Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - zzzim

Pages: [1]

Tech Clinic / Computer Hang All of a suddent

« on: January 14, 2012, 02:57:24 AM »

ok. thax for recommendation i will consider about it.

So far so good. thax a lot! =D

Tech Clinic / Computer Hang All of a suddent

« on: January 13, 2012, 11:31:33 PM »

I think I will just stick with the current version

=)

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrchddr.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64182481-4F71-486b-A045-B233BD0DA8FC}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A57CDFD3-A6CA-35CC-F001-C57C13EA7093}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A57CDFD3-A6CA-35CC-F001-C57C13EA7093}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9}\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0\ deleted successfully.
File not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\User\Desktop\cmd.bat deleted successfully.
C:\Users\User\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: User
->Flash cache emptied: 2848 bytes

Total Flash Files Cleaned = 0.00 mb

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: User
->Temp folder emptied: 5474198 bytes
->Temporary Internet Files folder emptied: 516170 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 10455146 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 50310723 bytes
RecycleBin emptied: 58539 bytes

Total Files Cleaned = 64.00 mb

OTL by OldTimer - Version 3.2.26.1 log created on 01142012_122312

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Tech Clinic / Computer Hang All of a suddent

« on: January 12, 2012, 09:02:15 AM »

Malwarebytes Anti-Malware (Trial) 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.12.03

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
User :: USER-PC [administrator]

Protection: Disabled

12/1/2012 9:39:46 PM
mbam-log-2012-01-12 (21-39-46).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 189861
Time elapsed: 10 minute(s), 10 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 24
HKCR\AppID\{1DD31B76-C57E-49ba-94BC-BF53F0C82CD4} (Adware.Funshion) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1DD31B76-C57E-49ba-94BC-BF53F0C82CD4} (Adware.Funshion) -> Quarantined and deleted successfully.
HKCR\CLSID\{11CC93E4-0BE6-4f8f-82AA-D577FB955B05} (Adware.Funshion) -> Quarantined and deleted successfully.
HKCR\TypeLib\{F9BC0421-BB5C-447d-8547-BB45AFA80A4D} (Adware.Funshion) -> Quarantined and deleted successfully.
HKCR\Interface\{4D89001B-5B5B-4E76-A1F5-638E49DB7A58} (Adware.Funshion) -> Quarantined and deleted successfully.
HKCR\AddressSearch.JsObject.1 (Adware.Funshion) -> Quarantined and deleted successfully.
HKCR\AddressSearch.JsObject (Adware.Funshion) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11CC93E4-0BE6-4F8F-82AA-D577FB955B05} (Adware.Funshion) -> Quarantined and deleted successfully.
HKCR\CLSID\{91878E42-FC03-4785-B513-1F9E613D1027} (Adware.Funshion) -> Quarantined and deleted successfully.
HKCR\TypeLib\{D02E3AB9-7796-40cb-BDFC-20D834FE1F75} (Adware.Funshion) -> Quarantined and deleted successfully.
HKCR\Interface\{FCB380C4-D350-44BE-8791-50216F4747AC} (Adware.Funshion) -> Quarantined and deleted successfully.
HKCR\ASBarBroker.BDBroker.1 (Adware.Funshion) -> Quarantined and deleted successfully.
HKCR\ASBarBroker.BDBroker (Adware.Funshion) -> Quarantined and deleted successfully.
HKCR\CLSID\{FBEDBA6C-44A2-43b9-BD49-20EB6E0C4E86} (Adware.Funshion) -> Quarantined and deleted successfully.
HKCR\AddressSearch.SnavHttpProtocol.1 (Adware.Funshion) -> Quarantined and deleted successfully.
HKCR\AddressSearch.SnavHttpProtocol (Adware.Funshion) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{77FEF28E-EB96-44FF-B511-3185DEA48697} (Trojan.Cinmus) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{77FEF28E-EB96-44FF-B511-3185DEA48697} (Trojan.Cinmus) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{B580CF65-E151-49C3-B73F-70B13FCA8E86} (Trojan.Cinmus) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B580CF65-E151-49C3-B73F-70B13FCA8E86} (Trojan.Cinmus) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A7F05EE4-0426-454F-8013-C41E3596E9E9} (Trojan.Cinmus) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E5D5D4A1-17F0-41D7-B1C6-0979F91E6F46} (Adware.BDSearch) -> Quarantined and deleted successfully.
HKCR\thunder (Trojan.Agent) -> Delete on reboot.
HKLM\SOFTWARE\Baidu (Trojan.Cinmus) -> Quarantined and deleted successfully.

Registry Values Detected: 2
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{B580CF65-E151-49C3-B73F-70B13FCA8E86} (Trojan.Cinmus) -> Data: eÏ€µQáÃI·?p±?ÊŽ† -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{B580CF65-E151-49C3-B73F-70B13FCA8E86} (Trojan.Cinmus) -> Data: -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Æô¶¯ Internet Explorer ä¯ÀÀÆ÷.lnk (Hijack.Trace) -> Quarantined and deleted successfully.
C:\Users\User\Favorites\ÌÔ±¦Íø - ÌÔ£¡ÎÒÏ²»¶.url (Malware.Trace) -> Quarantined and deleted successfully.

(end)

OTL logfile created on: 12/1/2012 9:55:47 PM - Run 4
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\User\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00004409 | Country: Malaysia | Language: ENM | Date Format: d/M/yyyy

2.97 Gb Total Physical Memory | 1.92 Gb Available Physical Memory | 64.80% Memory free
5.93 Gb Paging File | 4.82 Gb Available in Paging File | 81.31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286.99 Gb Total Space | 120.34 Gb Free Space | 41.93% Space Free | Partition Type: NTFS
Drive F: | 442.98 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/11/29 18:34:16 | 000,194,160 | ---- | M] (深圳市迅雷网络技术有限公司) -- C:\Program Files\Thunder Network\Xmp\Program\XMP.exe
PRC - [2011/08/18 08:22:38 | 024,182,160 | ---- | M] (Dropbox, Inc.) -- C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2011/07/15 12:52:53 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
PRC - [2011/06/09 11:14:38 | 000,439,744 | ---- | M] (PPLive Corporation) -- C:\Program Files\Common Files\PPLiveNetwork\PPAP.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010/12/20 14:42:04 | 000,217,088 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2010/01/22 18:42:06 | 000,462,336 | ---- | M] () -- C:\Program Files\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe
PRC - [2009/11/16 09:04:30 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009/11/16 09:03:32 | 002,054,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2009/10/03 02:28:09 | 002,969,600 | ---- | M] (ANSYS, Inc.) -- C:\Program Files\ANSYS Inc\Shared Files\Licensing\win32\ansysli_server.exe
PRC - [2009/10/03 02:28:08 | 001,290,240 | ---- | M] () -- C:\Program Files\ANSYS Inc\Shared Files\Licensing\win32\ansysli_monitor.exe
PRC - [2009/07/14 09:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/14 09:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/07/14 09:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2009/05/21 05:29:24 | 001,703,936 | ---- | M] (ANSYS, Inc.) -- C:\Program Files\ANSYS Inc\Shared Files\Licensing\win32\ansyslmd.exe
PRC - [2009/05/21 05:29:24 | 001,462,024 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\ANSYS Inc\Shared Files\Licensing\win32\lmgrd.exe
PRC - [2009/05/01 13:52:24 | 000,082,600 | ---- | M] (Lexmark International Inc.) -- C:\Program Files\Lexmark 2400 Series\ezprint.exe
PRC - [2009/05/01 13:52:22 | 000,291,496 | ---- | M] () -- C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
PRC - [2009/02/20 09:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2008/09/03 13:47:00 | 000,712,704 | ---- | M] (AuthenTec, Inc) -- C:\Program Files\TrueSuite Access Manager\FpNotifier.exe
PRC - [2008/09/02 07:06:00 | 000,049,152 | ---- | M] (AuthenTec Inc.) -- C:\Windows\System32\TAMSvr.exe
PRC - [2008/08/26 01:58:20 | 000,077,824 | ---- | M] (Toshiba) -- C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe
PRC - [2008/07/25 15:41:56 | 000,094,208 | ---- | M] () -- C:\Program Files\TrueSuite Access Manager\usbnotify.exe
PRC - [2008/07/18 20:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2008/04/25 04:03:12 | 000,430,080 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
PRC - [2008/04/17 15:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2008/03/20 05:35:44 | 000,716,800 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
PRC - [2008/02/07 05:52:52 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
PRC - [2008/02/07 05:52:40 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
PRC - [2007/12/04 09:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
PRC - [2007/11/22 08:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2007/09/29 08:03:46 | 000,075,136 | ---- | M] ( TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
PRC - [2007/06/16 13:01:58 | 000,448,080 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
PRC - [2007/03/12 13:49:46 | 001,209,904 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007/03/12 13:49:26 | 000,153,136 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2007/02/12 16:43:44 | 000,065,536 | ---- | M] (O2Micro International) -- c:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
PRC - [2006/12/11 12:12:06 | 000,537,520 | ---- | M] ( ) -- C:\Windows\System32\lxcrcoms.exe
PRC - [2006/08/24 08:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

========== Modules (SafeList) ==========

MOD - [2011/07/15 12:52:53 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
MOD - [2009/07/14 09:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (WPFFontCache_v0400)
SRV - [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/12/15 10:03:35 | 003,316,000 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_b427739.dll -- (Akamai)
SRV - [2011/10/14 15:32:40 | 000,087,728 | ---- | M] (ShenZhen Xunlei Networking Technologies,LTD) [Auto | Running] -- C:\Program Files\Common Files\Thunder Network\ServicePlatform\XLSP.dll -- (XLServicePlatform)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/03/22 22:34:49 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/12/20 14:42:04 | 000,217,088 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010/01/22 18:42:06 | 000,462,336 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe -- (mitsijm2011)
SRV - [2009/11/16 09:12:54 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009/11/16 09:04:30 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2009/10/03 02:28:09 | 002,969,600 | ---- | M] (ANSYS, Inc.) [Auto | Running] -- C:\Program Files\ANSYS Inc\Shared Files\Licensing\win32\ansysli_server.exe -- (ANSYS, Inc. License Manager)
SRV - [2009/07/14 09:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 09:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 09:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/02/20 09:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2008/09/02 07:06:00 | 000,049,152 | ---- | M] (AuthenTec Inc.) [Auto | Running] -- C:\Windows\System32\TAMSvr.exe -- (Authentec memory manager)
SRV - [2008/08/26 01:58:20 | 000,077,824 | ---- | M] (Toshiba) [On_Demand | Running] -- C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe -- (SmartFaceVWatchSrv)
SRV - [2008/07/18 20:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2008/05/29 07:20:16 | 000,164,600 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/04/17 15:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2008/04/12 03:57:14 | 000,124,264 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2008/02/07 05:52:40 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2007/12/04 09:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV - [2007/11/22 08:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2007/02/12 16:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- c:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe -- (o2flash)
SRV - [2006/12/11 12:12:06 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxcrcoms.exe -- (lxcr_device)
SRV - [2006/08/24 08:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)

========== Driver Services (SafeList) ==========

DRV - [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/06/02 13:47:22 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011/06/02 13:47:22 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2011/06/02 13:47:22 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM)
DRV - [2011/06/02 13:47:22 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2010/12/21 13:55:02 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2010/12/20 14:42:04 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/11/24 08:55:50 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2010/11/24 08:55:50 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2010/11/24 08:55:50 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2010/02/16 23:02:02 | 000,021,504 | ---- | M] (http://www.atmel.com) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\libusb0.sys -- (libusb0)
DRV - [2009/11/16 09:06:52 | 000,095,896 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2009/11/16 09:03:36 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009/11/16 08:56:12 | 000,116,520 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamon.sys -- (eamon)
DRV - [2009/07/14 09:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/14 09:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009/07/14 09:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/14 07:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/14 07:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/07/14 06:09:17 | 004,194,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/07/14 06:02:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/07/14 06:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel(R)
DRV - [2008/08/14 09:52:00 | 000,146,944 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor)
DRV - [2008/07/25 15:41:36 | 000,042,608 | ---- | M] (Alfa Corporation) [File_System | Boot | Running] -- C:\Windows\system32\Drivers\AlfaFF.sys -- (AlfaFF)
DRV - [2008/07/16 11:59:06 | 000,017,960 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2008/05/06 16:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008/04/15 10:13:14 | 000,051,160 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2media.sys -- (O2MDRDR)
DRV - [2008/03/04 10:32:00 | 000,188,416 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2007/12/15 02:53:24 | 000,024,200 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2007/11/10 06:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2007/10/17 07:36:00 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/10/24 08:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSHS&bmod=TSHS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=TSHS&bmod=TSHS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddr&s={searchTerms}&f=4

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.facemoods.com/?a=ddr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@xunlei.com/DapCtrl: C:\Program Files\Common Files\Thunder Network\KanKan\npDapCtrl.3.1.0.1.(489).dll (ShenZhen Thunder Networking Technologies Ltd.)
FF - HKLM\Software\MozillaPlugins\@xunlei.com/DapCtrlPlugin: C:\Program Files\Common Files\Thunder Network\KanKan\npDapCtrlFirefox.2.0.5901.12.(500).dll (ShenZhen Thunder Networking Technologies Ltd.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\User\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\User\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\User\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\User\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/10/12 20:13:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011/03/14 15:47:54 | 000,000,000 | ---D | M]

[2010/09/10 14:19:24 | 000,305,152 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npuuseep.dll
[2010/12/13 20:36:54 | 000,002,035 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrchddr.xml

