[Resolvido!] desktop limpo

LSkyWalker · Abril 1, 2010

bom dia!

Ao ligar o meu pc, ele entra direto no explorer, e meu desktop so mostra o meu papel de parede!

Pesquisei e achei varias coisas sobre esse erro, mas achei melhor pedir ajuda a vcs.

Muito obrigado!

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 15:35:50, on 2010/04/01

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\windows\System32\smss.exe

C:\windows\system32\winlogon.exe

C:\windows\system32\services.exe

C:\windows\system32\lsass.exe

C:\windows\system32\nvsvc32.exe

C:\windows\system32\svchost.exe

C:\windows\System32\svchost.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\windows\system32\spoolsv.exe

C:\WINDOWS\system32\CTsvcCDA.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Google\Update\GoogleUpdate.exe

C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\windows\system32\sdra64.exe

C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

C:\windows\system32\svchost.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

C:\windows\system32\ctfmon.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\hijack\HiJackThis.exe

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\windows\system32\sdra64.exe,

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe"

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

O4 - HKLM\..\Run: [updatePPShortCut] "C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerProducer" update "Software\CyberLink\PowerProducer\5.0"

O4 - HKLM\..\Run: [updatePSTShortCut] "C:\Program Files\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Blu-ray Disc Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM\..\Run: [iTSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe

O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Bluetooth Manager.lnk = ?

O4 - Global Startup: McAfee Security Scan.lnk = ?

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O15 - ESC Trusted Zone: http://*.update.microsoft.com

O16 - DPF: {0172828C-CB7D-4C10-AF96-0ED9B52DCFDC} (GameOnG2GCtrl Class) - http://update.g2gcdn.com/g2g/g2gdownloader/GameOnG2G.cab

O16 - DPF: {0725D9DE-4CB8-4BC3-8219-3E74C0D544F7} (DMM Downloader) - http://sample3.dmm.co.jp/downloader5/DMMDownloader.cab

O16 - DPF: {134DD8EF-7716-4538-A430-EFEB7517E6E7} (StWbJpn Control) - http://sting.gamecom.jp/GameAuth/Launcher100218.cab

O16 - DPF: {1D17175E-48B7-40EC-BEC2-E91C80A89237} (GamehiSpecCheck Control) - http://cp-tekki.gameyarou.jp/_include/_common/Cab/GamehiSpecCheck.cab

O16 - DPF: {1DC420F0-D89A-40D0-B5CC-92B9AD19A1AC} (HGPluginJP28 Class) - http://down.hangame.co.jp/jp/dist/hgstart/HGPluginJP28.cab

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab

O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlcdnet.asus.com/pub/ASUS/misc/dlm-activex-2.2.5.0.cab

O16 - DPF: {5082D9B5-5538-4C50-BDB1-C5F44BFB98CC} (HgRunPub Class) - http://www.hangame.co.jp/publish/HgRunPub.cab

O16 - DPF: {7216BF69-1FB3-438C-9A51-9DA82B676BC0} (ArarioGameStarter6 Class) - http://crossfire.arario.jp/activeX/AraGameStarterW6.cab

O16 - DPF: {7602172A-95A0-407E-9D03-783803BD6E21} (PubPlugin Class) - http://down.hangame.co.jp/jp/purple/launcher/PubPlugin.cab

O16 - DPF: {8C2E6E01-D1F6-4A94-B314-7C5DF4EE1853} (SpecAnalyzer Class) - http://down.hangame.co.jp/jp/dist/hgstart/HGReport.cab

O16 - DPF: {9BEEA7FF-FF76-403C-B124-86D9835435F0} (GameChu Login Control) - https://file.eafifaonline.jp/dl/download/sessionctrl.cab

O16 - DPF: {BBA1ABFD-C9A1-41E8-959A-161F17E145D4} (G2GDownloader Class) - http://update.g2gcdn.com/g2g/g2gdownloader/G2GDownloader.cab

O16 - DPF: {D6855164-25C2-40D2-BA39-D8A57FF0B49C} (RedbananaVistaPlay Class) - http://cp-tekki.gameyarou.jp/_include/_common/cab/RedbananaAutoPlay.cab

