DLL (verified) System Requirements Lab C:\Windows\Downloaded Program Files\sysreqlab_nvd.dll (verified) Windows® Internet Explorer c:\windows\syswow64\ieframe.dll (verified) Yahoo Application State Plugin C:\Program Files (x86)\Yahoo!\Shared\npYState.dll Scan ---- MD5: 933f0a05f124250a63eb286e81a9f64a C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll MD5: dfb74c679a4d0fd09eb422c51d09fd75 C:\Program Files (x86)\BisonCam\InitDriverx64.exe MD5: 557f278080a5c6a3710256a788e98865 C:\Program Files (x86)\Hotkey\Hotkey.exe MD5: a1e779a0cf7a21b42e8fd3e8856d8481 C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe MD5: 1040bd9bf3ddab7cda2346f8375480a2 C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll MD5: 386fd3bef4f055da601d41fb796789b1 c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\coreclr.dll MD5: 443fe90ebaf037d830991621d893e760 c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\mscorrc.dll MD5: c720f2a93d592398c646bd34d913af1a C:\Program Files (x86)\Steam\bin\icudt42.dll MD5: aacdb1405f16a9cd1f74940e12804e88 C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\d17a5e7b3e9c6ea0f5c66093771b35eb\CustomMarshalers.ni.dll MD5: 5a9beddfafcef9becff3c03b532214df C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\47a4b624c147aae197214d4ee5f0661b\Microsoft.VisualBasic.ni.dll MD5: fc96b10618bf4ad2b3eafd544ef06086 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\16b68fcaff063835ae0ee348a1201f2a\mscorlib.ni.dll MD5: 507584a01d198a2ddc75879f3cecf10b C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\9e87dd8fe5d0f925d80a6a6eaf74fdb9\System.Drawing.ni.dll MD5: c2dd1aeb607af9394ad807e63508b428 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6e9a08576157b4aeb91a3aaa452fcb00\System.Management.ni.dll MD5: 4861f6d3e65b6001941ad4812ceb7971 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\86a2ec5efbcfcd1105475364d7975b15\System.ServiceProcess.ni.dll MD5: f0b98c494a252c7da33941dac8099b72 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0d43c5e77ee7b8466700b16d7e7d4bb7\System.Windows.Forms.ni.dll MD5: 25d377ff500d4817289f452b5285e6c2 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\3da7c6c1a0f26ae91883fd8b03ec192d\System.ni.dll No file uploaded. Scan finished - communication took 1 sec Total traffic - 0.00 MB sent, 0.04 KB recvd Scanned 555 files and modules - 1 second ==============================================================================
	to forum · permalink · 2011-10-25 16:41:00 ·

LoPhatPhuud Premium,VIP,MVM join:2002-01-06 Albuquerque, NM kudos:23 Reviews: ·Comcast	reply to maspien Your logs are clean. From your description, it sounds more like a software issue and malware. Pando Networks media booster is one likely candidate since it involves background processing. If you are behind a router, check your logs after a slowdown to see if you can spot high network activity. Also, if you can, check the Task Manager during a slowdown to try and pinpoint programs that maybe the cause. To be safe I want to check for Rootkits, but I expect the result to be negative. Download and run Sophos AntiRootkit. Post the log in this thread, even if nothing is found. You find link(s) and instructions here: »Security Cleanup FAQ »Rootkit Detection Applications -- When angry count four; when very angry, swear. Microsoft MVP/Consumer Security 2005-2011 Gladiator Security Forum
	to forum · permalink · 2011-10-25 17:09:34 ·
maspien join:2011-06-12 Bellevue, NE	Here is the info. Also I do note that svchost.exe take up alot of memory. Something between 100k 400 to 500 at extremes. But usually around 100 to 250k. In edition to a ton of them running. But only one high. Area: Windows registry Description: Hidden registry value Location: \HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\SharedDefs\APP_ID_SCANNER6 Removable: No Notes: (type 1, length 220) "C : \ P r o g r a m D a t a \ N o r t o n \ { 0 C 5 5 C 0 9 6 - 0 F 1 D " ... "0 0 2 " Area: Local hard drives Description: Unknown hidden file Location: C:\ProgramData\Norton\00000082\0000011f\000005b8\cltLMS1.dat Removable: Yes (but clean up not recommended for this file) Notes: (no more detail available) Area: Local hard drives Description: Unknown hidden file Location: C:\ProgramData\Norton\00000082\0000011f\000005b8\cltLMS2.dat Removable: Yes (but clean up not recommended for this file) Notes: (no more detail available) Area: Local hard drives Description: Unknown hidden file Location: C:\Users\Joshua Dunn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZXJ1JCMZ\204645664_1319572381,123605157d89f16,cesoanti,ax.40-ns.moosappl_l;;ppos=atf;kw=;tile=2;sz=300x250,300x600;net=ns;cmw=owl;contx=cesoanti;an=40;dc=d;btg=ns[1].js Removable: Yes (but clean up not recommended for this file) Notes: (no more detail available) Area: Local hard drives Description: Unknown hidden file Location: C:\Windows\System32\drivers\en-US\msdsm.sys.mui Removable: Yes (but clean up not recommended for this file) Notes: (no more detail available)
	to forum · permalink · 2011-10-25 18:15:18 ·
LoPhatPhuud Premium,VIP,MVM join:2002-01-06 Albuquerque, NM kudos:23 Reviews: ·Comcast	reply to maspien The Sophos log is ok. One thing to check, Norton 360, if I remember correctly, includes what they call an optimizer function. Basically a disk defragmenter. That can give you the issues you see if it engages. I run NIS2012 but have the optimizer function turned off. I prefer to use a separate program. Svchost.exe is used by a lot of services and you need to look further to find more specifics about the process involved. Process Explorer is a good program for this: »technet.microsoft.com/en-us/sysi···653.aspx -- When angry count four; when very angry, swear. Microsoft MVP/Consumer Security 2005-2011 Gladiator Security Forum
	to forum · permalink · 2011-10-25 18:48:51 ·
LoPhatPhuud Premium,VIP,MVM join:2002-01-06 Albuquerque, NM kudos:23 Reviews: ·Comcast	reply to maspien There is nothing more that be done in this forum. Yuor computer appears clean of malware that would cause your problems. Your best choice would be to post in the apppropriate Microsft Answers forum. Link them to this thread so they see the logs. »answers.microsoft.com/en-us Time to cleanup.... Cleaning Up: Delete TFC: Delete the TFC icon on your Desktop Delete OTL: Double click the OTL icon on your Desktop Press the 'Cleanup' button Delete Security Check: Delete the SecurityCheck icon on your Desktop Delete Malware Bytes: We recommend that you keep MalwareBytes (MBAM) and run it every week. There is no charge to keep the program however the real time protection will stop after the trial period. Be sure to update the definitions before each use. If you decide not to keep MBAM, use Add/Remove Programs to uninstall it. Other Programs: If we asked you to install any other programs that are not removed by the OTL cleanup procedure, we will provide separate removal instructions. Use Add/Remove Programs to uninstall Sophos AntiRootkit. -- When angry count four; when very angry, swear. Microsoft MVP/Consumer Security 2005-2011 Gladiator Security Forum
	to forum · permalink · 2011-10-25 18:51:43 ·
maspien join:2011-06-12 Bellevue, NE	All right thanks for the info I will continue look into what you said.
	to forum · permalink · 2011-10-25 21:39:01 ·

Broadband Tech > Security > Security Cleanup > Computer randomly locks up or freezes. Along with aditional.