O1 HOSTS File: ([2006/09/19 05:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Ñ¸À×FLVÊÓÆµÐáÌ½¼°ÏÂÔØÖ§³Ö) - {0EA37B17-6B8B-4085-8257-F3A4AA69C27A} - C:\Program Files\Thunder Network\Thunder\BHO\XlBrowserAddin1.0.5.64.dll (ShenZhen Xunlei Networking Technologies,LTD)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - File not found
O2 - BHO: (Ñ¸À×ÏÂÔØÖ§³Ö) - {889D2FEB-5411-4565-8998-1DD2C5261283} - C:\Program Files\Thunder Network\Thunder\BHO\XunleiBHO7.2.3.3254.dll (深圳市迅雷网络技术有限公司)
O2 - BHO: (A57CDFD3-A6CA-35CC-F001-C57C13EA7093 Class) - {A57CDFD3-A6CA-35CC-F001-C57C13EA7093} - File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - File not found
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 2400 Series\ezprint.exe (Lexmark International Inc.)
O4 - HKLM..\Run: [FingerPrintNotifer] C:\Program Files\TrueSuite Access Manager\FpNotifier.exe (AuthenTec, Inc)
O4 - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
O4 - HKLM..\Run: [LXCRCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\LXCRtime.DLL (Lexmark International Inc.)
O4 - HKLM..\Run: [lxcrmon.exe] C:\Program Files\Lexmark 2400 Series\lxcrmon.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [UsbMonitor] C:\Program Files\TrueSuite Access Manager\usbnotify.exe ()
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [Facebook Update] C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [PPAP] C:\Program Files\Common Files\PPLiveNetwork\PPAP.EXE (PPLive Corporation)
O4 - HKCU..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - HKCU..\Run: [XMP] c:\program files\thunder network\xmp\program\XMP.exe (深圳市迅雷网络技术有限公司)
O4 - Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: OldEnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Ê¹ÓÃ&Ñ¸À×ÀëÏßÏÂÔØ - C:\Program Files\Thunder Network\Thunder\BHO\OfflineDownload.htm ()
O8 - Extra context menu item: &Ê¹ÓÃ&Ñ¸À×ÏÂÔØ - C:\Program Files\Thunder Network\Thunder\BHO\geturl.htm ()
O8 - Extra context menu item: &Ê¹ÓÃ&Ñ¸À×ÏÂÔØÈ«²¿Á´½Ó - C:\Program Files\Thunder Network\Thunder\BHO\getAllurl.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: 使用迅雷看看播放器播放 - C:\Users\Public\Thunder Network\XMP4\Core\program\XmpIEMenu.htm ()
O9 - Extra Button: ²é¿´ÍøÒ³È«²¿Í¼Æ¬ - {548BF84E-9665-47f9-B635-7380F8943E90} - C:\Program Files\Thunder Network\Thunder\Program\repairimage.htm ()
O9 - Extra 'Tools' menuitem : ²é¿´ÍøÒ³È«²¿Í¼Æ¬ - {548BF84E-9665-47f9-B635-7380F8943E90} - C:\Program Files\Thunder Network\Thunder\Program\repairimage.htm ()
O9 - Extra Button: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPTV\PPLive.exe (PPLive Corporation)
O9 - Extra 'Tools' menuitem : PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPTV\PPLive.exe (PPLive Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\Thunder Network\NetMon\net_monitor1.0.2.25.dll (Thunder Networking Technologies,LTD)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\Thunder Network\NetMon\net_monitor1.0.2.25.dll (Thunder Networking Technologies,LTD)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\Thunder Network\NetMon\net_monitor1.0.2.25.dll (Thunder Networking Technologies,LTD)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Common Files\Thunder Network\NetMon\net_monitor1.0.2.25.dll (Thunder Networking Technologies,LTD)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop Components:0 () -
O24 - Desktop WallPaper: C:\TOSHIBA\Wallpapers\wallpaper1.jpg
O24 - Desktop BackupWallPaper: C:\TOSHIBA\Wallpapers\wallpaper1.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/06/14 14:43:09 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2009/06/11 05:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/01/29 04:00:27 | 000,000,088 | ---- | M] () - F:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{83906294-44bd-11e0-9d2c-001e651e719e}\Shell - "" = AutoRun
O33 - MountPoints2\{83906294-44bd-11e0-9d2c-001e651e719e}\Shell\AutoRun\command - "" = F:\WD SmartWare.exe -- [2010/01/22 08:13:40 | 003,330,848 | ---- | M] (Western Digital)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/12 21:59:40 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{0069C927-F766-47AC-A203-63B6FD58421C}
[2012/01/12 21:59:27 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{D7760EEB-E2FF-475F-8383-B11FE8004B9E}
[2012/01/12 21:34:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/01/12 21:34:15 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/01/12 21:34:15 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/01/12 21:01:53 | 010,847,608 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\User\Desktop\mbam-setup-1.60.0.1800.exe
[2012/01/12 20:53:00 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\User\Desktop\TFC.exe
[2012/01/12 20:35:45 | 000,000,000 | -HSD | C] -- C:\found.000
[2012/01/12 09:34:51 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{344D042B-5661-49E2-9015-88A7A3E3BA13}
[2012/01/12 09:34:38 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{0F6A9D4F-EBB8-4022-BAF2-E9E1DC4ECD12}
[2012/01/11 21:34:09 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{5880A93D-BF72-4910-A951-C92A875F1259}
[2012/01/11 21:33:53 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{6BD5C460-709A-40A7-A21D-1A5196D42E0F}
[2012/01/11 09:33:24 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{3FBF76E8-4770-417C-98EA-603D73CE05E0}
[2012/01/11 09:33:11 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{DEF81166-C5D6-4CED-A592-1FE749AE9B30}
[2012/01/10 21:32:42 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{1B9936C3-1112-4884-ADEE-381B02FAD770}
[2012/01/10 21:32:29 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{039B2D85-BB68-4E94-B64A-3C910C26C516}
[2012/01/10 09:32:00 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{F034060F-07FC-4475-93EC-AD49A1A61C88}
[2012/01/10 09:31:47 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{D0F307B7-3D8E-411E-A8EF-4CD9D6D17A62}
[2012/01/09 21:55:56 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\Time Table
[2012/01/09 21:31:18 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{04D10EF8-175B-481A-9736-10B0F7934D2F}
[2012/01/09 21:31:04 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{9C863E6B-4B59-47D1-BF3E-4ACA8E8EC8A9}
[2012/01/09 09:30:48 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{DC989E70-F6C1-4EE0-BA8B-2FAF4D637E44}
[2012/01/09 09:30:34 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{87AD55F4-3E03-43A8-9454-0A82C7808182}
[2012/01/08 21:30:04 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{014530B8-1CD4-4B3D-9F67-C07D834FB9D2}
[2012/01/08 09:29:34 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{C90D7D97-B6AF-4987-8D8B-93B98C56A116}
[2012/01/08 09:29:19 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{14C9865F-B17D-4D01-84C1-A7031B0D88D3}
[2012/01/07 21:28:50 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{79BC198B-B6C6-4E90-B47C-ABAFADF05ADA}
[2012/01/07 21:28:23 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{B44BFCAB-505D-42FE-8A01-72C371280987}
[2012/01/07 09:28:06 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{FA0AA5DF-A49C-4008-B8DF-02EC7443C6BB}
[2012/01/07 09:27:53 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{E67506AF-DA73-4602-BEA0-F8058FDC922E}
[2012/01/06 19:56:20 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{43AEBB6D-FABF-4441-B4FB-3463F1982489}
[2012/01/06 19:56:07 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{BE2258ED-9847-425E-8E66-668C0555D409}
[2012/01/06 07:55:34 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{A55CD12D-FA73-4C50-B9B2-CA26EBB9DC29}
[2012/01/06 07:55:10 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{24ECC6AE-755D-4DD6-98D9-5465253D92A5}
[2012/01/06 01:31:31 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{178D2777-3623-4F3B-9500-09B35FA32114}
[2012/01/05 12:16:00 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{91A15CD3-2068-4139-B02A-57CF07AE10E1}
[2012/01/05 12:15:47 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{1CA4B3EF-ECBE-46D3-961C-6E005FB02B17}
[2012/01/04 23:11:33 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{B16D1911-65B5-46AE-A045-73319A4CF264}
[2012/01/04 23:11:17 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{4AAA10F4-307E-447F-BCE3-CA0DC30FE70E}
[2012/01/04 11:11:01 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{CA68780E-9DC9-4B4D-80BF-0FB051B54082}
[2012/01/04 11:10:45 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{6E9DCBE0-26BC-4EB9-AA28-D2FED68C1202}
[2012/01/03 23:10:15 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{DAD5581D-44F7-4017-8231-30FF58188E2C}
[2012/01/03 23:10:00 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{04EBD48A-BA35-4373-BC01-A3CD721211DB}
[2012/01/03 11:09:41 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{011D4F10-D290-4AAA-8AA4-6A4631FAA7B1}
[2012/01/03 11:09:25 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{7B5AA534-F9F3-475C-812C-E07B612A5855}
[2012/01/02 23:08:56 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{C3467F92-AE05-4E14-BAA3-02B4BC5BA50E}
[2012/01/02 23:08:41 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{A7D75564-B7ED-466D-8173-A378EE7CF6B6}
[2012/01/02 11:08:25 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{ECE3F714-5D45-4507-8084-F70E991076C3}
[2012/01/02 11:08:12 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{B818D0E1-6095-469A-BD9C-C02F4AF1B540}
[2012/01/01 21:59:37 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{C365B506-6A61-431C-815D-B931684E850E}
[2012/01/01 21:59:22 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{562A07E0-D05B-4E31-B1B7-E4A2F71FA558}
[2012/01/01 09:59:07 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{B253834D-7F90-44EB-B21A-2E67B5779F56}
[2012/01/01 09:58:54 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{02BD3376-21FA-4DD5-9535-30612C0EBD3E}
[2011/12/31 21:55:59 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{CB2D0C1F-2B8F-4A03-8883-140435B3E47C}
[2011/12/31 21:55:45 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{5CDE5497-51C9-40FA-B700-D4B29B9E956B}
[2011/12/31 09:55:27 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{62C51678-9ADF-455B-A475-4959E066B554}
[2011/12/31 09:55:10 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{90ED7CCE-9663-4CDD-9776-57E82E365BFD}
[2011/12/30 14:17:07 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{D14A8FDE-5184-41D2-87AE-32B8DBC33130}
[2011/12/30 14:16:52 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{8EE077EA-25EE-4C4C-9EB9-F7F793DF1A93}
[2011/12/30 02:16:23 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{75A7EF83-BD22-4567-8857-E72351B56CA2}
[2011/12/30 02:16:03 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{51F78886-E2C4-4525-B7D0-09176106B7E4}
[2011/12/29 20:21:06 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU
[2011/12/29 20:20:56 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\AVS4YOU
[2011/12/29 20:17:53 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
[2011/12/29 20:17:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
[2011/12/29 20:16:04 | 011,137,024 | ---- | C] (Intel Corporation) -- C:\Windows\System32\libmfxsw32.dll
[2011/12/29 20:15:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVSMedia
[2011/12/29 20:15:13 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\GdiPlus.dll
[2011/12/29 20:15:13 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3a.dll
[2011/12/29 20:15:13 | 000,000,000 | ---D | C] -- C:\Program Files\AVS4YOU
[2011/12/29 12:54:32 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{DB68AF7C-BE38-4A9A-B90F-B122285170AF}
[2011/12/29 12:54:16 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{F602FCE5-79A2-407E-AE08-9D024949C640}
[2011/12/29 01:00:58 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\anshelp
[2011/12/29 00:53:44 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{E6C2EEAA-E079-4240-8830-AEFBE8174BA3}
[2011/12/29 00:53:30 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{AFFDBEBB-5D2B-4FA3-B81B-FF2934106957}
[2011/12/28 23:04:39 | 000,000,000 | ---D | C] -- C:\ProgramData\ANSYSInstall
[2011/12/28 23:03:30 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Ansys
[2011/12/28 23:03:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS 12.1
[2011/12/28 22:29:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrovision
[2011/12/28 22:23:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANSYS, Inc. License Manager
[2011/12/28 22:23:22 | 000,000,000 | ---D | C] -- C:\Program Files\ANSYS Inc
[2011/12/28 22:22:24 | 000,000,000 | ---D | C] -- C:\ANSYS Inc
[2011/12/28 12:53:13 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{A8B067C8-BE24-4F99-BE9C-B6B3E1E97538}
[2011/12/28 12:52:55 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{A529AC08-C690-4057-BA37-33C1BFBAAB0D}
[2011/12/28 00:52:25 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{A3EB0B3F-099B-4F76-B410-1D2127E3339D}
[2011/12/28 00:51:00 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{5E96A52F-F63F-4F7A-8D16-325A799916B6}
[2011/12/27 08:27:04 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{42588F23-5A7C-4424-84B8-4A48D5F5D7E5}
[2011/12/27 08:26:49 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{EB0426A8-866E-4F05-B3C1-3F9B8703CEB1}
[2011/12/26 13:56:37 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{89028489-E87C-47E9-AF9C-92AF81C5731E}
[2011/12/26 13:56:23 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{766DA921-7962-4003-B812-9B260C9FB20D}
[2011/12/26 01:55:55 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{159AD3CC-9393-4740-802C-473AD0DB87A3}
[2011/12/26 01:55:42 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{A397AC52-403A-40D1-9473-A9C19829D5A4}
[2011/12/25 13:55:14 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{077E699F-F636-412F-AFA4-81272ED2AF20}
[2011/12/25 13:55:01 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{EDD91ED8-1F0A-4618-A968-6C0AECD7C916}
[2011/12/25 01:54:31 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{5DDEBA33-D82B-4813-A498-826CEB4ED15A}
[2011/12/25 01:54:13 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{678EBE5E-F8E6-44CF-B62E-E1FD09F0EE8C}
[2011/12/24 11:27:13 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{4EC8D359-2EEE-4094-B004-A0D8F6773DF8}
[2011/12/24 11:27:00 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{7DA65B13-22D4-4516-9683-E71C321DFAEA}
[2011/12/24 01:48:27 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
[2011/12/24 01:48:25 | 000,000,000 | ---D | C] -- C:\Program Files\VirtualDJ
[2011/12/24 01:48:23 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\VirtualDJ
[2011/12/23 23:26:23 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{93A94263-1730-4149-872A-E628D40CC125}
[2011/12/23 23:26:07 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{412DC794-ADAC-44DA-AFE0-59E10904B72E}
[2011/12/23 08:40:25 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{16DFA543-A8BC-49FB-B56E-A1D81F9AA0A3}
[2011/12/23 08:40:12 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{858B1400-30D0-49D1-B9BA-DEE7E9DC5D04}
[2011/12/22 20:37:31 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{FD4E8E2F-6C7D-4475-BFED-427BB376CF29}
[2011/12/22 20:37:18 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{10E24754-64B2-474E-BDC8-10BE070A2CCB}
[2011/12/22 08:36:49 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{266337B3-A7DF-45B1-BC17-98080F170A23}
[2011/12/22 08:36:35 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{D2AB6647-6B7F-4081-87C3-05202AB96A59}
[2011/12/21 20:36:05 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{E8B5F8EE-08C5-40CD-9677-658C37DC6FAB}
[2011/12/21 20:35:47 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{8957A9EB-B1A3-4198-B3C4-61EFF8291B26}
[2011/12/21 13:46:24 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\My EndNote Library.Data
[2011/12/21 10:42:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Risxtd
[2011/12/21 10:42:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ResearchSoft
[2011/12/21 10:42:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EndNote
[2011/12/21 10:42:05 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\EndNote
[2011/12/21 10:41:19 | 000,000,000 | ---D | C] -- C:\Program Files\EndNote X5
[2011/12/21 10:36:20 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\EndNote
[2011/12/21 10:13:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Thomson.ResearchSoft.Installers
[2011/12/21 08:35:09 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{B048C6F4-5A13-449B-9293-7F1B88BA6A2B}
[2011/12/21 08:34:51 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{E9CD8023-30EE-4D56-97CF-13AA2E4B1A00}
[2011/12/20 18:43:45 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{67E62248-9F9A-4C51-9141-CADAD2BCCF7C}
[2011/12/20 18:43:32 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{42C99853-8D6E-4DE9-B51A-00B337259CF4}
[2011/12/20 00:40:48 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{4B685733-1011-4EEA-9B8E-3E071F0F00F1}
[2011/12/20 00:40:35 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{99D4C316-5135-41DA-9739-00C30BC811C2}
[2011/12/19 12:40:18 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{19F5E4E4-98A5-47D1-BA9A-76EF5685715B}
[2011/12/19 12:40:05 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{3F838259-1864-42EF-9E80-E8A38B30732F}
[2011/12/19 00:39:34 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{D1C564E3-4656-488D-A959-B32771F614BD}
[2011/12/19 00:39:17 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{9F05C88F-57A4-4CB9-97C0-BB182E3B98BD}
[2011/12/18 12:39:00 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{19678C42-B2FC-4319-AD14-9304BB4A2243}
[2011/12/18 12:38:47 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{3B234D1C-E599-454B-952A-1B73AB35E86E}
[2011/12/18 00:38:17 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{FEF12182-277D-4B3C-88A6-58EB42441A17}
[2011/12/18 00:38:02 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{87BD89C9-4EAC-406C-BCA6-EBDD6E27F158}
[2011/12/17 12:37:45 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{27BC5CB5-1297-4DD5-ADF9-2532372AD56E}
[2011/12/17 12:37:30 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{E3855965-8D6E-4232-8539-4C2EAC939F35}
[2011/12/17 00:36:59 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{909BF084-5114-4917-85ED-1BEB57024864}
[2011/12/17 00:36:45 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{87637081-B90A-4366-8BE1-23C0BB9878F8}
[2011/12/16 12:36:28 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{08F2344E-6002-4171-92E5-0F169D95AF3B}
[2011/12/16 12:36:15 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{A4FBF35E-3577-41B9-B633-2B7B0A0F571A}
[2011/12/16 00:35:46 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{8692E21A-C214-41A2-AB62-08D87A2F28ED}
[2011/12/16 00:35:31 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{417F3E7C-CB9A-4EFF-9608-CD69BD6F20D4}
[2011/12/15 12:35:15 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{AC6C4359-8B84-4BF0-A399-F62E4414B6D2}
[2011/12/15 12:34:59 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{FED91FDC-3759-4179-AC52-45197E64AE00}
[2011/12/15 00:34:30 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{2D358CBF-7D6A-4FD6-8062-82BC19E30175}
[2011/12/15 00:34:16 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{A37BDD45-E547-4754-B2FD-F6E66469A94D}
[2011/12/14 12:33:59 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{B1AC74C3-BDF6-44A7-97F4-153A6A475B63}
[2011/12/14 12:33:45 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{8C86ABBA-09FB-40DB-8263-EB5D077DFF5E}
[2011/12/14 00:33:16 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{23E4C2E3-429F-427C-9E41-385B85B311E3}
[2011/12/14 00:33:00 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{CD38CDE8-B060-4F54-88FC-03C1CAAB42C1}
[2011/03/17 09:09:51 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxcrserv.dll
[2011/03/17 09:09:51 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\lxcrusb1.dll
[2011/03/17 09:09:51 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxcrcomc.dll
[2011/03/17 09:09:51 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxcrpmui.dll
[2011/03/17 09:09:51 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxcrlmpm.dll
[2011/03/17 09:09:51 | 000,537,520 | ---- | C] ( ) -- C:\Windows\System32\lxcrcoms.exe
[2011/03/17 09:09:51 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxcrcomm.dll
[2011/03/17 09:09:51 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxcrinpa.dll
[2011/03/17 09:09:51 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxcriesc.dll
[2011/03/17 09:09:51 | 000,385,968 | ---- | C] ( ) -- C:\Windows\System32\lxcrih.exe
[2011/03/17 09:09:51 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXCRhcp.dll
[2011/03/17 09:09:51 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxcrprox.dll
[2011/03/17 09:09:51 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxcrpplc.dll
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/01/12 21:57:23 | 006,329,208 | ---- | M] () -- C:\Users\User\Desktop\Wonder Girls - The DJ Is Mine (320kbps) [www.k2nblog.com].rar.crdownload
[2012/01/12 21:54:16 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/12 21:54:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/12 21:53:53 | 2388,287,488 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/12 21:49:48 | 000,000,025 | ---- | M] () -- C:\Users\User\AppData\Roaming\CoreAVC.ini
[2012/01/12 21:49:28 | 000,137,728 | ---- | M] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/01/12 21:37:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/12 21:34:17 | 000,001,078 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/12 21:32:43 | 000,721,876 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/12 21:32:43 | 000,145,776 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/01/12 21:32:24 | 010,847,608 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\User\Desktop\mbam-setup-1.60.0.1800.exe
[2012/01/12 21:07:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2536658832-274290432-161746704-1000UA.job
[2012/01/12 20:53:22 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\TFC.exe
[2012/01/12 20:17:44 | 000,006,768 | ---- | M] () -- C:\bootsqm.dat
[2012/01/12 19:39:05 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2536658832-274290432-161746704-1000UA.job
[2012/01/11 10:39:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2536658832-274290432-161746704-1000Core.job
[2012/01/10 23:00:36 | 005,134,295 | ---- | M] () -- C:\Users\User\Desktop\Kim Dong Ryul- Like a Child (Ft Alex).mp3
[2012/01/10 21:39:38 | 001,408,423 | ---- | M] () -- C:\Users\User\Desktop\scan0002.pdf
[2012/01/10 16:49:20 | 000,002,969 | ---- | M] () -- C:\Users\User\Desktop\HiJackThis.lnk
[2012/01/08 23:05:57 | 002,007,556 | ---- | M] () -- C:\Users\User\Desktop\Keihin_Carb_ Manual.pdf
[2012/01/08 23:01:21 | 001,257,462 | ---- | M] () -- C:\Users\User\Desktop\vmmanual.pdf
[2012/01/08 14:31:51 | 000,870,578 | ---- | M] () -- C:\Users\User\Desktop\p81a.pdf
[2012/01/08 14:31:22 | 000,960,962 | ---- | M] () -- C:\Users\User\Desktop\p61a.pdf
[2012/01/08 14:29:59 | 000,627,811 | ---- | M] () -- C:\Users\User\Desktop\p39a.pdf
[2012/01/08 09:30:36 | 000,038,520 | ---- | M] () -- C:\Users\User\Desktop\Presentation EME3056.zip
[2012/01/08 02:41:15 | 000,005,872 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/08 02:41:15 | 000,005,872 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/07 10:08:33 | 000,002,403 | ---- | M] () -- C:\Users\User\Desktop\Google Chrome.lnk
[2012/01/04 19:12:43 | 001,327,922 | ---- | M] () -- C:\Users\User\Desktop\cmme tut with ht note.zip
[2011/12/30 07:07:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2536658832-274290432-161746704-1000Core.job
[2011/12/30 02:06:14 | 000,544,464 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/12/29 20:17:12 | 000,001,170 | ---- | M] () -- C:\Users\User\Desktop\AVS Video Editor.lnk
[2011/12/28 22:32:55 | 000,000,285 | ---- | M] () -- C:\Users\User\Documents\LICSERVER.INFO
[2011/12/24 01:48:33 | 000,001,015 | ---- | M] () -- C:\Users\User\Deskt