O16 - DPF: {E2729F99-A050-4F4D-AE9F-7492C5532F49} (HgTAgent2 Extension Class) - http://down.hangame.co.jp/jp/dist/hgtagent2/hgtagent2.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15108/CTPID.cab

O16 - DPF: {F8160836-0C11-4CA4-AD87-944542C7BCBD} (PubPlugin Class) - http://down.hangame.co.jp/jp/purple/launcher/PubPlugin.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe

O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe

O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe

O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\windows\system32\GameMon.des.exe (file missing)

O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe

O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--

End of file - 11480 bytes

DigRam · Abril 1, 2010

Bom Dia! LSkyWalke

<@> Baixe: < >

<@> < Link - 2 >

<@> < Link - 3 >

<@> Atualize o programa!

<@> Escolha o escaneamento Completo!

<@> Desabilite programas de proteção,ao executar o malwarebytes.

<@> Ps: Para determinadas infecções,a ferramenta pedirá reboot. <-- Confirme!

<@> Procure enviar os ítens detectados para a quarentena,clicando em Remover itens.

<@> Para maiores detalhes: < Link >

<@> Poste: mbam-log-2010-xx-xx (00-00-00).txt

00000000000000000000000

<@> Baixe: < > ( ...by OldTimer Tools )

<@> Salve-o no desktop!

<@> Segundo a imagem,mude a opção em "Output" para "Minimal Output".

<@> Duplo-clique em OTL.exe --> Marque a opção "Scan All Users".

<@> Marque as caixas:

<!> [] LOP check e [] Purity check

<@> Clique em: < > --> Aguarde!

<@> Poste:

<1> OTL.txt <--

<2> Extra.txt <--

Abraços!

LSkyWalker · Abril 1, 2010

nossa volto ao normal na hora!! :joia:

muito obrigado!!!

so q n consigo achar o log do malwarebytes, tento acessar o log pelo programa mas da erro ao tentar entrar.

mas tai o "OTL" e o "estra".

OTL logfile created on: 2010/04/01 23:13:49 - Run 1

OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\Lucas\Desktop

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000411 | Country: Japan | Language: JPN | Date Format: yyyy/MM/dd

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 77.00% Memory free

5.00 Gb Paging File | 4.00 Gb Available in Paging File | 88.00% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files

Drive C: | 244.14 Gb Total Space | 198.55 Gb Free Space | 81.32% Space Free | Partition Type: NTFS

Drive D: | 931.51 Gb Total Space | 274.85 Gb Free Space | 29.51% Space Free | Partition Type: NTFS

Drive E: | 221.62 Gb Total Space | 95.62 Gb Free Space | 43.15% Space Free | Partition Type: NTFS

Drive F: | 2.09 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

G: Drive not present or media not loaded

Drive H: | 0.00 Mb Total Space | 219.36 Mb Free Space | 44.62% Space Free | Partition Type: FAT

Drive I: | 1.89 Gb Total Space | 0.34 Gb Free Space | 17.78% Space Free | Partition Type: FAT

Computer Name: HIRAOKA-PC

Current User Name: Lucas

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Lucas\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe (Google Inc.)

PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)

PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)

PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)

PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)

PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)

PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)

PRC - C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe (McAfee, Inc.)

PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

PRC - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)

PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)

PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)

PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe (TOSHIBA CORPORATION.)

PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe (TOSHIBA CORPORATION.)

PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe (TOSHIBA CORPORATION.)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)

PRC - C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe ()

PRC - C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)

PRC - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe ()

PRC - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe (NVIDIA Corporation)

PRC - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe (NVIDIA Corporation)

PRC - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe (Apache Software Foundation)

========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Lucas\Desktop\OTL.exe (OldTimer Tools)

MOD - C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll (ALWIL Software)

MOD - C:\WINDOWS\system32\imjp81k.dll (Microsoft Corporation)

MOD - C:\WINDOWS\ime\IMJP8_1\imjpcic.dll (Microsoft Corporation)

MOD - C:\WINDOWS\system32\imjp81.ime (Microsoft Corporation)

MOD - C:\WINDOWS\ime\IMJP8_1\DICTS\imjpcd.dic (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (npggsvc) -- C:\windows\System32\GameMon.des (INCA Internet Co., Ltd.)

SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)

SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)

SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)

SRV - (aswUpdSv) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)

SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)

SRV - (ASKUpgrade) -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe ()

SRV - (TOSHIBA Bluetooth Service) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)

SRV - (StarWindServiceAE) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)

SRV - (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe ()

SRV - (nSvcIp) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe (NVIDIA Corporation)

SRV - (nSvcLog) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe (NVIDIA Corporation)

SRV - (ForcewareWebInterface) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe (Apache Software Foundation)

========== Driver Services (SafeList) ==========

DRV - (sptd) -- C:\windows\System32\Drivers\sptd.sys ()

DRV - (aswMon2) -- C:\WINDOWS\system32\drivers\aswmon2.sys (ALWIL Software)

DRV - (aswSP) -- C:\WINDOWS\system32\drivers\aswSP.sys (ALWIL Software)

DRV - (aswFsBlk) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys (ALWIL Software)

DRV - (aswTdi) -- C:\WINDOWS\system32\drivers\aswTdi.sys (ALWIL Software)

DRV - (aswRdr) -- C:\WINDOWS\system32\drivers\aswRdr.sys (ALWIL Software)

DRV - (Aavmker4) -- C:\WINDOWS\system32\drivers\aavmker4.sys (ALWIL Software)

DRV - (tosrfnds) -- C:\WINDOWS\system32\drivers\tosrfnds.sys (TOSHIBA Corporation.)

DRV - (Tosrfusb) -- C:\WINDOWS\system32\drivers\tosrfusb.sys (TOSHIBA CORPORATION)

DRV - (Tosrfhid) -- C:\WINDOWS\system32\drivers\Tosrfhid.sys (TOSHIBA Corporation.)

DRV - (TosRfSnd) -- C:\WINDOWS\system32\drivers\TosRfSnd.sys (TOSHIBA Corporation)

DRV - (tosrfbnp) -- C:\WINDOWS\system32\drivers\tosrfbnp.sys (TOSHIBA Corporation)

DRV - ({B154377D-700F-42cc-9474-23858FBDF4BD}) -- C:\Program Files\CyberLink\PowerDVD9\000.fcl (CyberLink Corp.)

DRV - (Tosrfcom) -- C:\WINDOWS\system32\drivers\tosrfcom.sys (TOSHIBA Corporation)

DRV - (CLBUDFR) -- C:\WINDOWS\system32\drivers\CLBUDFR.sys (CyberLink Corporation.)

DRV - (CLBStor) -- C:\WINDOWS\system32\drivers\CLBStor.sys (Cyberlink Co.,Ltd.)

DRV - ({95808DC4-FA4A-4C74-92FE-5B863F82066B}) -- C:\Program Files\CyberLink\PowerDVD\000.fcl (Cyberlink Corp.)

DRV - (tosrfbd) -- C:\WINDOWS\system32\drivers\tosrfbd.sys (TOSHIBA CORPORATION)

DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows ® Server 2003 DDK provider)

DRV - (tosporte) -- C:\WINDOWS\system32\drivers\tosporte.sys (TOSHIBA Corporation)

DRV - (P17) -- C:\WINDOWS\system32\drivers\P17.sys (Creative Technology Ltd.)

DRV - (AmdLLD) -- C:\WINDOWS\system32\drivers\AmdLLD.sys (AMD, Inc.)

DRV - (TBPanel) -- C:\WINDOWS\system32\drivers\TBPanel.sys (Windows ® 2000 DDK provider)

DRV - (Cardex) -- C:\WINDOWS\system32\drivers\TBPanel.sys (Windows ® 2000 DDK provider)

DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)

DRV - (ADIHdAudAddService) -- C:\WINDOWS\system32\drivers\ADIHdAud.sys (Analog Devices, Inc.)