Tech Clinic / Computer Hang All of a suddent

« on: January 11, 2012, 10:04:49 PM »

OTL Extras logfile created on: 12/1/2012 10:58:17 AM - Run 3
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\User\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00004409 | Country: Malaysia | Language: ENM | Date Format: d/M/yyyy

2.97 Gb Total Physical Memory | 1.63 Gb Available Physical Memory | 54.79% Memory free
5.93 Gb Paging File | 4.53 Gb Available in Paging File | 76.45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286.99 Gb Total Space | 115.80 Gb Free Space | 40.35% Space Free | Partition Type: NTFS

Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- "C:\Program Files\SogouExplorer\SogouExplorer.exe" "%1"

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\SogouExplorer\SogouExplorer.exe" "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Playback] -- "C:\Program Files\TTPlayer\TTPlayer.exe" "%1" (Alen Soft)
Directory [PlayList] -- "C:\Program Files\TTPlayer\TTPlayer.exe" /a "%1" (Alen Soft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\uusee\UUSeePlayer.exe" = C:\Program Files\uusee\UUSeePlayer.exe:*:Enabled:UUPlayer

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{08233ADA-AA4C-A977-58FD-DB6C684BE010}" = Catalyst Control Center Localization Norwegian
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B4C7D42-323A-F3FD-5B18-0222082E6FDD}" = Catalyst Control Center Localization Dutch
"{0D348034-9CBE-19FC-19B0-B2CDC78E50F1}" = ccc-core-static
"{0D5D0BEE-FBA9-4928-A50D-6CDFAB827755}" = TOSHIBA ConfigFree
"{10B35323-BE1A-61FB-C4D1-E88F24147617}" = Catalyst Control Center Localization Thai
"{11FC2772-F7FD-21FD-614F-CE58BF52C398}" = Catalyst Control Center Localization Chinese Standard
"{12911298-DDB4-AD44-E530-AEB8127503C9}" = CCC Help Italian
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{156E98D0-1AEC-4013-A41A-94A1A01BFD68}" = O2Micro Flash Memory Card Reader Driver (x86)
"{1714616C-61CE-44D5-AF0B-53404D7FA83A}" = Catalyst Control Center Localization Korean
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18625A47-84A9-6F6C-3780-79221B6095C3}" = CCC Help Norwegian
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1C3F57C7-8474-DF38-8F9F-0EBFB554FD56}" = Catalyst Control Center Localization Hungarian
"{1D7CE340-70C3-4848-BCCF-215950328A4C}" = Facebook Video Calling 1.0.0.8953
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{264324EA-35F7-AD77-CC96-F9F47A9A6284}" = Catalyst Control Center Localization Czech
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 29
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2A6F930B-12DA-AD4F-C4A4-E008F73A8016}" = CCC Help English
"{2AEC1EC0-0C01-8831-B04F-41FB4A92B677}" = Catalyst Control Center Localization Spanish
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{31326B80-1D01-4DBA-1DCA-A0731182A2E6}" = CCC Help Korean
"{31DD9FF4-23CD-7898-0305-70D806E2F7DB}" = CCC Help Japanese
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33AC44A1-81C2-0A61-0EC0-59EFC503A1EA}" = Catalyst Control Center Localization Danish
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{374E3A6E-A243-461D-BC0F-8B183A9950C5}" = FET@51
"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DFE65B6-3AC9-C44A-1160-A449E0DFFE94}" = CCC Help Greek
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{405AE172-0CE0-E2A1-1693-1B120B71AF32}" = Catalyst Control Center Localization Japanese
"{41773726-92D0-4265-A0F8-DD980CA1AEC4}" = Toshiba Upgrade Assistant for Microsoft Windows 7
"{41785C66-90F2-40CE-8CB5-1C94BFC97280}" = Microsoft Chart Controls for Microsoft .NET Framework 3.5
"{41EEF558-3585-4020-8DF2-B182A0CE2D69}" = Autodesk Vault 2011 (Client)
"{41EEF558-3585-4028-8DF2-B182A0CE2D69}" = Autodesk Vault 2011 (Client) English Language Pack
"{43FFE159-3199-4188-A1CD-629166AD1033}" = Nero 7 Ultra Edition
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{491DD193-1B57-4D1C-8B14-18B96992A89F}" = TOSHIBA Supervisor Password
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DC3B285-BE6C-E873-42A1-AE221B3BE4F2}" = CCC Help Hungarian
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{52573F8D-F099-4CB5-9EDE-5C27ECB4A02B}" = TOSHIBA Hardware Setup
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{54CAB637-25EA-33FE-2FF4-6F6182BCCF12}" = CCC Help Chinese Standard
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{567AE922-FB8D-943D-921E-B390A2FBD625}" = CCC Help Russian
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5783F2D7-9005-0409-0002-0060B0CE6BBA}" = AutoCAD Mechanical 2011
"{5783F2D7-9005-0409-1002-0060B0CE6BBA}" = AutoCAD Mechanical 2011 Language Pack - English
"{5783F2D7-9028-0409-0000-0060B0CE6BBA}" = DWG TrueView 2011
"{5788504C-08BC-E414-C019-60D8E2A2A1EB}" = CCC Help Portuguese
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5CF6EEE9-86B1-3DB6-A07C-8F6C079C39BA}" = Google Talk Plugin
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5E1375CB-6792-4464-8715-CC3EC83D48FA}" = VirtualDJ Home FREE
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6864ABC3-A982-436B-BEF1-5652D6303361}" = ESET NOD32 Antivirus
"{69E5255D-9D43-4CFF-8984-843ABD7753B7}" = Catalyst Control Center - Branding
"{6BCE01B8-333E-667E-0FC9-5070EA9B8108}" = Catalyst Control Center Localization Swedish
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6DEF11C0-35FF-4160-A543-FDD336C4DAE5}" = Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
"{6EA4F33E-8F12-AB92-D497-2D454E3C4BB7}" = CCC Help Polish
"{6FB6D968-6E8D-3FCB-1F2D-7ED24FC1BA07}" = CCC Help Swedish
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71F89FF7-C913-4A99-B4D9-C05BAA20790B}" = Autodesk Inventor Content Center Libraries 2011 (Desktop Content)
"{7206AFB8-99ED-B788-3DE8-0AE3DBD97B24}" = Catalyst Control Center Localization French
"{732662AE-82C0-9184-CE57-4257695EE1CE}" = CCC Help German
"{754F90E7-DE41-0ADE-2E3F-2C269ED9C2EE}" = CCC Help Finnish
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7B12F319-43E1-D2DD-ABFE-50E34F76A740}" = Catalyst Control Center Graphics Full New
"{7CD8E2EF-AD40-7BD3-13E5-2B2847E568DD}" = ATI Catalyst Install Manager
"{7E340EDB-9BF0-5CF2-C12D-7C31992070E3}" = CCC Help Turkish
"{7F4DD591-1532-0409-0000-7107D70F3DB4}" = Autodesk Inventor Professional 2011
"{7F4DD591-1532-0409-0001-7107D70F3DB4}" = Autodesk Inventor Professional 2011 English Language Pack
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86B3F2D6-AC2B-0015-8AE1-F2F77F781B0C}" = EndNote X5
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D20B4D7-3422-4099-9332-39F27E617A6F}" = Autodesk Design Review 2011
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AF16DB8-2845-88FE-BDC2-EEF067F9B1EC}" = Catalyst Control Center Graphics Full Existing
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}" = Autodesk Material Library 2011
"{9E166691-B3ED-0F76-1FE9-AB3DBAAD75DD}" = CCC Help French
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A2075A09-28AA-4D30-9BCC-82EAD9FA51BD}" = TrueSuite Access Manager
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{AED994C5-E6CE-0377-09ED-C4000E4189BF}" = Catalyst Control Center Core Implementation
"{AF899B9E-5842-8839-3EDB-AF9EADF52F45}" = ccc-utility
"{B245D989-F88A-C2C3-1958-A91254DEC387}" = Catalyst Control Center Graphics Light
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2
"{B3D15F34-F377-26A0-4CCF-2CB47E5810CD}" = CCC Help Dutch
"{B5359AD5-4950-174E-4070-CDB1881B161F}" = CCC Help Czech
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Disc Creator
"{C07CA803-141E-A7C3-13E0-AB99FC5DC7B4}" = Catalyst Control Center Localization Polish
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"{C7838AAD-8B29-86D3-6E04-417C7B7EE628}" = Catalyst Control Center Localization Greek
"{C8585E46-A5C9-8E20-77CA-378D5C291B09}" = Catalyst Control Center Localization Finnish
"{C92C2F87-1E84-A9E5-81F3-3B93DC991A4E}" = Catalyst Control Center Localization Chinese Traditional
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{CB01DA5C-48B7-D9A6-22DE-D678D6007C56}" = Catalyst Control Center Localization German
"{CD1E078C-A6B9-47DA-B035-6365C85C7832}" = Autodesk Material Library 2011 Base Image library
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D05EB4EF-29BE-8031-9AF5-2DC9485D5870}" = Catalyst Control Center Localization Russian
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.4 Game
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D7F069BF-7A9F-6A09-D5AE-E77F8B2E892F}" = CCC Help Danish
"{DDC519DE-AC45-634C-C009-6FCE1EF313F3}" = Catalyst Control Center Localization Portuguese
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E071691D-20E6-4C2B-9A04-FE41C0FDC367}" = Adobe Photoshop Lightroom 3.5
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{ED3C1C9D-0496-6884-8B32-8A2B73219C20}" = Catalyst Control Center Localization Italian
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{F0A85260-5B90-4C0E-07FF-72A89AA18F77}" = Skins
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{F24E1A94-76DD-85BD-5B6C-6701CC4E8A0F}" = CCC Help Chinese Traditional
"{F4614173-1F8B-A19A-C2CC-57834FBCCE6C}" = CCC Help Spanish
"{F89CF986-3AA7-8B20-390A-D5C09F27F85D}" = Catalyst Control Center Localization Turkish
"{F8F37F88-4CB6-9162-AE65-7BBA7E476547}" = Catalyst Control Center Graphics Previews Vista
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"{FFF7CB0F-FA65-7115-2CEC-16C21037C88E}" = CCC Help Thai
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Akamai" = Akamai NetSession Interface Service
"AutoCAD Mechanical 2011" = AutoCAD Mechanical 2011
"Autodesk Design Review 2011" = Autodesk Design Review 2011
"Autodesk Inventor Professional 2011" = Autodesk Inventor Professional 2011 English
"Autodesk Vault 2011 (Client)" = Autodesk Vault 2011 (Client)
"AVS Screen Capture_is1" = AVS Screen Capture version 2.0.1
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS Video Editor_is1" = AVS Video Editor 6
"AVS Video Recorder_is1" = AVS Video Recorder 2.4
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"B991B020-2968-11D8-AF23-444553540000_is1" = FreeMind
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
"CCleaner" = CCleaner
"CncSimulator_5.3b" = CncSimulator 4.52f
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5051&SUBSYS_1179" = HDAUDIO Soft Data Fax Modem with SmartCP
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2011-07-30
"DivX Setup" = DivX Setup
"DWG TrueView 2011" = DWG TrueView 2011
"facemoods" = facemoods
"FinePrint" = FinePrint
"flip.exe" = Flip 3.4.2
"Google Desktop" = Google Desktop
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{491DD193-1B57-4D1C-8B14-18B96992A89F}" = TOSHIBA Supervisor Password
"InstallShield_{52573F8D-F099-4CB5-9EDE-5C27ECB4A02B}" = TOSHIBA Hardware Setup
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"JDownloader" = JDownloader
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.4.0
"Lexmark 2400 Series" = Lexmark 2400 Series
"MatlabR2010a" = MATLAB R2010a
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"OpenAL" = OpenAL
"Picasa 3" = Picasa 3
"PPLive" = PPTV V2.7.3.0009
"PROHYBRIDR" = 2007 Microsoft Office system
"ResearchSoft Direct Export Helper" = ResearchSoft Direct Export Helper
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"thunder_is1" = Ñ¸À×7
"TTPlayer" = 千千静听 5.7正式版
"WildTangent toshiba Master Uninstall" = WildTangent Games
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"迅雷看看播放器" = 迅雷看看播放器
"迅雷看看高清播放组件" = 迅雷看看高清播放组件

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"Notepad App" = Notepad App

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

OTL logfile created on: 12/1/2012 10:58:17 AM - Run 3
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\User\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00004409 | Country: Malaysia | Language: ENM | Date Format: d/M/yyyy

2.97 Gb Total Physical Memory | 1.63 Gb Available Physical Memory | 54.79% Memory free
5.93 Gb Paging File | 4.53 Gb Available in Paging File | 76.45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286.99 Gb Total Space | 115.80 Gb Free Space | 40.35% Space Free | Partition Type: NTFS

Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/29 18:34:16 | 000,194,160 | ---- | M] (深圳市迅雷网络技术有限公司) -- C:\Program Files\Thunder Network\Xmp\Program\XMP.exe
PRC - [2011/08/18 08:22:38 | 024,182,160 | ---- | M] (Dropbox, Inc.) -- C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2011/07/15 12:52:53 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
PRC - [2011/06/09 11:14:38 | 000,439,744 | ---- | M] (PPLive Corporation) -- C:\Program Files\Common Files\PPLiveNetwork\PPAP.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010/12/20 14:42:04 | 000,217,088 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2010/01/22 18:42:06 | 000,462,336 | ---- | M] () -- C:\Program Files\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe
PRC - [2009/11/16 09:04:30 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009/11/16 09:03:32 | 002,054,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2009/10/03 02:28:09 | 002,969,600 | ---- | M] (ANSYS, Inc.) -- C:\Program Files\ANSYS Inc\Shared Files\Licensing\win32\ansysli_server.exe
PRC - [2009/10/03 02:28:08 | 001,290,240 | ---- | M] () -- C:\Program Files\ANSYS Inc\Shared Files\Licensing\win32\ansysli_monitor.exe
PRC - [2009/07/14 09:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/14 09:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/07/14 09:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2009/05/21 05:29:24 | 001,703,936 | ---- | M] (ANSYS, Inc.) -- C:\Program Files\ANSYS Inc\Shared Files\Licensing\win32\ansyslmd.exe
PRC - [2009/05/21 05:29:24 | 001,462,024 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\ANSYS Inc\Shared Files\Licensing\win32\lmgrd.exe
PRC - [2009/05/01 13:52:24 | 000,082,600 | ---- | M] (Lexmark International Inc.) -- C:\Program Files\Lexmark 2400 Series\ezprint.exe
PRC - [2009/05/01 13:52:22 | 000,291,496 | ---- | M] () -- C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
PRC - [2009/02/20 09:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2008/09/03 13:47:00 | 000,712,704 | ---- | M] (AuthenTec, Inc) -- C:\Program Files\TrueSuite Access Manager\FpNotifier.exe
PRC - [2008/09/02 07:06:00 | 000,049,152 | ---- | M] (AuthenTec Inc.) -- C:\Windows\System32\TAMSvr.exe
PRC - [2008/08/26 01:58:20 | 000,077,824 | ---- | M] (Toshiba) -- C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe
PRC - [2008/07/25 15:41:56 | 000,094,208 | ---- | M] () -- C:\Program Files\TrueSuite Access Manager\usbnotify.exe
PRC - [2008/07/18 20:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2008/04/25 04:03:12 | 000,430,080 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
PRC - [2008/04/17 15:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2008/03/20 05:35:44 | 000,716,800 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
PRC - [2008/02/07 05:52:52 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
PRC - [2008/02/07 05:52:40 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
PRC - [2007/12/04 09:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
PRC - [2007/11/22 08:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2007/09/29 08:03:46 | 000,075,136 | ---- | M] ( TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
PRC - [2007/06/16 13:01:58 | 000,448,080 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
PRC - [2007/03/12 13:49:46 | 001,209,904 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007/03/12 13:49:26 | 000,153,136 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2007/02/12 16:43:44 | 000,065,536 | ---- | M] (O2Micro International) -- c:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
PRC - [2006/12/11 12:12:06 | 000,537,520 | ---- | M] ( ) -- C:\Windows\System32\lxcrcoms.exe
PRC - [2006/08/24 08:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

========== Modules (SafeList) ==========

MOD - [2011/07/15 12:52:53 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
MOD - [2009/07/14 09:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (WPFFontCache_v0400)
SRV - [2011/12/15 10:03:35 | 003,316,000 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_b427739.dll -- (Akamai)
SRV - [2011/10/14 15:32:40 | 000,087,728 | ---- | M] (ShenZhen Xunlei Networking Technologies,LTD) [Auto | Running] -- C:\Program Files\Common Files\Thunder Network\ServicePlatform\XLSP.dll -- (XLServicePlatform)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/03/22 22:34:49 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/12/20 14:42:04 | 000,217,088 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010/01/22 18:42:06 | 000,462,336 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe -- (mitsijm2011)
SRV - [2009/11/16 09:12:54 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009/11/16 09:04:30 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2009/10/03 02:28:09 | 002,969,600 | ---- | M] (ANSYS, Inc.) [Auto | Running] -- C:\Program Files\ANSYS Inc\Shared Files\Licensing\win32\ansysli_server.exe -- (ANSYS, Inc. License Manager)
SRV - [2009/07/14 09:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 09:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 09:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/02/20 09:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2008/09/02 07:06:00 | 000,049,152 | ---- | M] (AuthenTec Inc.) [Auto | Running] -- C:\Windows\System32\TAMSvr.exe -- (Authentec memory manager)
SRV - [2008/08/26 01:58:20 | 000,077,824 | ---- | M] (Toshiba) [On_Demand | Running] -- C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe -- (SmartFaceVWatchSrv)
SRV - [2008/07/18 20:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2008/05/29 07:20:16 | 000,164,600 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/04/17 15:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2008/04/12 03:57:14 | 000,124,264 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2008/02/07 05:52:40 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2007/12/04 09:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV - [2007/11/22 08:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2007/02/12 16:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- c:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe -- (o2flash)
SRV - [2006/12/11 12:12:06 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxcrcoms.exe -- (lxcr_device)
SRV - [2006/08/24 08:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)

========== Driver Services (SafeList) ==========

DRV - [2011/06/02 13:47:22 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011/06/02 13:47:22 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2011/06/02 13:47:22 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM)
DRV - [2011/06/02 13:47:22 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2010/12/21 13:55:02 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2010/12/20 14:42:04 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/11/24 08:55:50 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2010/11/24 08:55:50 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2010/11/24 08:55:50 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2010/02/16 23:02:02 | 000,021,504 | ---- | M] (http://www.atmel.com) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\libusb0.sys -- (libusb0)
DRV - [2009/11/16 09:06:52 | 000,095,896 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2009/11/16 09:03:36 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009/11/16 08:56:12 | 000,116,520 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamon.sys -- (eamon)
DRV - [2009/07/14 09:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/14 09:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009/07/14 09:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/14 07:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/14 07:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/07/14 06:09:17 | 004,194,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/07/14 06:02:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/07/14 06:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel(R)
DRV - [2008/08/14 09:52:00 | 000,146,944 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor)
DRV - [2008/07/25 15:41:36 | 000,042,608 | ---- | M] (Alfa Corporation) [File_System | Boot | Running] -- C:\Windows\system32\Drivers\AlfaFF.sys -- (AlfaFF)
DRV - [2008/07/16 11:59:06 | 000,017,960 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2008/05/06 16:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008/04/15 10:13:14 | 000,051,160 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2media.sys -- (O2MDRDR)
DRV - [2008/03/04 10:32:00 | 000,188,416 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2007/12/15 02:53:24 | 000,024,200 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2007/11/10 06:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2007/10/17 07:36:00 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/10/24 08:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSHS&bmod=TSHS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=TSHS&bmod=TSHS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddr&s={searchTerms}&f=4

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.facemoods.com/?a=ddr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@xunlei.com/DapCtrl: C:\Program Files\Common Files\Thunder Network\KanKan\npDapCtrl.3.1.0.1.(489).dll (ShenZhen Thunder Networking Technologies Ltd.)
FF - HKLM\Software\MozillaPlugins\@xunlei.com/DapCtrlPlugin: C:\Program Files\Common Files\Thunder Network\KanKan\npDapCtrlFirefox.2.0.5901.12.(500).dll (ShenZhen Thunder Networking Technologies Ltd.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\User\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\User\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\User\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\User\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/10/12 20:13:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011/03/14 15:47:54 | 000,000,000 | ---D | M]

[2010/09/10 14:19:24 | 000,305,152 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npuuseep.dll
[2010/12/13 20:36:54 | 000,002,035 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrchddr.xml

O1 HOSTS File: ([2006/09/19 05:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Ñ¸À×FLVÊÓÆµÐáÌ½¼°ÏÂÔØÖ§³Ö) - {0EA37B17-6B8B-4085-8257-F3A4AA69C27A} - C:\Program Files\Thunder Network\Thunder\BHO\XlBrowserAddin1.0.5.64.dll (ShenZhen Xunlei Networking Technologies,LTD)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - File not found
O2 - BHO: (Ñ¸À×ÏÂÔØÖ§³Ö) - {889D2FEB-5411-4565-8998-1DD2C5261283} - C:\Program Files\Thunder Network\Thunder\BHO\XunleiBHO7.2.3.3254.dll (深圳市迅雷网络技术有限公司)
O2 - BHO: (A57CDFD3-A6CA-35CC-F001-C57C13EA7093 Class) - {A57CDFD3-A6CA-35CC-F001-C57C13EA7093} - File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - No CLSID value found.
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 2400 Series\ezprint.exe (Lexmark International Inc.)
O4 - HKLM..\Run: [FingerPrintNotifer] C:\Program Files\TrueSuite Access Manager\FpNotifier.exe (AuthenTec, Inc)
O4 - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
O4 - HKLM..\Run: [LXCRCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\LXCRtime.DLL (Lexmark International Inc.)
O4 - HKLM..\Run: [lxcrmon.exe] C:\Program Files\Lexmark 2400 Series\lxcrmon.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [UsbMonitor] C:\Program Files\TrueSuite Access Manager\usbnotify.exe ()
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [Facebook Update] C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [PPAP] C:\Program Files\Common Files\PPLiveNetwork\PPAP.EXE (PPLive Corporation)
O4 - HKCU..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - HKCU..\Run: [XMP] c:\program files\thunder network\xmp\program\XMP.exe (深圳市迅雷网络技术有限公司)
O4 - Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: OldEnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Ê¹ÓÃ&Ñ¸À×ÀëÏßÏÂÔØ - C:\Program Files\Thunder Network\Thunder\BHO\OfflineDownload.htm ()
O8 - Extra context menu item: &Ê¹ÓÃ&Ñ¸À×ÏÂÔØ - C:\Program Files\Thunder Network\Thunder\BHO\geturl.htm ()
O8 - Extra context menu item: &Ê¹ÓÃ&Ñ¸À×ÏÂÔØÈ«²¿Á´½Ó - C:\Program Files\Thunder Network\Thunder\BHO\getAllurl.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: 使用迅雷看看播放器播放 - C:\Users\Public\Thunder Network\XMP4\Core\program\XmpIEMenu.htm ()
O9 - Extra Button: ²é¿´ÍøÒ³È«²¿Í¼Æ¬ - {548BF84E-9665-47f9-B635-7380F8943E90} - C:\Program Files\Thunder Network\Thunder\Program\repairimage.htm ()
O9 - Extra 'Tools' menuitem : ²é¿´ÍøÒ³È«²¿Í¼Æ¬ - {548BF84E-9665-47f9-B635-7380F8943E90} - C:\Program Files\Thunder Network\Thunder\Program\repairimage.htm ()
O9 - Extra Button: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPTV\PPLive.exe (PPLive Corporation)
O9 - Extra 'Tools' menuitem : PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPTV\PPLive.exe (PPLive Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\Thunder Network\NetMon\net_monitor1.0.2.25.dll (Thunder Networking Technologies,LTD)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\Thunder Network\NetMon\net_monitor1.0.2.25.dll (Thunder Networking Technologies,LTD)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\Thunder Network\NetMon\net_monitor1.0.2.25.dll (Thunder Networking Technologies,LTD)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Common Files\Thunder Network\NetMon\net_monitor1.0.2.25.dll (Thunder Networking Technologies,LTD)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop Components:0 () -
O24 - Desktop WallPaper: C:\TOSHIBA\Wallpapers\wallpaper1.jpg
O24 - Desktop BackupWallPaper: C:\TOSHIBA\Wallpapers\wallpaper1.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/06/14 14:43:09 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2009/06/11 05:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{83906294-44bd-11e0-9d2c-001e651e719e}\Shell - "" = AutoRun
O33 - MountPoints2\{83906294-44bd-11e0-9d2c-001e651e719e}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/12 09:34:51 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{344D042B-5661-49E2-9015-88A7A3E3BA13}
[2012/01/12 09:34:38 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{0F6A9D4F-EBB8-4022-BAF2-E9E1DC4ECD12}
[2012/01/11 21:34:09 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{5880A93D-BF72-4910-A951-C92A875F1259}
[2012/01/11 21:33:53 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{6BD5C460-709A-40A7-A21D-1A5196D42E0F}
[2012/01/11 09:33:24 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{3FBF76E8-4770-417C-98EA-603D73CE05E0}
[2012/01/11 09:33:11 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{DEF81166-C5D6-4CED-A592-1FE749AE9B30}
[2012/01/10 21:32:42 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{1B9936C3-1112-4884-ADEE-381B02FAD770}
[2012/01/10 21:32:29 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{039B2D85-BB68-4E94-B64A-3C910C26C516}
[2012/01/10 09:32:00 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{F034060F-07FC-4475-93EC-AD49A1A61C88}
[2012/01/10 09:31:47 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{D0F307B7-3D8E-411E-A8EF-4CD9D6D17A62}
[2012/01/09 21:55:56 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\Time Table
[2012/01/09 21:31:18 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{04D10EF8-175B-481A-9736-10B0F7934D2F}
[2012/01/09 21:31:04 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{9C863E6B-4B59-47D1-BF3E-4ACA8E8EC8A9}
[2012/01/09 09:30:48 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{DC989E70-F6C1-4EE0-BA8B-2FAF4D637E44}
[2012/01/09 09:30:34 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{87AD55F4-3E03-43A8-9454-0A82C7808182}
[2012/01/08 21:30:04 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{014530B8-1CD4-4B3D-9F67-C07D834FB9D2}
[2012/01/08 09:29:34 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{C90D7D97-B6AF-4987-8D8B-93B98C56A116}
[2012/01/08 09:29:19 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{14C9865F-B17D-4D01-84C1-A7031B0D88D3}
[2012/01/07 21:28:50 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{79BC198B-B6C6-4E90-B47C-ABAFADF05ADA}
[2012/01/07 21:28:23 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{B44BFCAB-505D-42FE-8A01-72C371280987}
[2012/01/07 09:28:06 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{FA0AA5DF-A49C-4008-B8DF-02EC7443C6BB}
[2012/01/07 09:27:53 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{E67506AF-DA73-4602-BEA0-F8058FDC922E}
[2012/01/06 19:56:20 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{43AEBB6D-FABF-4441-B4FB-3463F1982489}
[2012/01/06 19:56:07 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{BE2258ED-9847-425E-8E66-668C0555D409}
[2012/01/06 07:55:34 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{A55CD12D-FA73-4C50-B9B2-CA26EBB9DC29}
[2012/01/06 07:55:10 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{24ECC6AE-755D-4DD6-98D9-5465253D92A5}
[2012/01/06 01:31:31 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{178D2777-3623-4F3B-9500-09B35FA32114}
[2012/01/05 12:16:00 | 000,000,000 | ---D | C] -- C:\Users\User\App

Tech Clinic / Computer Hang All of a suddent

« on: January 10, 2012, 04:02:48 AM »

Hi there.

Today my computer hang all of a sudden and i restart my computer again.
This whole process repeated for 3 times.

Can you help me and have a look on the logfile as follows?

Thax =)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:58:00 PM, on 10/1/2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\TrueSuite Access Manager\FpNotifier.exe
C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TrueSuite Access Manager\usbnotify.exe
C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
C:\Program Files\Lexmark 2400 Series\ezprint.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Thunder Network\Xmp\Program\XMP.exe
C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\PPLiveNetwork\PPAP.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Users\User\Desktop\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\system32\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.facemoods.com/?a=ddr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddr&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: XlBrowserAddinBho.XlBrowserAddinBhoObject - {0EA37B17-6B8B-4085-8257-F3A4AA69C27A} - C:\Program Files\Thunder Network\Thunder\BHO\XlBrowserAddin1.0.5.64.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll (file missing)
O2 - BHO: XunleiBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - C:\Program Files\Thunder Network\Thunder\BHO\XunleiBHO7.2.3.3254.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: A57CDFD3-A6CA-35CC-F001-C57C13EA7093 Class - {A57CDFD3-A6CA-35CC-F001-C57C13EA7093} - C:\Program Files\StormII\{A57CDFD3-A6CA-35CC-F001-C57C13EA7093}\AddressBar.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [FingerPrintNotifer] "C:\Program Files\TrueSuite Access Manager\FpNotifier.exe"
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [UsbMonitor] "C:\Program Files\TrueSuite Access Manager\usbnotify.exe"
O4 - HKLM\..\Run: [lxcrmon.exe] "C:\Program Files\Lexmark 2400 Series\lxcrmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2400 Series\ezprint.exe"
O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [PPAP] "C:\Program Files\Common Files\PPLiveNetwork\PPAP.EXE" -background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [XMP] "c:\program files\thunder network\xmp\program\XMP.exe" /embedding /sstartfrom Startup
O4 - Startup: Dropbox.lnk = User\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: &Ê¹ÓÃ&Ñ¸À×ÀëÏßÏÂÔØ - C:\Program Files\Thunder Network\Thunder\BHO\OfflineDownload.htm
O8 - Extra context menu item: &Ê¹ÓÃ&Ñ¸À×ÏÂÔØ - C:\Program Files\Thunder Network\Thunder\BHO\geturl.htm
O8 - Extra context menu item: &Ê¹ÓÃ&Ñ¸À×ÏÂÔØÈ«²¿Á´½Ó - C:\Program Files\Thunder Network\Thunder\BHO\GetAllUrl.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ²é¿´ÍøÒ³È«²¿Í¼Æ¬ - {548BF84E-9665-47f9-B635-7380F8943E90} - C:\Program Files\Thunder Network\Thunder\Program\repairimage.htm
O9 - Extra 'Tools' menuitem: ²é¿´ÍøÒ³È«²¿Í¼Æ¬ - {548BF84E-9665-47f9-B635-7380F8943E90} - C:\Program Files\Thunder Network\Thunder\Program\repairimage.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPTV\PPLive.exe
O9 - Extra 'Tools' menuitem: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPTV\PPLive.exe
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\thunder network\netmon\net_monitor1.0.2.25.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\thunder network\netmon\net_monitor1.0.2.25.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\thunder network\netmon\net_monitor1.0.2.25.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\thunder network\netmon\net_monitor1.0.2.25.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AA2A7C06-0B16-40F4-8A8D-A55C9FC2FE40}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: ANSYS, Inc. License Manager - ANSYS, Inc. - C:\Program Files\ANSYS Inc\Shared Files\Licensing\win32\ansysli_server.exe
O23 - Service: Authentec memory manager service (Authentec memory manager) - AuthenTec Inc. - C:\Windows\system32\TAMSvr.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: lxcr_device - - C:\Windows\system32\lxcrcoms.exe
O23 - Service: Autodesk Moldflow Inventor Tool Suite Integration 2011 Job Manager (mitsijm2011) - Unknown owner - C:\Program Files\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - c:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Windows Presentation Foundation Font Cache 4.0.0.0 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (file missing)
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
O24 - Desktop Component 0: (no name) - (no file)

--
End of file - 13156 bytes

Tech Clinic / msn messenger

« on: July 19, 2011, 12:14:07 AM »

I started to use back my msn and so far so good. No complaint from my friends.