DRV - (AsIO) -- C:\WINDOWS\system32\drivers\AsIO.sys ()

DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)

DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)

DRV - (NVTCP) -- C:\WINDOWS\system32\drivers\nvtcp.sys (NVIDIA Corporation)

DRV - (nvata) -- C:\windows\system32\DRIVERS\nvata.sys (NVIDIA Corporation)

DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)

DRV - (SenFiltService) -- C:\WINDOWS\system32\drivers\senfilt.sys (Sensaura)

DRV - (SI3132) -- C:\windows\system32\DRIVERS\SI3132.sys (Silicon Image, Inc.)

DRV - (ossrv) -- C:\WINDOWS\system32\drivers\ctoss2k.sys (Creative Technology Ltd.)

DRV - (ctsfm2k) -- C:\WINDOWS\system32\drivers\ctsfm2k.sys (Creative Technology Ltd)

DRV - (SiFilter) -- C:\windows\system32\DRIVERS\SiWinAcc.sys (Silicon Image, Inc.)

DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ASACPI.sys ()

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2025429265-1078145449-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

IE - HKU\S-1-5-21-2025429265-1078145449-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKU\S-1-5-21-2025429265-1078145449-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKU\S-1-5-21-2025429265-1078145449-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[2009/07/27 07:50:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucas\Application Data\Mozilla\Firefox\extensions

[2009/07/27 07:50:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lucas\Application Data\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}

O1 HOSTS File: ([2008/04/14 21:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)

O3 - HKU\S-1-5-21-2025429265-1078145449-1801674531-1003\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKU\S-1-5-21-2025429265-1078145449-1801674531-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O4 - HKLM..\Run: [Ai Nap] C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe ()

O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)

O4 - HKLM..\Run: [bluetoothAuthenticationAgent] C:\windows\System32\bthprops.cpl (Microsoft Corporation)

O4 - HKLM..\Run: [Google Quick Search Box] C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe (Google Inc.)

O4 - HKLM..\Run: [iMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)

O4 - HKLM..\Run: [iTSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)

O4 - HKLM..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)

O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)

O4 - HKLM..\Run: [updateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [updatePPShortCut] C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [updatePSTShortCut] C:\Program Files\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKU\S-1-5-21-2025429265-1078145449-1801674531-1003..\Run: [steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)

O4 - HKU\S-1-5-21-2025429265-1078145449-1801674531-1003..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

O4 - HKU\S-1-5-21-2025429265-1078145449-1801674531-1003..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk = C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan.lnk = C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe (McAfee, Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-2025429265-1078145449-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-2025429265-1078145449-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0

O7 - HKU\S-1-5-21-2025429265-1078145449-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0

O7 - HKU\S-1-5-21-2025429265-1078145449-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0

O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)

O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)

O16 - DPF: {0172828C-CB7D-4C10-AF96-0ED9B52DCFDC} http://update.g2gcdn.com/g2g/g2gdownloader/GameOnG2G.cab (GameOnG2GCtrl Class)

O16 - DPF: {0725D9DE-4CB8-4BC3-8219-3E74C0D544F7} http://sample3.dmm.co.jp/downloader5/DMMDownloader.cab (DMM Downloader)

O16 - DPF: {134DD8EF-7716-4538-A430-EFEB7517E6E7} http://sting.gamecom.jp/GameAuth/Launcher100218.cab (StWbJpn Control)

O16 - DPF: {1D17175E-48B7-40EC-BEC2-E91C80A89237} http://cp-tekki.gameyarou.jp/_include/_common/Cab/GamehiSpecCheck.cab (GamehiSpecCheck Control)

O16 - DPF: {1DC420F0-D89A-40D0-B5CC-92B9AD19A1AC} http://down.hangame.co.jp/jp/dist/hgstart/HGPluginJP28.cab (HGPluginJP28 Class)

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)

O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)

O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlcdnet.asus.com/pub/ASUS/misc/dlm-activex-2.2.5.0.cab (DLM Control)

O16 - DPF: {5082D9B5-5538-4C50-BDB1-C5F44BFB98CC} http://www.hangame.co.jp/publish/HgRunPub.cab (HgRunPub Class)

O16 - DPF: {7216BF69-1FB3-438C-9A51-9DA82B676BC0} http://crossfire.arario.jp/activeX/AraGameStarterW6.cab (ArarioGameStarter6 Class)