OTL logfile created on: 19/7/2011 1:06:08 PM - Run 2
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\User\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00004409 | Country: Malaysia | Language: ENM | Date Format: d/M/yyyy

2.97 Gb Total Physical Memory | 1.38 Gb Available Physical Memory | 46.47% Memory free
5.93 Gb Paging File | 4.06 Gb Available in Paging File | 68.48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286.99 Gb Total Space | 49.04 Gb Free Space | 17.09% Space Free | Partition Type: NTFS

Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/07/15 16:56:08 | 000,517,496 | ---- | M] (UUSEE) -- C:\Program Files\Common Files\uusee\UUSeeMediaCenter.exe
PRC - [2011/07/15 12:52:53 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
PRC - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/06/24 15:54:46 | 000,020,880 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2011/06/24 15:54:36 | 003,373,968 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
PRC - [2011/06/09 11:14:38 | 000,439,744 | ---- | M] (PPLive Corporation) -- C:\Program Files\Common Files\PPLiveNetwork\PPAP.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010/12/21 18:52:26 | 000,038,704 | ---- | M] (ShenZhen Xunlei Networking Technologies,LTD) -- C:\Program Files\Thunder Network\Thunder\Program\DctSer.exe
PRC - [2010/12/21 18:51:40 | 000,946,480 | ---- | M] (深圳市迅雷网络技术有限公司) -- C:\Program Files\Thunder Network\Thunder\Program\Thunder.exe
PRC - [2010/12/21 18:51:20 | 000,157,488 | ---- | M] (ShenZhen Xunlei Networking Technologies,LTD) -- c:\Program Files\Common Files\Thunder Network\TP\Ver1\1.1.2.46_1111\ThunderPlatform.exe
PRC - [2010/12/20 14:42:04 | 000,217,088 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2010/01/22 18:42:06 | 000,462,336 | ---- | M] () -- C:\Program Files\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe
PRC - [2009/11/16 09:04:30 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009/11/16 09:03:32 | 002,054,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2009/07/14 09:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/14 09:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/05/01 13:52:24 | 000,082,600 | ---- | M] (Lexmark International Inc.) -- C:\Program Files\Lexmark 2400 Series\ezprint.exe
PRC - [2009/05/01 13:52:22 | 000,291,496 | ---- | M] () -- C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
PRC - [2009/02/20 09:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2008/09/03 13:47:00 | 000,712,704 | ---- | M] (AuthenTec, Inc) -- C:\Program Files\TrueSuite Access Manager\FpNotifier.exe
PRC - [2008/09/02 07:06:00 | 000,049,152 | ---- | M] (AuthenTec Inc.) -- C:\Windows\System32\TAMSvr.exe
PRC - [2008/08/26 01:58:20 | 000,077,824 | ---- | M] (Toshiba) -- C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe
PRC - [2008/07/25 15:41:56 | 000,094,208 | ---- | M] () -- C:\Program Files\TrueSuite Access Manager\usbnotify.exe
PRC - [2008/07/18 20:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2008/04/25 04:03:12 | 000,430,080 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
PRC - [2008/04/17 15:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2008/03/20 05:35:44 | 000,716,800 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
PRC - [2008/02/07 05:52:52 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
PRC - [2008/02/07 05:52:40 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
PRC - [2007/12/04 09:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
PRC - [2007/11/22 08:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2007/09/29 08:03:46 | 000,075,136 | ---- | M] ( TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
PRC - [2007/06/16 13:01:58 | 000,448,080 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
PRC - [2007/02/12 16:43:44 | 000,065,536 | ---- | M] (O2Micro International) -- c:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
PRC - [2006/12/11 12:12:06 | 000,537,520 | ---- | M] ( ) -- C:\Windows\System32\lxcrcoms.exe
PRC - [2006/08/24 08:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

========== Modules (SafeList) ==========

MOD - [2011/07/15 12:52:53 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
MOD - [2009/07/14 09:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (WPFFontCache_v0400)
SRV - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/06/30 09:27:39 | 003,435,096 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_e477fed.dll -- (Akamai)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/03/22 22:34:49 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/12/21 18:52:26 | 000,038,704 | ---- | M] (ShenZhen Xunlei Networking Technologies,LTD) [Auto | Running] -- C:\Program Files\Thunder Network\Thunder\Program\DctSer.exe -- (XLDoctor Services)
SRV - [2010/12/20 14:42:04 | 000,217,088 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010/01/22 18:42:06 | 000,462,336 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe -- (mitsijm2011)
SRV - [2009/11/16 09:12:54 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009/11/16 09:04:30 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2009/07/14 09:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 09:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 09:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/02/20 09:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2008/09/02 07:06:00 | 000,049,152 | ---- | M] (AuthenTec Inc.) [Auto | Running] -- C:\Windows\System32\TAMSvr.exe -- (Authentec memory manager)
SRV - [2008/08/26 01:58:20 | 000,077,824 | ---- | M] (Toshiba) [On_Demand | Running] -- C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe -- (SmartFaceVWatchSrv)
SRV - [2008/07/18 20:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2008/05/29 07:20:16 | 000,164,600 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/04/17 15:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2008/04/12 03:57:14 | 000,124,264 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2008/02/07 05:52:40 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2007/12/04 09:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV - [2007/11/22 08:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2007/02/12 16:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- c:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe -- (o2flash)
SRV - [2006/12/11 12:12:06 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxcrcoms.exe -- (lxcr_device)
SRV - [2006/08/24 08:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)

========== Driver Services (SafeList) ==========

DRV - [2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/06/02 13:47:22 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011/06/02 13:47:22 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2011/06/02 13:47:22 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM)
DRV - [2011/06/02 13:47:22 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2010/12/21 18:51:38 | 000,008,488 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Thunder Network\Thunder\XLDoctor\7.1.4.2104_1\Program\tcphoc.sys -- (tcphoc)
DRV - [2010/12/21 13:55:02 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2010/12/20 14:42:04 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/11/24 08:55:50 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2010/11/24 08:55:50 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2010/11/24 08:55:50 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2010/02/16 23:02:02 | 000,021,504 | ---- | M] (http://www.atmel.com) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\libusb0.sys -- (libusb0)
DRV - [2009/11/16 09:06:52 | 000,095,896 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2009/11/16 09:03:36 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009/11/16 08:56:12 | 000,116,520 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamon.sys -- (eamon)
DRV - [2009/07/14 09:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/14 09:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009/07/14 09:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/14 07:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/14 07:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/07/14 06:09:17 | 004,194,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/07/14 06:02:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/07/14 06:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel(R)
DRV - [2008/08/14 09:52:00 | 000,146,944 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor)
DRV - [2008/07/25 15:41:36 | 000,042,608 | ---- | M] (Alfa Corporation) [File_System | Boot | Running] -- C:\Windows\system32\Drivers\AlfaFF.sys -- (AlfaFF)
DRV - [2008/07/16 11:59:06 | 000,017,960 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2008/05/06 16:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008/04/15 10:13:14 | 000,051,160 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2media.sys -- (O2MDRDR)
DRV - [2008/03/04 10:32:00 | 000,188,416 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2007/12/15 02:53:24 | 000,024,200 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2007/11/10 06:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2007/10/17 07:36:00 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/10/24 08:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSHS&bmod=TSHS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=TSHS&bmod=TSHS

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@xunlei.com/DapCtrlPlugin: C:\Program Files\Common Files\Thunder Network\KanKan\npDapCtrlFirefox.2.0.5901.12.(500).dll (ShenZhen Thunder Networking Technologies Ltd.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\User\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\User\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011/03/14 15:47:54 | 000,000,000 | ---D | M]

[2010/09/10 14:19:24 | 000,305,152 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npuuseep.dll

O1 HOSTS File: ([2006/09/19 05:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Ñ¸À×ÏÂÔØÖ§³Ö) - {889D2FEB-5411-4565-8998-1DD2C5261283} - C:\Program Files\Thunder Network\Thunder\BHO\XunleiBHO7.1.4.2104.dll (深圳市迅雷网络技术有限公司)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 2400 Series\ezprint.exe (Lexmark International Inc.)
O4 - HKLM..\Run: [FingerPrintNotifer] C:\Program Files\TrueSuite Access Manager\FpNotifier.exe (AuthenTec, Inc)
O4 - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
O4 - HKLM..\Run: [LXCRCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\LXCRtime.DLL (Lexmark International Inc.)
O4 - HKLM..\Run: [lxcrmon.exe] C:\Program Files\Lexmark 2400 Series\lxcrmon.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [UsbMonitor] C:\Program Files\TrueSuite Access Manager\usbnotify.exe ()
O4 - HKLM..\Run: [UUSeeMediaCenter] C:\Program Files\Common Files\uusee\UUSeeMediaCenter.exe (UUSEE)
O4 - HKCU..\Run: [Facebook Update] C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Ê¹ÓÃÑ¸À×ÏÂÔØ - C:\Program Files\Thunder Network\Thunder\BHO\geturl.htm ()
O8 - Extra context menu item: Ê¹ÓÃÑ¸À×ÏÂÔØÈ«²¿Á´½Ó - C:\Program Files\Thunder Network\Thunder\BHO\getAllurl.htm ()
O8 - Extra context menu item: Ê¹ÓÃUUSee¼ÓËÙ²¥·Å - C:\Program Files\uusee\geturltoplay.htm ()
O8 - Extra context menu item: Ê¹ÓÃUUSeeÏÂÔØ - C:\Program Files\uusee\geturltodown.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll (Google Inc.)
O9 - Extra Button: ²é¿´ÍøÒ³È«²¿Í¼Æ¬ - {548BF84E-9665-47f9-B635-7380F8943E90} - C:\Program Files\Thunder Network\Thunder\Program\repairimage.htm ()
O9 - Extra 'Tools' menuitem : ²é¿´ÍøÒ³È«²¿Í¼Æ¬ - {548BF84E-9665-47f9-B635-7380F8943E90} - C:\Program Files\Thunder Network\Thunder\Program\repairimage.htm ()
O9 - Extra Button: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPTV\PPLive.exe (PPLive Corporation)
O9 - Extra 'Tools' menuitem : PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPTV\PPLive.exe (PPLive Corporation)
O9 - Extra Button: Ð¡ÓÎÏ· - {998A88A0-A355-809B-831C-B83A80000991} - File not found
O9 - Extra 'Tools' menuitem : Ð¡ÓÎÏ· - {998A88A0-A355-809B-831C-B83A80000991} - File not found
O9 - Extra Button: Æô¶¯UUSee ÍøÂçµçÊÓ - {998A88A0-A355-809B-831C-B83A80000992} - C:\Program Files\uusee\UUSeePlayer.exe ()
O9 - Extra 'Tools' menuitem : Æô¶¯UUSee ÍøÂçµçÊÓ - {998A88A0-A355-809B-831C-B83A80000992} - C:\Program Files\uusee\UUSeePlayer.exe ()
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop Components:0 () -
O24 - Desktop WallPaper: C:\TOSHIBA\Wallpapers\wallpaper1.jpg
O24 - Desktop BackupWallPaper: C:\TOSHIBA\Wallpapers\wallpaper1.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/06/14 14:43:09 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2009/06/11 05:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{83906294-44bd-11e0-9d2c-001e651e719e}\Shell - "" = AutoRun
O33 - MountPoints2\{83906294-44bd-11e0-9d2c-001e651e719e}\Shell\AutoRun\command - "" = "E:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/07/19 09:40:00 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{DCEBBD9A-74E2-409B-99EA-12E321A5AFD2}
[2011/07/19 08:37:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011/07/18 20:37:56 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{A2E68B35-F78B-468E-A8EF-48A8313CD28F}
[2011/07/18 20:12:09 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Malwarebytes
[2011/07/18 20:11:47 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/07/18 20:11:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/07/18 20:11:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/07/18 20:11:43 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/07/18 20:11:43 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/07/18 20:07:00 | 009,466,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\User\Desktop\mbam-setup-1.51.1.1800.exe
[2011/07/18 19:58:03 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/07/17 20:18:52 | 000,000,000 | ---D | C] -- C:\FavoriteVideo
[2011/07/16 22:19:01 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{16030DCA-6C9C-4BBE-841E-BD05EE208014}
[2011/07/15 12:52:37 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2011/07/14 22:14:50 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{04102DC3-B938-4A5C-B989-D32D43F64E8D}
[2011/07/14 11:53:39 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\Trend Micro
[2011/07/14 11:53:39 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011/07/14 11:20:04 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\Law
[2011/07/14 09:59:03 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{E82959BC-2872-41B8-9013-4429065CEABA}
[2011/07/13 21:58:37 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{0F2C00B8-1E51-44BD-86FC-EF1F02EDF528}
[2011/07/13 09:09:09 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{B5DB8918-EA86-4647-A959-DCF098FA7BC4}
[2011/07/12 21:08:42 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{528B3375-EDEE-4747-A5D5-81B8E4D969F1}
[2011/07/12 09:08:17 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{00D010EC-C2D6-4068-8796-6BD54EFD9A7D}
[2011/07/11 21:07:49 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{79FF6CD7-BF7E-417F-B26A-20B49B9507C1}
[2011/07/11 09:07:35 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{25727E4C-4DE5-450E-B968-61E2255350F7}
[2011/07/10 21:58:25 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\New folder
[2011/07/10 14:38:42 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{43F9A9EC-DCC9-4EE5-A7D7-3F6D14389F9B}
[2011/07/09 23:08:08 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{C37D2A23-5355-4B2B-BFAD-8A01F38EEFC7}
[2011/07/09 10:43:29 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{C1D932B0-2005-4A55-846A-D117BDC732F6}
[2011/07/08 22:24:04 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Facebook
[2011/07/08 21:49:09 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{458C3C56-507A-477E-BC3B-CA38083F4A13}
[2011/07/08 08:01:40 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{561C9EA4-F2A4-4C0F-9EF7-1EE6D5BFEFD6}
[2011/07/07 19:56:06 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{321CCB63-3AE3-4398-8EA2-5F605BE383D7}
[2011/07/07 10:21:21 | 000,000,000 | R--D | C] -- C:\Users\User\Documents\Scanned Documents
[2011/07/07 10:21:21 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Fax
[2011/07/07 07:55:40 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{CAACA370-812A-4F2F-AB96-D577802DFE56}
[2011/07/06 11:09:51 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{AD154FAE-88C5-4342-831E-8ED4B83C8AB5}
[2011/07/05 22:16:04 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{34389F44-EC3A-4D3B-B04D-C0E9756F9BD3}
[2011/07/05 10:15:51 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{0F6A88D5-A1D4-460F-BD1D-5E560A0C7CB5}
[2011/07/04 22:15:37 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{3D0BEF60-2DAD-4E08-B473-7E2B8D67D7A2}
[2011/07/04 10:15:23 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{C0116305-49C6-4534-BFF5-68B3F21CAC35}
[2011/07/03 22:04:43 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{FF05CD1C-BBE9-4C36-9711-A146C831AC68}
[2011/07/02 17:52:11 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{5FB1FFDD-499C-4BBA-987E-2FE2774AE286}
[2011/07/01 11:46:53 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{088F47F5-8BD0-4709-B229-3F9D33BB3D65}
[2011/06/30 21:15:37 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{DC810AED-C3E7-4546-ADEF-D8D9B07FD6F5}
[2011/06/30 09:15:24 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{4122331A-FE66-45CE-90FE-5481D1F9A416}
[2011/06/29 21:19:33 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Samsung
[2011/06/29 21:15:08 | 000,136,808 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadmdm.sys
[2011/06/29 21:15:08 | 000,121,064 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadbus.sys
[2011/06/29 21:15:08 | 000,114,280 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadserd.sys
[2011/06/29 21:15:08 | 000,012,776 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadmdfl.sys
[2011/06/29 21:15:08 | 000,010,472 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadcmnt.sys
[2011/06/29 21:15:08 | 000,010,472 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadcm.sys
[2011/06/29 21:15:08 | 000,010,344 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadwhnt.sys
[2011/06/29 21:15:08 | 000,010,344 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadwh.sys
[2011/06/29 21:13:54 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\System32\Redemption.dll
[2011/06/29 21:13:43 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\Windows\System32\dgderapi.dll
[2011/06/29 21:09:48 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Downloaded Installations
[2011/06/29 09:14:44 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{A1128B04-7D38-4437-AD8F-D1D96324BD19}
[2011/06/28 21:14:17 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{4FE80DCA-3E55-41EA-9DE9-86482F20F07D}
[2011/06/28 09:14:03 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{72DD4C4C-A9F1-40F0-9407-4AF92AE3F22F}
[2011/06/27 21:13:36 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{927FC774-F2DA-411E-BF77-24E77884889A}
[2011/06/27 09:13:18 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{74643326-B01C-4067-A086-CB370DCCD5FA}
[2011/06/26 15:58:56 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{13C2DE01-265B-48B1-BC23-71D4F17418CF}
[2011/06/25 15:33:57 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{4F7C8D03-A0BF-4B3C-90D9-C3EAD837014C}
[2011/06/25 01:04:10 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{54674965-D6B1-4B49-AD6B-0420F4439025}
[2011/06/24 09:15:43 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{91BEBD01-527D-4878-B38E-244A71C2F60C}
[2011/06/23 21:15:17 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{E45BE562-D9E0-451E-AD91-F7602C1C2FA7}
[2011/06/23 11:25:25 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/06/23 09:14:51 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{260E5311-50F6-4B00-9569-A7EAD59165E2}
[2011/06/22 21:14:15 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{787C0372-ED3A-4FF9-B7AD-6097F6E4EEE4}
[2011/06/22 09:13:59 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{D3FEBD3A-D4C2-4A66-811C-D06D829BEED9}
[2011/06/21 21:13:33 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{08A546A2-161B-4D34-BAEC-A1D6E2121F70}
[2011/06/21 09:13:19 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{B6838110-F542-421B-B6EE-80FBE71B5030}
[2011/06/20 20:42:01 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{B11AD6AE-8398-4BA4-9C9A-62479C4F7DDA}
[2011/06/20 12:00:41 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{26E805D7-6EC2-4A6C-8658-15A4824BA907}
[2011/06/20 00:00:11 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{47A34675-A7E0-47AE-9AA6-DF42E535095C}
[2011/06/19 13:11:54 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS
[2011/03/17 09:09:51 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxcrserv.dll
[2011/03/17 09:09:51 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\lxcrusb1.dll
[2011/03/17 09:09:51 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxcrcomc.dll
[2011/03/17 09:09:51 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxcrpmui.dll
[2011/03/17 09:09:51 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxcrlmpm.dll
[2011/03/17 09:09:51 | 000,537,520 | ---- | C] ( ) -- C:\Windows\System32\lxcrcoms.exe
[2011/03/17 09:09:51 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxcrcomm.dll
[2011/03/17 09:09:51 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxcrinpa.dll
[2011/03/17 09:09:51 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxcriesc.dll
[2011/03/17 09:09:51 | 000,385,968 | ---- | C] ( ) -- C:\Windows\System32\lxcrih.exe
[2011/03/17 09:09:51 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXCRhcp.dll
[2011/03/17 09:09:51 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxcrprox.dll
[2011/03/17 09:09:51 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxcrpplc.dll

========== Files - Modified Within 30 Days ==========

[2011/07/19 12:52:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2536658832-274290432-161746704-1000UA.job
[2011/07/19 12:27:46 | 000,005,872 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/19 12:27:46 | 000,005,872 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/19 12:20:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/19 10:39:15 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2536658832-274290432-161746704-1000UA.job
[2011/07/19 10:39:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2536658832-274290432-161746704-1000Core.job
[2011/07/19 08:28:53 | 000,107,705 | ---- | M] () -- C:\Users\User\Desktop\A- Cylindrical and Spherical Coordinates.pdf
[2011/07/19 08:28:28 | 000,064,949 | ---- | M] () -- C:\Users\User\Desktop\Appendix of the Midterm Test.pdf
[2011/07/19 08:26:26 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/19 08:26:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/19 08:26:05 | 2388,287,488 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/19 08:22:36 | 000,000,000 | ---- | M] () -- C:\Users\User\AppData\Local\{CD19F5DD-0ED7-4320-8952-27689F7A390D}
[2011/07/18 22:17:23 | 000,049,701 | ---- | M] () -- C:\Users\User\Desktop\Chapter 3 - Balancing_5 - selected examples.pdf
[2011/07/18 20:11:47 | 000,001,078 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/07/18 20:11:18 | 009,466,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\User\Desktop\mbam-setup-1.51.1.1800.exe
[2011/07/18 19:52:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2536658832-274290432-161746704-1000Core.job
[2011/07/18 19:48:48 | 000,063,258 | ---- | M] () -- C:\Users\User\Desktop\More Exact Solutions.pdf
[2011/07/18 12:38:59 | 001,018,443 | ---- | M] () -- C:\Users\User\Desktop\Tutorial-6-RC_WR.pdf
[2011/07/17 20:49:04 | 000,165,888 | ---- | M] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/07/17 20:48:25 | 000,721,876 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/07/17 20:48:25 | 000,145,776 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/07/17 20:12:06 | 000,013,040 | ---- | M] () -- C:\Users\User\Desktop\Midterm list.pdf
[2011/07/16 22:56:48 | 000,008,511 | ---- | M] () -- C:\Users\User\Desktop\Outline of EME3026 Fluid Dynamics.pdf
[2011/07/16 07:58:58 | 000,214,016 | ---- | M] () -- C:\Users\User\Desktop\1407.Q16.1081100873.Eric Sim Chee Gee.ipt
[2011/07/15 12:52:53 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2011/07/15 08:53:10 | 000,002,234 | ---- | M] () -- C:\Users\User\Desktop\Google Chrome.lnk
[2011/07/15 08:53:10 | 000,002,111 | ---- | M] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/07/14 11:53:39 | 000,002,969 | ---- | M] () -- C:\Users\User\Desktop\HiJackThis.lnk
[2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/07/05 22:55:29 | 001,203,718 | ---- | M] () -- C:\Users\User\Desktop\IMG.pdf
[2011/06/29 21:13:58 | 000,001,934 | ---- | M] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
[2011/06/26 21:43:41 | 000,000,204 | ---- | M] () -- C:\Windows\struct~.ini
[2011/06/23 11:25:23 | 417,266,955 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/06/19 19:25:43 | 000,542,304 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/06/19 15:52:02 | 000,001,520 | ---- | M] () -- C:\Users\User\Desktop\DiRT 3.lnk

========== Files Created - No Company Name ==========

[2011/07/19 08:28:55 | 000,107,705 | ---- | C] () -- C:\Users\User\Desktop\A- Cylindrical and Spherical Coordinates.pdf
[2011/07/19 08:28:31 | 000,064,949 | ---- | C] () -- C:\Users\User\Desktop\Appendix of the Midterm Test.pdf
[2011/07/19 08:22:36 | 000,000,000 | ---- | C] () -- C:\Users\User\AppData\Local\{CD19F5DD-0ED7-4320-8952-27689F7A390D}
[2011/07/18 22:17:25 | 000,049,701 | ---- | C] () -- C:\Users\User\Desktop\Chapter 3 - Balancing_5 - selected examples.pdf
[2011/07/18 20:11:47 | 000,001,078 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/07/18 19:48:49 | 000,063,258 | ---- | C] () -- C:\Users\User\Desktop\More Exact Solutions.pdf
[2011/07/18 12:39:01 | 001,018,443 | ---- | C] () -- C:\Users\User\Desktop\Tutorial-6-RC_WR.pdf
[2011/07/17 20:12:08 | 000,013,040 | ---- | C] () -- C:\Users\User\Desktop\Midterm list.pdf
[2011/07/16 22:56:49 | 000,008,511 | ---- | C] () -- C:\Users\User\Desktop\Outline of EME3026 Fluid Dynamics.pdf
[2011/07/16 07:58:28 | 000,214,016 | ---- | C] () -- C:\Users\User\Desktop\1407.Q16.1081100873.Eric Sim Chee Gee.ipt
[2011/07/14 11:53:39 | 000,002,969 | ---- | C] () -- C:\Users\User\Desktop\HiJackThis.lnk
[2011/07/08 22:24:17 | 000,000,924 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2536658832-274290432-161746704-1000UA.job
[2011/07/08 22:24:17 | 000,000,902 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2536658832-274290432-161746704-1000Core.job
[2011/07/05 22:48:50 | 001,203,718 | ---- | C] () -- C:\Users\User\Desktop\IMG.pdf
[2011/06/29 21:13:58 | 000,001,934 | ---- | C] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
[2011/06/26 21:43:40 | 000,000,204 | ---- | C] () -- C:\Windows\struct~.ini
[2011/06/23 11:25:23 | 417,266,955 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/06/19 15:52:02 | 000,001,520 | ---- | C] () -- C:\Users\User\Desktop\DiRT 3.lnk
[2011/06/13 21:06:13 | 000,007,606 | ---- | C] () -- C:\Users\User\AppData\Local\Resmon.ResmonCfg
[2011/06/07 11:13:38 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011/06/07 11:13:38 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011/06/07 11:13:38 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011/06/07 11:13:38 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011/06/07 11:13:38 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011/05/29 23:44:54 | 000,000,204 | ---- | C] () -- C:\Windows\System32\bdsecustat.dat
[2011/04/05 23:50:19 | 000,002,358 | ---- | C] () -- C:\Windows\SIM8052.INI
[2011/03/29 21:05:48 | 000,709,992 | ---- | C] () -- C:\Windows\System32\kindling.dll
[2011/03/17 09:09:51 | 000,274,432 | ---- | C] () -- C:\Windows\System32\LXCRinst.dll
[2011/03/14 17:25:34 | 000,165,888 | ---- | C] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/14 16:16:33 | 000,021,316 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat
[2011/03/14 15:43:38 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/03/14 15:43:38 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011/03/08 18:00:55 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011/03/08 18:00:46 | 000,790,528 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/03/08 18:00:46 | 000,134,144 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/03/08 18:00:46 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011/03/04 14:31:10 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2011/03/04 14:31:10 | 000,036,640 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2011/03/04 13:09:37 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011/03/04 12:45:03 | 000,000,020 | ---- | C] () -- C:\Windows\System32\pub_store.dat
[2011/03/03 23:59:24 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/03/02 08:19:25 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2011/03/02 08:19:25 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2011/03/02 08:19:25 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2011/03/02 08:19:25 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2011/03/02 08:19:25 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2011/03/02 08:19:25 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2011/03/02 08:17:20 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2011/03/02 08:17:20 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2011/03/02 08:17:20 | 000,009,484 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2011/03/02 08:17:20 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2011/03/02 08:13:21 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2009/11/06 19:29:28 | 000,073,344 | ---- | C] () -- C:\Windows\System32\gtapi_signed.dll
[2009/11/06 10:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009/07/14 12:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 12:33:53 | 000,542,304 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/14 10:05:48 | 000,721,876 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/14 10:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/14 10:05:48 | 000,145,776 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/14 10:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/14 10:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/14 10:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/14 08:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009/07/14 07:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 07:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 07:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/07/14 07:36:08 | 000,193,024 | ---- | C] () -- C:\Windows\System32\sppcomapi.dll
[2009/06/11 05:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009/02/04 17:50:32 | 000,024,576 | ---- | C] () -- C:\Windows\System32\nsis_loader.dll
[2008/05/01 10:47:55 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2008/05/01 04:36:47 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007/12/22 08:46:32 | 000,118,784 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2006/11/30 12:32:52 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxcrcoin.dll
[2006/08/14 17:01:48 | 000,065,536 | ---- | C] () -- C:\Windows\System32\lxcrcaps.dll
[2006/08/08 15:58:04 | 000,692,224 | ---- | C] () -- C:\Windows\System32\lxcrdrs.dll
[2006/03/23 04:33:20 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxcrvs.dll
[2005/12/20 12:54:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxcrcnv4.dll
[2005/07/23 13:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll

========== LOP Check ==========

[2011/06/21 16:07:04 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Autodesk
[2011/06/16 12:41:43 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Leadertech
[2011/03/14 16:07:24 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Maxthon3
[2011/03/27 13:35:56 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\PPLive
[2011/06/29 21:11:42 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Samsung
[2011/05/29 20:10:46 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\SE_logs
[2011/06/12 01:34:27 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\SogouExplorer
[2011/03/14 16:07:32 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TTPlayer
[2011/03/01 17:42:51 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\WildTangent
[2011/03/14 16:07:32 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Windows Live Writer
[2011/07/19 10:39:00 | 000,000,902 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2536658832-274290432-161746704-1000Core.job
[2011/07/19 10:39:15 | 000,000,924 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2536658832-274290432-161746704-1000UA.job
[2011/05/28 11:28:45 | 000,032,592 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Files - Unicode (All) ==========
[2011/03/04 13:03:41 | 000,001,719 | ---- | M] ()(C:\Users\User\Desktop\

?.lnk) -- C:\Users\User\Desktop\千千静听.lnk
[2011/03/04 13:03:41 | 000,001,719 | ---- | C] ()(C:\Users\User\Desktop\

?.lnk) -- C:\Users\User\Desktop\千千静听.lnk

< End of report >

Tech Clinic / msn messenger

« on: July 18, 2011, 07:25:48 AM »

Here's another log file

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7189

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

18/7/2011 8:21:32 PM
mbam-log-2011-07-18 (20-21-32).txt

Scan type: Quick scan
Objects scanned: 183875
Time elapsed: 6 minute(s), 2 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 7
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 5

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\Typelib\{87CA3845-37FE-414C-81CF-E08A7D0F6779} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{988934A4-064B-11D3-BB80-00104B35E7F9} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\SogouExplorer.AssocFile.HTM (Adware.Sogou) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\SogouExplorer.HTTP (Adware.Sogou) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\SogouExplorerHTML (Adware.Sogou) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\thunder (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\SogouExplorer.exe (Adware.Sogou) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.StartPage) -> Bad: (http://redirecturls.info/) Good: (http://www.google.com) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
c:\program files\thunder network\Thunder\ComDlls\xunleibho_now.dll (Trojan.BHO) -> Quarantined and deleted successfully.
c:\Users\User\AppData\Roaming\489B.tmp (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\Users\User\AppData\Roaming\9F07.tmp (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\Users\User\favorites\Ð¡ÓÎÏ·.lnk (Malware.Trace) -> Quarantined and deleted successfully.
c:\Users\User\AppData\Roaming\microsoft\internet explorer\quick launch\æô¶¯ internet explorer ä¯ààæ÷.lhk (Hijack.Trace) -> Quarantined and deleted successfully.

Tech Clinic / msn messenger

« on: July 18, 2011, 07:08:04 AM »

Here is the log file generated from OTL

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01443AEC-0FD1-40fd-9C87-E93D1494C233}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01443AEC-0FD1-40fd-9C87-E93D1494C233}\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Cgrwry deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Windows Login access deleted successfully.
C:\Users\User\AppData\Roaming\windows.exe moved successfully.
========== FILES ==========
File\Folder C:\Users\User\AppData\Roaming\Cgrwry.exe not found.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\User\Desktop\cmd.bat deleted successfully.
C:\Users\User\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: User
->Flash cache emptied: 116382 bytes

Total Flash Files Cleaned = 0.00 mb

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: User
->Temp folder emptied: 694785411 bytes
->Temporary Internet Files folder emptied: 138715812 bytes
->Java cache emptied: 203575 bytes
->Google Chrome cache emptied: 437313576 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3657113779 bytes
RecycleBin emptied: 1793185 bytes

Total Files Cleaned = 4,702.00 mb

OTL by OldTimer - Version 3.2.26.1 log created on 07182011_195803

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Tech Clinic / msn messenger

« on: July 15, 2011, 12:48:11 AM »

Here the link:
https://www.virustotal.com/file-scan/reanalysis.html?id=8aa9b9c970a58505b71c5b2ddbcb3916eec6fd9d11f0d8152026c7b0d33f23a8-1310707927

I cant found C:\Users\User\AppData\Roaming\Cgrwry.exe

[size="2"][color="#1c2837"]Thanks again and have a good rest [/color][/size]
[size="2"][color="#1c2837"]=)[/color][/size]

Tech Clinic / msn messenger

« on: July 15, 2011, 12:02:00 AM »

Here is the 2 log file that u ask me to post

OTL logfile created on: 15/7/2011 12:53:06 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\User\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00004409 | Country: Malaysia | Language: ENM | Date Format: d/M/yyyy

2.97 Gb Total Physical Memory | 1.65 Gb Available Physical Memory | 55.49% Memory free
5.93 Gb Paging File | 4.44 Gb Available in Paging File | 74.89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286.99 Gb Total Space | 53.11 Gb Free Space | 18.50% Space Free | Partition Type: NTFS

Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/07/15 12:52:53 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
PRC - [2011/07/14 22:58:35 | 000,135,168 | -HS- | M] () -- C:\Users\User\AppData\Roaming\windows.exe
PRC - [2011/07/04 18:51:46 | 000,517,496 | ---- | M] (UUSEE) -- C:\Program Files\Common Files\uusee\UUSeeMediaCenter.exe
PRC - [2011/06/24 15:54:46 | 000,020,880 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2011/06/24 15:54:36 | 003,373,968 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
PRC - [2011/06/09 11:14:38 | 000,439,744 | ---- | M] (PPLive Corporation) -- C:\Program Files\Common Files\PPLiveNetwork\PPAP.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010/12/21 18:52:26 | 000,038,704 | ---- | M] (ShenZhen Xunlei Networking Technologies,LTD) -- C:\Program Files\Thunder Network\Thunder\Program\DctSer.exe
PRC - [2010/12/21 18:51:40 | 000,946,480 | ---- | M] (深圳市迅雷网络技术有限公司) -- C:\Program Files\Thunder Network\Thunder\Program\Thunder.exe
PRC - [2010/12/21 18:51:20 | 000,157,488 | ---- | M] (ShenZhen Xunlei Networking Technologies,LTD) -- c:\Program Files\Common Files\Thunder Network\TP\Ver1\1.1.2.46_1111\ThunderPlatform.exe
PRC - [2010/12/20 14:42:04 | 000,217,088 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2010/01/22 18:42:06 | 000,462,336 | ---- | M] () -- C:\Program Files\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe
PRC - [2009/11/16 09:04:30 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009/11/16 09:03:32 | 002,054,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2009/07/14 09:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/14 09:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/05/01 13:52:24 | 000,082,600 | ---- | M] (Lexmark International Inc.) -- C:\Program Files\Lexmark 2400 Series\ezprint.exe
PRC - [2009/05/01 13:52:22 | 000,291,496 | ---- | M] () -- C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
PRC - [2009/02/20 09:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2008/09/03 13:47:00 | 000,712,704 | ---- | M] (AuthenTec, Inc) -- C:\Program Files\TrueSuite Access Manager\FpNotifier.exe
PRC - [2008/09/02 07:06:00 | 000,049,152 | ---- | M] (AuthenTec Inc.) -- C:\Windows\System32\TAMSvr.exe
PRC - [2008/08/26 01:58:20 | 000,077,824 | ---- | M] (Toshiba) -- C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe
PRC - [2008/07/25 15:41:56 | 000,094,208 | ---- | M] () -- C:\Program Files\TrueSuite Access Manager\usbnotify.exe
PRC - [2008/07/18 20:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2008/04/25 04:03:12 | 000,430,080 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
PRC - [2008/04/17 15:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2008/03/20 05:35:44 | 000,716,800 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
PRC - [2008/02/07 05:52:52 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
PRC - [2008/02/07 05:52:40 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
PRC - [2007/12/04 09:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
PRC - [2007/11/22 08:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2007/09/29 08:03:46 | 000,075,136 | ---- | M] ( TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
PRC - [2007/06/16 13:01:58 | 000,448,080 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
PRC - [2007/02/12 16:43:44 | 000,065,536 | ---- | M] (O2Micro International) -- c:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
PRC - [2006/12/11 12:12:06 | 000,537,520 | ---- | M] ( ) -- C:\Windows\System32\lxcrcoms.exe
PRC - [2006/08/24 08:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