O16 - DPF: {7602172A-95A0-407E-9D03-783803BD6E21} http://down.hangame.co.jp/jp/purple/launcher/PubPlugin.cab (PubPlugin Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {8C2E6E01-D1F6-4A94-B314-7C5DF4EE1853} http://down.hangame.co.jp/jp/dist/hgstart/HGReport.cab (SpecAnalyzer Class)

O16 - DPF: {9BEEA7FF-FF76-403C-B124-86D9835435F0} https://file.eafifaonline.jp/dl/download/sessionctrl.cab (GameChu Login Control)

O16 - DPF: {BBA1ABFD-C9A1-41E8-959A-161F17E145D4} http://update.g2gcdn.com/g2g/g2gdownloader/G2GDownloader.cab (G2GDownloader Class)

O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {D6855164-25C2-40D2-BA39-D8A57FF0B49C} http://cp-tekki.gameyarou.jp/_include/_common/cab/RedbananaAutoPlay.cab (RedbananaVistaPlay Class)

O16 - DPF: {E2729F99-A050-4F4D-AE9F-7492C5532F49} http://down.hangame.co.jp/jp/dist/hgtagent2/hgtagent2.cab (HgTAgent2 Extension Class)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15108/CTPID.cab (Creative Software AutoUpdate Support Package)

O16 - DPF: {F8160836-0C11-4CA4-AD87-944542C7BCBD} http://down.hangame.co.jp/jp/purple/launcher/PubPlugin.cab (PubPlugin Class)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.11.1

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Documents and Settings\Lucas\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Lucas\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/05/10 20:01:08 | 000,000,054 | R--- | M] () - F:\Autorun.inf -- [ CDFS ]

O33 - MountPoints2\{35ad2ddb-7a33-11de-bed4-806d6172696f}\Shell - "" = AutoRun

O33 - MountPoints2\{35ad2ddb-7a33-11de-bed4-806d6172696f}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{35ad2ddb-7a33-11de-bed4-806d6172696f}\Shell\AutoRun\command - "" = F:\.\Bin\Assetup.exe -- [2006/09/22 20:45:00 | 000,147,456 | R--- | M] ()

O33 - MountPoints2\{3e46d5ea-79f7-11de-bf80-806d6172696f}\Shell - "" = AutoRun

O33 - MountPoints2\{3e46d5ea-79f7-11de-bf80-806d6172696f}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{3e46d5ea-79f7-11de-bf80-806d6172696f}\Shell\AutoRun\command - "" = F:\.\Bin\Assetup.exe -- [2006/09/22 20:45:00 | 000,147,456 | R--- | M] ()

O33 - MountPoints2\F\Shell - "" = AutoRun

O33 - MountPoints2\F\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\.\Bin\Assetup.exe -- [2006/09/22 20:45:00 | 000,147,456 | R--- | M] ()

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/04/01 23:12:32 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Lucas\Desktop\OTL.exe

[2010/04/01 23:11:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google

[2010/04/01 23:10:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes

[2010/04/01 23:10:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft

[2010/04/01 23:10:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan

[2010/04/01 22:21:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lucas\Application Data\Malwarebytes

[2010/04/01 22:21:38 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys

[2010/04/01 22:21:37 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys

[2010/04/01 22:21:37 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2010/04/01 15:35:26 | 000,000,000 | ---D | C] -- C:\hijack

[2010/04/01 12:44:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\nView_Profiles

[2010/03/30 20:19:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype

[2010/03/29 19:19:13 | 000,000,000 | ---D | C] -- C:\Program Files\Siena the Queen

[2010/03/28 23:51:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lucas\My Documents\CFSystem

[2010/03/28 23:50:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lucas\Application Data\Arario

[2010/03/28 23:47:37 | 000,000,000 | ---D | C] -- C:\Program Files\Arario

[2010/03/28 09:53:47 | 000,000,000 | ---D | C] -- C:\Program Files\OGPlanet

[2010/03/26 22:52:35 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar

[2010/03/26 22:52:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lucas\Application Data\DAEMON Tools Lite