========== Modules (SafeList) ==========

MOD - [2011/07/15 12:52:53 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
MOD - [2009/07/14 09:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (WPFFontCache_v0400)
SRV - [2011/06/30 09:27:39 | 003,435,096 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_e477fed.dll -- (Akamai)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/03/22 22:34:49 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/12/21 18:52:26 | 000,038,704 | ---- | M] (ShenZhen Xunlei Networking Technologies,LTD) [Auto | Running] -- C:\Program Files\Thunder Network\Thunder\Program\DctSer.exe -- (XLDoctor Services)
SRV - [2010/12/20 14:42:04 | 000,217,088 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010/01/22 18:42:06 | 000,462,336 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe -- (mitsijm2011)
SRV - [2009/11/16 09:12:54 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009/11/16 09:04:30 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2009/07/14 09:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 09:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 09:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/02/20 09:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2008/09/02 07:06:00 | 000,049,152 | ---- | M] (AuthenTec Inc.) [Auto | Running] -- C:\Windows\System32\TAMSvr.exe -- (Authentec memory manager)
SRV - [2008/08/26 01:58:20 | 000,077,824 | ---- | M] (Toshiba) [On_Demand | Running] -- C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe -- (SmartFaceVWatchSrv)
SRV - [2008/07/18 20:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2008/05/29 07:20:16 | 000,164,600 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/04/17 15:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2008/04/12 03:57:14 | 000,124,264 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2008/02/07 05:52:40 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2007/12/04 09:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV - [2007/11/22 08:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2007/02/12 16:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- c:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe -- (o2flash)
SRV - [2006/12/11 12:12:06 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxcrcoms.exe -- (lxcr_device)
SRV - [2006/08/24 08:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)

========== Driver Services (SafeList) ==========

DRV - [2011/06/02 13:47:22 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011/06/02 13:47:22 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2011/06/02 13:47:22 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM)
DRV - [2011/06/02 13:47:22 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2010/12/21 18:51:38 | 000,008,488 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Thunder Network\Thunder\XLDoctor\7.1.4.2104_1\Program\tcphoc.sys -- (tcphoc)
DRV - [2010/12/21 13:55:02 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2010/12/20 14:42:04 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/11/24 08:55:50 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2010/11/24 08:55:50 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2010/11/24 08:55:50 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2010/02/16 23:02:02 | 000,021,504 | ---- | M] (http://www.atmel.com) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\libusb0.sys -- (libusb0)
DRV - [2009/11/16 09:06:52 | 000,095,896 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2009/11/16 09:03:36 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009/11/16 08:56:12 | 000,116,520 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamon.sys -- (eamon)
DRV - [2009/07/14 09:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/14 09:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009/07/14 09:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/14 07:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/14 07:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/07/14 06:09:17 | 004,194,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/07/14 06:02:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/07/14 06:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel(R)
DRV - [2008/08/14 09:52:00 | 000,146,944 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor)
DRV - [2008/07/25 15:41:36 | 000,042,608 | ---- | M] (Alfa Corporation) [File_System | Boot | Running] -- C:\Windows\system32\Drivers\AlfaFF.sys -- (AlfaFF)
DRV - [2008/07/16 11:59:06 | 000,017,960 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2008/05/06 16:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008/04/15 10:13:14 | 000,051,160 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2media.sys -- (O2MDRDR)
DRV - [2008/03/04 10:32:00 | 000,188,416 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2007/12/15 02:53:24 | 000,024,200 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2007/11/10 06:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2007/10/17 07:36:00 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/10/24 08:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSHS&bmod=TSHS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=TSHS&bmod=TSHS

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://redirecturls.info/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@xunlei.com/DapCtrlPlugin: C:\Program Files\Common Files\Thunder Network\KanKan\npDapCtrlFirefox.2.0.5901.12.(500).dll (ShenZhen Thunder Networking Technologies Ltd.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\User\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\User\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011/03/14 15:47:54 | 000,000,000 | ---D | M]

[2010/09/10 14:19:24 | 000,305,152 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npuuseep.dll

O1 HOSTS File: ([2006/09/19 05:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Ñ¸À×Á÷Ã½ÌåÌ½²âIEÖ§³Ö) - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - File not found
O2 - BHO: (Ñ¸À×ÏÂÔØÖ§³Ö) - {889D2FEB-5411-4565-8998-1DD2C5261283} - C:\Program Files\Thunder Network\Thunder\BHO\XunleiBHO7.1.4.2104.dll (深圳市迅雷网络技术有限公司)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 2400 Series\ezprint.exe (Lexmark International Inc.)
O4 - HKLM..\Run: [FingerPrintNotifer] C:\Program Files\TrueSuite Access Manager\FpNotifier.exe (AuthenTec, Inc)
O4 - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
O4 - HKLM..\Run: [LXCRCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\LXCRtime.DLL (Lexmark International Inc.)
O4 - HKLM..\Run: [lxcrmon.exe] C:\Program Files\Lexmark 2400 Series\lxcrmon.exe ()
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [UsbMonitor] C:\Program Files\TrueSuite Access Manager\usbnotify.exe ()
O4 - HKLM..\Run: [UUSeeMediaCenter] C:\Program Files\Common Files\uusee\UUSeeMediaCenter.exe (UUSEE)
O4 - HKCU..\Run: [Cgrwry] File not found
O4 - HKCU..\Run: [Facebook Update] C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [PPAP] C:\Program Files\Common Files\PPLiveNetwork\PPAP.EXE (PPLive Corporation)
O4 - HKCU..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - HKCU..\Run: [Windows Login access] C:\Users\User\AppData\Roaming\windows.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Ê¹ÓÃÑ¸À×ÏÂÔØ - C:\Program Files\Thunder Network\Thunder\BHO\geturl.htm ()
O8 - Extra context menu item: Ê¹ÓÃÑ¸À×ÏÂÔØÈ«²¿Á´½Ó - C:\Program Files\Thunder Network\Thunder\BHO\getAllurl.htm ()
O8 - Extra context menu item: Ê¹ÓÃUUSee¼ÓËÙ²¥·Å - C:\Program Files\uusee\geturltoplay.htm ()
O8 - Extra context menu item: Ê¹ÓÃUUSeeÏÂÔØ - C:\Program Files\uusee\geturltodown.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll (Google Inc.)
O9 - Extra Button: ²é¿´ÍøÒ³È«²¿Í¼Æ¬ - {548BF84E-9665-47f9-B635-7380F8943E90} - C:\Program Files\Thunder Network\Thunder\Program\repairimage.htm ()
O9 - Extra 'Tools' menuitem : ²é¿´ÍøÒ³È«²¿Í¼Æ¬ - {548BF84E-9665-47f9-B635-7380F8943E90} - C:\Program Files\Thunder Network\Thunder\Program\repairimage.htm ()
O9 - Extra Button: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPTV\PPLive.exe (PPLive Corporation)
O9 - Extra 'Tools' menuitem : PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPTV\PPLive.exe (PPLive Corporation)
O9 - Extra Button: Ð¡ÓÎÏ· - {998A88A0-A355-809B-831C-B83A80000991} - File not found
O9 - Extra 'Tools' menuitem : Ð¡ÓÎÏ· - {998A88A0-A355-809B-831C-B83A80000991} - File not found
O9 - Extra Button: Æô¶¯UUSee ÍøÂçµçÊÓ - {998A88A0-A355-809B-831C-B83A80000992} - C:\Program Files\uusee\UUSeePlayer.exe ()
O9 - Extra 'Tools' menuitem : Æô¶¯UUSee ÍøÂçµçÊÓ - {998A88A0-A355-809B-831C-B83A80000992} - C:\Program Files\uusee\UUSeePlayer.exe ()
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop Components:0 () -
O24 - Desktop WallPaper: C:\TOSHIBA\Wallpapers\wallpaper1.jpg
O24 - Desktop BackupWallPaper: C:\TOSHIBA\Wallpapers\wallpaper1.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/06/14 14:43:09 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2009/06/11 05:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{83906294-44bd-11e0-9d2c-001e651e719e}\Shell - "" = AutoRun
O33 - MountPoints2\{83906294-44bd-11e0-9d2c-001e651e719e}\Shell\AutoRun\command - "" = "E:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/07/15 12:52:37 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2011/07/14 22:14:50 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{04102DC3-B938-4A5C-B989-D32D43F64E8D}
[2011/07/14 11:53:39 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\Trend Micro
[2011/07/14 11:53:39 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011/07/14 11:20:04 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\Law
[2011/07/14 09:59:03 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{E82959BC-2872-41B8-9013-4429065CEABA}
[2011/07/13 21:58:37 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{0F2C00B8-1E51-44BD-86FC-EF1F02EDF528}
[2011/07/13 09:09:09 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{B5DB8918-EA86-4647-A959-DCF098FA7BC4}
[2011/07/12 21:08:42 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{528B3375-EDEE-4747-A5D5-81B8E4D969F1}
[2011/07/12 09:08:17 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{00D010EC-C2D6-4068-8796-6BD54EFD9A7D}
[2011/07/11 21:07:49 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{79FF6CD7-BF7E-417F-B26A-20B49B9507C1}
[2011/07/11 09:07:35 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{25727E4C-4DE5-450E-B968-61E2255350F7}
[2011/07/10 21:58:25 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\New folder
[2011/07/10 14:38:42 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{43F9A9EC-DCC9-4EE5-A7D7-3F6D14389F9B}
[2011/07/09 23:08:08 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{C37D2A23-5355-4B2B-BFAD-8A01F38EEFC7}
[2011/07/09 10:43:29 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{C1D932B0-2005-4A55-846A-D117BDC732F6}
[2011/07/08 22:24:04 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Facebook
[2011/07/08 21:49:09 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{458C3C56-507A-477E-BC3B-CA38083F4A13}
[2011/07/08 08:01:40 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{561C9EA4-F2A4-4C0F-9EF7-1EE6D5BFEFD6}
[2011/07/07 19:56:06 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{321CCB63-3AE3-4398-8EA2-5F605BE383D7}
[2011/07/07 10:21:21 | 000,000,000 | R--D | C] -- C:\Users\User\Documents\Scanned Documents
[2011/07/07 10:21:21 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Fax
[2011/07/07 07:55:40 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{CAACA370-812A-4F2F-AB96-D577802DFE56}
[2011/07/06 11:09:51 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{AD154FAE-88C5-4342-831E-8ED4B83C8AB5}
[2011/07/05 22:16:04 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{34389F44-EC3A-4D3B-B04D-C0E9756F9BD3}
[2011/07/05 10:15:51 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{0F6A88D5-A1D4-460F-BD1D-5E560A0C7CB5}
[2011/07/04 22:15:37 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{3D0BEF60-2DAD-4E08-B473-7E2B8D67D7A2}
[2011/07/04 10:15:23 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{C0116305-49C6-4534-BFF5-68B3F21CAC35}
[2011/07/03 22:04:43 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{FF05CD1C-BBE9-4C36-9711-A146C831AC68}
[2011/07/02 19:19:39 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/07/02 19:19:39 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/07/02 19:19:39 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/07/02 17:52:11 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{5FB1FFDD-499C-4BBA-987E-2FE2774AE286}
[2011/07/01 11:46:53 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{088F47F5-8BD0-4709-B229-3F9D33BB3D65}
[2011/06/30 21:15:37 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{DC810AED-C3E7-4546-ADEF-D8D9B07FD6F5}
[2011/06/30 09:15:24 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{4122331A-FE66-45CE-90FE-5481D1F9A416}
[2011/06/30 08:27:27 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/06/29 21:19:33 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Samsung
[2011/06/29 21:15:08 | 000,136,808 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadmdm.sys
[2011/06/29 21:15:08 | 000,121,064 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadbus.sys
[2011/06/29 21:15:08 | 000,114,280 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadserd.sys
[2011/06/29 21:15:08 | 000,030,312 | ---- | C] (Google Inc) -- C:\Windows\System32\drivers\ssadadb.sys
[2011/06/29 21:15:08 | 000,012,776 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadmdfl.sys
[2011/06/29 21:15:08 | 000,010,472 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadcmnt.sys
[2011/06/29 21:15:08 | 000,010,472 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadcm.sys
[2011/06/29 21:15:08 | 000,010,344 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadwhnt.sys
[2011/06/29 21:15:08 | 000,010,344 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadwh.sys
[2011/06/29 21:13:54 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\System32\Redemption.dll
[2011/06/29 21:13:43 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\Windows\System32\dgderapi.dll
[2011/06/29 21:09:48 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Downloaded Installations
[2011/06/29 09:14:44 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{A1128B04-7D38-4437-AD8F-D1D96324BD19}
[2011/06/28 21:14:17 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{4FE80DCA-3E55-41EA-9DE9-86482F20F07D}
[2011/06/28 09:14:03 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{72DD4C4C-A9F1-40F0-9407-4AF92AE3F22F}
[2011/06/27 21:13:36 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{927FC774-F2DA-411E-BF77-24E77884889A}
[2011/06/27 09:13:18 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{74643326-B01C-4067-A086-CB370DCCD5FA}
[2011/06/26 15:58:56 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{13C2DE01-265B-48B1-BC23-71D4F17418CF}
[2011/06/25 15:33:57 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{4F7C8D03-A0BF-4B3C-90D9-C3EAD837014C}
[2011/06/25 01:04:10 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{54674965-D6B1-4B49-AD6B-0420F4439025}
[2011/06/24 09:15:43 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{91BEBD01-527D-4878-B38E-244A71C2F60C}
[2011/06/23 21:15:17 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{E45BE562-D9E0-451E-AD91-F7602C1C2FA7}
[2011/06/23 11:25:25 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/06/23 09:14:51 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{260E5311-50F6-4B00-9569-A7EAD59165E2}
[2011/06/22 21:14:15 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{787C0372-ED3A-4FF9-B7AD-6097F6E4EEE4}
[2011/06/22 09:13:59 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{D3FEBD3A-D4C2-4A66-811C-D06D829BEED9}
[2011/06/21 21:13:33 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{08A546A2-161B-4D34-BAEC-A1D6E2121F70}
[2011/06/21 09:13:19 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{B6838110-F542-421B-B6EE-80FBE71B5030}
[2011/06/20 20:42:01 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{B11AD6AE-8398-4BA4-9C9A-62479C4F7DDA}
[2011/06/20 12:00:41 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{26E805D7-6EC2-4A6C-8658-15A4824BA907}
[2011/06/20 00:00:11 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{47A34675-A7E0-47AE-9AA6-DF42E535095C}
[2011/06/19 13:11:54 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS
[2011/06/19 11:59:20 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{784B8043-91A0-44D4-8C93-88CEB1340B39}
[2011/06/19 11:40:05 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\Dirt 3
[2011/06/19 11:23:55 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Autodesk,_Inc
[2011/06/19 10:52:26 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Autodesk
[2011/06/19 10:44:25 | 000,000,000 | ---D | C] -- C:\MITSI 2011 Temporary Files
[2011/06/19 10:43:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Chart Controls
[2011/06/19 10:13:49 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\Inventor
[2011/06/18 23:58:48 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{82A7AF34-FB4B-4777-A71B-CC56A395F8CF}
[2011/06/18 11:58:22 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{688CEC2D-DA16-40D9-938F-5A1332D9DF75}
[2011/06/18 01:21:05 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\NFS Most Wanted
[2011/06/17 21:48:18 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{E4F7566E-E8FD-47B1-9513-34616EE156A0}
[2011/06/17 09:47:52 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{B3337826-69DE-418A-9B9A-2431EB62B96E}
[2011/06/16 21:47:25 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{E79D3D19-2F7E-4765-81A3-D83E2D42725C}
[2011/06/16 12:41:43 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Leadertech
[2011/06/16 12:37:15 | 000,000,000 | ---D | C] -- C:\Program Files\EA Sports
[2011/06/16 11:33:11 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2011/06/16 11:32:56 | 000,000,000 | ---D | C] -- C:\Program Files\Magical Jelly Bean
[2011/06/16 11:32:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2011/06/16 11:17:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Solidshield
[2011/06/16 09:46:59 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{30F7E7E9-D323-4F61-B471-19B94F267608}
[2011/06/15 21:46:25 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{0AD799EF-74F2-423B-8433-5D7D818CA32C}
[2011/03/17 09:09:51 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxcrserv.dll
[2011/03/17 09:09:51 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\lxcrusb1.dll
[2011/03/17 09:09:51 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxcrcomc.dll
[2011/03/17 09:09:51 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxcrpmui.dll
[2011/03/17 09:09:51 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxcrlmpm.dll
[2011/03/17 09:09:51 | 000,537,520 | ---- | C] ( ) -- C:\Windows\System32\lxcrcoms.exe
[2011/03/17 09:09:51 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxcrcomm.dll
[2011/03/17 09:09:51 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxcrinpa.dll
[2011/03/17 09:09:51 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxcriesc.dll
[2011/03/17 09:09:51 | 000,385,968 | ---- | C] ( ) -- C:\Windows\System32\lxcrih.exe
[2011/03/17 09:09:51 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXCRhcp.dll
[2011/03/17 09:09:51 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxcrprox.dll
[2011/03/17 09:09:51 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxcrpplc.dll
[2 C:\Users\User\AppData\Roaming\*.tmp files -> C:\Users\User\AppData\Roaming\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/07/15 12:52:53 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2011/07/15 12:52:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2536658832-274290432-161746704-1000UA.job
[2011/07/15 12:20:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/15 10:42:19 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2536658832-274290432-161746704-1000UA.job
[2011/07/15 10:39:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2536658832-274290432-161746704-1000Core.job
[2011/07/15 08:53:10 | 000,002,234 | ---- | M] () -- C:\Users\User\Desktop\Google Chrome.lnk
[2011/07/15 08:53:10 | 000,002,111 | ---- | M] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/07/15 07:55:28 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/15 07:55:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/15 07:55:05 | 2388,287,488 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/15 02:30:38 | 000,005,872 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/15 02:30:38 | 000,005,872 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/15 00:32:20 | 003,950,612 | ---- | M] () -- C:\Users\User\Desktop\graphic method 001.jpg
[2011/07/14 22:58:35 | 000,135,168 | -HS- | M] () -- C:\Users\User\AppData\Roaming\windows.exe
[2011/07/14 20:39:22 | 001,340,701 | ---- | M] () -- C:\Users\User\Desktop\TOM2 001.jpg
[2011/07/14 20:38:22 | 001,244,017 | ---- | M] () -- C:\Users\User\Desktop\TOM1 001.jpg
[2011/07/14 20:37:29 | 000,151,552 | ---- | M] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/07/14 19:52:01 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2536658832-274290432-161746704-1000Core.job
[2011/07/14 19:26:12 | 020,350,781 | ---- | M] () -- C:\Users\User\Desktop\IMG (2).pdf
[2011/07/14 11:53:39 | 000,002,969 | ---- | M] () -- C:\Users\User\Desktop\HiJackThis.lnk
[2011/07/14 11:20:58 | 000,721,876 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/07/14 11:20:58 | 000,145,776 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/07/13 17:18:17 | 002,280,398 | ---- | M] () -- C:\Users\User\Desktop\IMG (1).pdf
[2011/07/05 22:55:29 | 001,203,718 | ---- | M] () -- C:\Users\User\Desktop\IMG.pdf
[2011/07/05 19:38:43 | 000,029,097 | ---- | M] () -- C:\Users\User\Desktop\EME3066 Midterm Test Arrangement.pdf
[2011/06/30 08:27:27 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/06/29 21:13:58 | 000,001,934 | ---- | M] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
[2011/06/26 21:43:41 | 000,000,204 | ---- | M] () -- C:\Windows\struct~.ini
[2011/06/23 11:25:23 | 417,266,955 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/06/19 19:25:43 | 000,542,304 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/06/19 15:52:02 | 000,001,520 | ---- | M] () -- C:\Users\User\Desktop\DiRT 3.lnk
[2011/06/19 10:51:39 | 000,002,230 | ---- | M] () -- C:\Users\Public\Desktop\Autodesk Inventor Professional 2011.lnk
[2 C:\Users\User\AppData\Roaming\*.tmp files -> C:\Users\User\AppData\Roaming\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/07/15 00:33:21 | 003,950,612 | ---- | C] () -- C:\Users\User\Desktop\graphic method 001.jpg
[2011/07/14 22:58:45 | 000,135,168 | -HS- | C] () -- C:\Users\User\AppData\Roaming\windows.exe
[2011/07/14 20:39:22 | 001,340,701 | ---- | C] () -- C:\Users\User\Desktop\TOM2 001.jpg
[2011/07/14 20:38:22 | 001,244,017 | ---- | C] () -- C:\Users\User\Desktop\TOM1 001.jpg
[2011/07/14 19:21:42 | 020,350,781 | ---- | C] () -- C:\Users\User\Desktop\IMG (2).pdf
[2011/07/14 11:53:39 | 000,002,969 | ---- | C] () -- C:\Users\User\Desktop\HiJackThis.lnk
[2011/07/13 17:16:48 | 002,280,398 | ---- | C] () -- C:\Users\User\Desktop\IMG (1).pdf
[2011/07/08 22:24:17 | 000,000,924 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2536658832-274290432-161746704-1000UA.job
[2011/07/08 22:24:17 | 000,000,902 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2536658832-274290432-161746704-1000Core.job
[2011/07/05 22:48:50 | 001,203,718 | ---- | C] () -- C:\Users\User\Desktop\IMG.pdf
[2011/07/05 19:38:44 | 000,029,097 | ---- | C] () -- C:\Users\User\Desktop\EME3066 Midterm Test Arrangement.pdf
[2011/06/29 21:13:58 | 000,001,934 | ---- | C] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
[2011/06/26 21:43:40 | 000,000,204 | ---- | C] () -- C:\Windows\struct~.ini
[2011/06/23 11:25:23 | 417,266,955 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/06/19 15:52:02 | 000,001,520 | ---- | C] () -- C:\Users\User\Desktop\DiRT 3.lnk
[2011/06/19 10:51:39 | 000,002,230 | ---- | C] () -- C:\Users\Public\Desktop\Autodesk Inventor Professional 2011.lnk
[2011/06/18 01:27:27 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011/06/13 21:06:13 | 000,007,606 | ---- | C] () -- C:\Users\User\AppData\Local\Resmon.ResmonCfg
[2011/06/07 11:13:38 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011/06/07 11:13:38 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011/06/07 11:13:38 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011/06/07 11:13:38 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011/06/07 11:13:38 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011/05/29 23:44:54 | 000,000,204 | ---- | C] () -- C:\Windows\System32\bdsecustat.dat
[2011/04/05 23:50:19 | 000,002,358 | ---- | C] () -- C:\Windows\SIM8052.INI
[2011/03/29 21:05:48 | 000,709,992 | ---- | C] () -- C:\Windows\System32\kindling.dll
[2011/03/17 09:09:51 | 000,274,432 | ---- | C] () -- C:\Windows\System32\LXCRinst.dll
[2011/03/14 17:25:34 | 000,151,552 | ---- | C] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/14 16:16:33 | 000,021,316 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat
[2011/03/14 15:43:38 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/03/14 15:43:38 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011/03/08 18:00:55 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011/03/08 18:00:46 | 000,790,528 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/03/08 18:00:46 | 000,134,144 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/03/08 18:00:46 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011/03/04 14:31:10 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2011/03/04 14:31:10 | 000,036,640 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2011/03/04 13:09:37 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011/03/04 12:45:03 | 000,000,020 | ---- | C] () -- C:\Windows\System32\pub_store.dat
[2011/03/03 23:59:24 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/03/02 08:19:25 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2011/03/02 08:19:25 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2011/03/02 08:19:25 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2011/03/02 08:19:25 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2011/03/02 08:19:25 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2011/03/02 08:19:25 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2011/03/02 08:17:20 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2011/03/02 08:17:20 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2011/03/02 08:17:20 | 000,009,484 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2011/03/02 08:17:20 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2011/03/02 08:13:21 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2009/11/06 19:29:28 | 000,073,344 | ---- | C] () -- C:\Windows\System32\gtapi_signed.dll
[2009/11/06 10:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009/07/14 12:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 12:33:53 | 000,542,304 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/14 10:05:48 | 000,721,876 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/14 10:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/14 10:05:48 | 000,145,776 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/14 10:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/14 10:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/14 10:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/14 08:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009/07/14 07:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 07:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 07:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/07/14 07:36:08 | 000,193,024 | ---- | C] () -- C:\Windows\System32\sppcomapi.dll
[2009/06/11 05:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009/02/04 17:50:32 | 000,024,576 | ---- | C] () -- C:\Windows\System32\nsis_loader.dll
[2008/05/01 10:47:55 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2008/05/01 04:36:47 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007/12/22 08:46:32 | 000,118,784 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2006/11/30 12:32:52 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxcrcoin.dll
[2006/08/14 17:01:48 | 000,065,536 | ---- | C] () -- C:\Windows\System32\lxcrcaps.dll
[2006/08/08 15:58:04 | 000,692,224 | ---- | C] () -- C:\Windows\System32\lxcrdrs.dll
[2006/03/23 04:33:20 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxcrvs.dll
[2005/12/20 12:54:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxcrcnv4.dll
[2005/07/23 13:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll

========== Files - Unicode (All) ==========
[2011/03/04 13:03:41 | 000,001,719 | ---- | M] ()(C:\Users\User\Desktop\

?.lnk) -- C:\Users\User\Desktop\千千静听.lnk
[2011/03/04 13:03:41 | 000,001,719 | ---- | C] ()(C:\Users\User\Desktop\

?.lnk) -- C:\Users\User\Desktop\千千静听.lnk

< End of report >

Here is another

OTL Extras logfile created on: 15/7/2011 12:53:06 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\User\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00004409 | Country: Malaysia | Language: ENM | Date Format: d/M/yyyy

2.97 Gb Total Physical Memory | 1.65 Gb Available Physical Memory | 55.49% Memory free
5.93 Gb Paging File | 4.44 Gb Available in Paging File | 74.89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286.99 Gb Total Space | 53.11 Gb Free Space | 18.50% Space Free | Partition Type: NTFS

Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- "C:\Program Files\SogouExplorer\SogouExplorer.exe" "%1"

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\SogouExplorer\SogouExplorer.exe" "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Playback] -- "C:\Program Files\TTPlayer\TTPlayer.exe" "%1" (Alen Soft)
Directory [PlayList] -- "C:\Program Files\TTPlayer\TTPlayer.exe" /a "%1" (Alen Soft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\uusee\UUSeePlayer.exe" = C:\Program Files\uusee\UUSeePlayer.exe:*:Enabled:UUPlayer -- ()

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{08233ADA-AA4C-A977-58FD-DB6C684BE010}" = Catalyst Control Center Localization Norwegian
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B4C7D42-323A-F3FD-5B18-0222082E6FDD}" = Catalyst Control Center Localization Dutch
"{0D348034-9CBE-19FC-19B0-B2CDC78E50F1}" = ccc-core-static
"{0D5D0BEE-FBA9-4928-A50D-6CDFAB827755}" = TOSHIBA ConfigFree
"{10B35323-BE1A-61FB-C4D1-E88F24147617}" = Catalyst Control Center Localization Thai
"{11FC2772-F7FD-21FD-614F-CE58BF52C398}" = Catalyst Control Center Localization Chinese Standard
"{12911298-DDB4-AD44-E530-AEB8127503C9}" = CCC Help Italian
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{156E98D0-1AEC-4013-A41A-94A1A01BFD68}" = O2Micro Flash Memory Card Reader Driver (x86)
"{1714616C-61CE-44D5-AF0B-53404D7FA83A}" = Catalyst Control Center Localization Korean
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18625A47-84A9-6F6C-3780-79221B6095C3}" = CCC Help Norwegian
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1C3F57C7-8474-DF38-8F9F-0EBFB554FD56}" = Catalyst Control Center Localization Hungarian
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{264324EA-35F7-AD77-CC96-F9F47A9A6284}" = Catalyst Control Center Localization Czech
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 26
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{2A6F930B-12DA-AD4F-C4A4-E008F73A8016}" = CCC Help English
"{2AEC1EC0-0C01-8831-B04F-41FB4A92B677}" = Catalyst Control Center Localization Spanish
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{31326B80-1D01-4DBA-1DCA-A0731182A2E6}" = CCC Help Korean
"{31DD9FF4-23CD-7898-0305-70D806E2F7DB}" = CCC Help Japanese
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33AC44A1-81C2-0A61-0EC0-59EFC503A1EA}" = Catalyst Control Center Localization Danish
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{374E3A6E-A243-461D-BC0F-8B183A9950C5}" = FET@51
"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DFE65B6-3AC9-C44A-1160-A449E0DFFE94}" = CCC Help Greek
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS En

Tech Clinic / msn messenger

« on: July 14, 2011, 03:24:10 AM »

Hi there,

My friend complaining that my msn messenger keep on sending link to them (but actually i didn't).

Can u help me to solve this problem?

thax

=)

Here is my hijacthis log file

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:21:13 PM, on 14/7/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\TrueSuite Access Manager\FpNotifier.exe
C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TrueSuite Access Manager\usbnotify.exe
C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
C:\Program Files\Lexmark 2400 Series\ezprint.exe
C:\Program Files\Common Files\uusee\UUSeeMediaCenter.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\Common Files\PPLiveNetwork\PPAP.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Thunder Network\Thunder\Program\Thunder.exe
C:\Windows\system32\wuauclt.exe
c:\program files\common files\thunder network\tp\ver1\1.1.2.46_1111\thunderplatform.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\User\Desktop\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pp250.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - C:\Program Files\Thunder Network\Thunder\ComDlls\TDMediaDetector5.9.22.1466.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: XunleiBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - C:\Program Files\Thunder Network\Thunder\BHO\XunleiBHO7.1.4.2104.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [FingerPrintNotifer] "C:\Program Files\TrueSuite Access Manager\FpNotifier.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [UsbMonitor] "C:\Program Files\TrueSuite Access Manager\usbnotify.exe"
O4 - HKLM\..\Run: [lxcrmon.exe] "C:\Program Files\Lexmark 2400 Series\lxcrmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2400 Series\ezprint.exe"
O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [UUSeeMediaCenter] "C:\PROGRA~1\COMMON~1\uusee\UUSeeMediaCenter.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [PPAP] "C:\Program Files\Common Files\PPLiveNetwork\PPAP.EXE" -background
O4 - HKCU\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s
O4 - HKCU\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Cgrwry] C:\Users\User\AppData\Roaming\Cgrwry.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
O8 - Extra context menu item: Ê¹ÓÃUUSee¼ÓËÙ²¥·Å - C:\Program Files\uusee\geturltoplay.htm
O8 - Extra context menu item: Ê¹ÓÃUUSeeÏÂÔØ - C:\Program Files\uusee\geturltodown.htm
O8 - Extra context menu item: Ê¹ÓÃÑ¸À×ÏÂÔØ - C:\Program Files\Thunder Network\Thunder\BHO\geturl.htm
O8 - Extra context menu item: Ê¹ÓÃÑ¸À×ÏÂÔØÈ«²¿Á´½Ó - C:\Program Files\Thunder Network\Thunder\BHO\GetAllUrl.htm
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ²é¿´ÍøÒ³È«²¿Í¼Æ¬ - {548BF84E-9665-47f9-B635-7380F8943E90} - C:\Program Files\Thunder Network\Thunder\Program\repairimage.htm
O9 - Extra 'Tools' menuitem: ²é¿´ÍøÒ³È«²¿Í¼Æ¬ - {548BF84E-9665-47f9-B635-7380F8943E90} - C:\Program Files\Thunder Network\Thunder\Program\repairimage.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPTV\PPLive.exe
O9 - Extra 'Tools' menuitem: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPTV\PPLive.exe
O9 - Extra button: Ð¡ÓÎÏ· - {998A88A0-A355-809B-831C-B83A80000991} - http://www.ugege.com/ (file missing)
O9 - Extra 'Tools' menuitem: Ð¡ÓÎÏ· - {998A88A0-A355-809B-831C-B83A80000991} - http://www.ugege.com/ (file missing)
O9 - Extra button: Æô¶¯UUSee ÍøÂçµçÊÓ - {998A88A0-A355-809B-831C-B83A80000992} - C:\Program Files\uusee\UUSeePlayer.exe
O9 - Extra 'Tools' menuitem: Æô¶¯UUSee ÍøÂçµçÊÓ - {998A88A0-A355-809B-831C-B83A80000992} - C:\Program Files\uusee\UUSeePlayer.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AA2A7C06-0B16-40F4-8A8D-A55C9FC2FE40}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Authentec memory manager service (Authentec memory manager) - AuthenTec Inc. - C:\Windows\system32\TAMSvr.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: lxcr_device - - C:\Windows\system32\lxcrcoms.exe
O23 - Service: Autodesk Moldflow Inventor Tool Suite Integration 2011 Job Manager (mitsijm2011) - Unknown owner - C:\Program Files\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - c:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Windows Presentation Foundation Font Cache 4.0.0.0 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (file missing)
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
O23 - Service: XLDoctor Services - ShenZhen Xunlei Networking Technologies,LTD - C:\Program Files\Thunder Network\Thunder\Program\DctSer.exe
O24 - Desktop Component 0: (no name) - (no file)

--
End of file - 13029 bytes

Pages: [1]

TheTechGuide Forum

News:

Show Posts

Messages - zzzim

Tech Clinic / Computer Hang All of a suddent

Tech Clinic / Computer Hang All of a suddent

Tech Clinic / Computer Hang All of a suddent

Tech Clinic / Computer Hang All of a suddent

Tech Clinic / Computer Hang All of a suddent

Tech Clinic / msn messenger

Tech Clinic / msn messenger

Tech Clinic / msn messenger

Tech Clinic / msn messenger

Tech Clinic / msn messenger

Tech Clinic / msn messenger