[2010/03/26 21:45:53 | 000,000,000 | ---D | C] -- C:\windows\B83FC356B7C0441F8A4DD71E088E7974.TMP

[2010/03/25 18:39:20 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\windows\System32\drivers\SBREDrv.sys

[2010/03/18 12:35:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment

[2010/03/18 12:13:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lucas\Application Data\ヤブサメ

[2010/03/17 17:52:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lucas\Application Data\Thinstall

[2010/03/09 20:42:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lucas\Local Settings\Application Data\CoreEdge

[2010/03/09 20:41:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lucas\Local Settings\Application Data\Downloaded Installations

[2010/03/09 02:22:13 | 000,000,000 | ---D | C] -- C:\Program Files\Silver

[2010/03/09 02:22:04 | 000,304,128 | ---- | C] (InstallShield Software Corporation) -- C:\windows\IsUninst.exe

[2010/03/09 02:22:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lucas\WINDOWS

[2010/03/07 10:13:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lucas\Application Data\Ubisoft

[2010/03/07 10:13:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ubisoft

[2010/03/07 09:54:26 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft

[2010/03/06 00:18:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Real

[2010/03/05 10:43:17 | 000,000,000 | -H-D | C] -- C:\windows\PIF

[2010/02/05 18:44:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google

[2010/02/05 18:39:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google

[2009/08/27 17:45:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple

[2009/07/29 15:56:16 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Lucas\Application Data\pcouffin.sys

[2009/07/26 23:55:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft

[2009/07/26 23:55:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft

[2009/07/26 23:52:45 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft

[2009/07/26 23:52:45 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft

[2003/06/25 10:31:10 | 000,019,456 | ---- | C] ( ) -- C:\windows\System32\cook3260.dll

[4 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

[2 C:\Documents and Settings\Lucas\My Documents\*.tmp files -> C:\Documents and Settings\Lucas\My Documents\*.tmp -> ]

[1 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/04/01 23:15:00 | 000,000,422 | -H-- | M] () -- C:\windows\tasks\User_Feed_Synchronization-{03C27DEC-8CCD-4BC9-B350-2A61B9AA147B}.job

[2010/04/01 23:12:34 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lucas\Desktop\OTL.exe

[2010/04/01 23:10:14 | 000,001,028 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job

[2010/04/01 23:10:14 | 000,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT

[2010/04/01 23:10:10 | 000,002,048 | --S- | M] () -- C:\windows\bootstat.dat

[2010/04/01 23:09:00 | 007,077,888 | -H-- | M] () -- C:\Documents and Settings\Lucas\NTUSER.DAT

[2010/04/01 23:09:00 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Lucas\ntuser.ini

[2010/04/01 23:08:54 | 005,854,788 | -H-- | M] () -- C:\Documents and Settings\Lucas\Local Settings\Application Data\IconCache.db

[2010/04/01 22:30:18 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\Lucas\Desktop\Skype.lnk

[2010/04/01 22:29:00 | 000,001,032 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job

[2010/04/01 22:21:41 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2010/04/01 17:45:00 | 000,000,284 | ---- | M] () -- C:\windows\tasks\AppleSoftwareUpdate.job

[2010/04/01 12:44:49 | 000,093,460 | ---- | M] () -- C:\windows\System32\NvApps.xml

[2010/04/01 03:34:18 | 000,002,206 | ---- | M] () -- C:\windows\System32\wpa.dbl

[2010/04/01 03:03:15 | 000,059,392 | ---- | M] () -- C:\Documents and Settings\Lucas\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/03/31 17:03:34 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk

[2010/03/30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys

[2010/03/30 00:45:52 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys

[2010/03/29 23:22:00 | 000,000,472 | ---- | M] () -- C:\windows\tasks\Ad-Aware Update (Weekly).job

[2010/03/29 20:38:09 | 000,000,824 | ---- | M] () -- C:\Documents and Settings\Lucas\Desktop\Shortcut to CabalMain.lnk

[2010/03/29 20:25:15 | 000,000,796 | ---- | M] () -- C:\Documents and Settings\Lucas\Desktop\BS.Player PRO.lnk

[2010/03/29 20:14:26 | 000,000,241 | ---- | M] () -- C:\Documents and Settings\Lucas\Application Data\default.rss

[2010/03/29 20:14:14 | 000,000,069 | ---- | M] () -- C:\windows\NeroDigital.ini

[2010/03/28 23:49:09 | 000,000,817 | ---- | M] () -- C:\Documents and Settings\Lucas\Desktop\クロスファイア.lnk

[2010/03/27 09:28:55 | 000,000,033 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\{081230F8-EA50-42A9-983C-D22ABC2EED3B}.ini

[2010/03/26 23:33:25 | 000,000,064 | ---- | M] () -- C:\windows\System32\rp_stats.dat

[2010/03/26 23:33:25 | 000,000,044 | ---- | M] () -- C:\windows\System32\rp_rules.dat

[2010/03/26 22:52:22 | 000,691,696 | ---- | M] () -- C:\windows\System32\drivers\sptd.sys

[2010/03/25 18:39:15 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\windows\System32\drivers\SBREDrv.sys

[2010/03/25 01:27:08 | 000,001,499 | ---- | M] () -- C:\Documents and Settings\Lucas\My Documents\mus.m3u

[2010/03/23 18:31:38 | 000,000,073 | ---- | M] () -- C:\windows\cdplayer.ini

[2010/03/23 18:28:10 | 000,001,074 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\ss.ini

[2010/03/18 19:14:24 | 000,033,813 | ---- | M] () -- C:\windows\Ascd_tmp.ini

[2010/03/18 14:54:36 | 000,031,744 | ---- | M] () -- C:\Documents and Settings\Lucas\My Documents\職務経歴書.doc

[2010/03/18 08:56:09 | 000,000,234 | ---- | M] () -- C:\windows\wininit.ini

[2010/03/11 22:12:29 | 000,196,960 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT

[2010/03/11 21:18:33 | 000,045,320 | ---- | M] () -- C:\Documents and Settings\Lucas\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

[2010/03/11 03:02:01 | 000,001,374 | ---- | M] () -- C:\windows\imsins.BAK

[2010/03/09 02:35:53 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\Lucas\Desktop\Silver.lnk

[4 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

[2 C:\Documents and Settings\Lucas\My Documents\*.tmp files -> C:\Documents and Settings\Lucas\My Documents\*.tmp -> ]

[1 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/04/01 22:21:41 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2010/03/29 20:38:09 | 000,000,824 | ---- | C] () -- C:\Documents and Settings\Lucas\Desktop\Shortcut to CabalMain.lnk

[2010/03/28 23:49:09 | 000,000,817 | ---- | C] () -- C:\Documents and Settings\Lucas\Desktop\クロスファイア.lnk

[2010/03/27 09:28:55 | 000,000,033 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\{081230F8-EA50-42A9-983C-D22ABC2EED3B}.ini

[2010/03/26 22:55:31 | 000,000,064 | ---- | C] () -- C:\windows\System32\rp_stats.dat

[2010/03/26 22:55:31 | 000,000,044 | ---- | C] () -- C:\windows\System32\rp_rules.dat

[2010/03/25 18:40:23 | 000,000,472 | ---- | C] () -- C:\windows\tasks\Ad-Aware Update (Weekly).job

[2010/03/25 01:27:08 | 000,001,499 | ---- | C] () -- C:\Documents and Settings\Lucas\My Documents\mus.m3u

[2010/03/23 18:31:23 | 000,000,073 | ---- | C] () -- C:\windows\cdplayer.ini

[2010/03/23 18:28:10 | 000,001,074 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ss.ini

[2010/03/18 19:14:23 | 000,033,813 | ---- | C] () -- C:\windows\Ascd_tmp.ini

[2010/03/18 11:20:28 | 000,031,744 | ---- | C] () -- C:\Documents and Settings\Lucas\My Documents\職務経歴書.doc

[2010/03/18 00:58:32 | 000,000,234 | ---- | C] () -- C:\windows\wininit.ini

[2010/03/09 02:35:53 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\Lucas\Desktop\Silver.lnk

[2010/02/15 01:51:47 | 000,000,121 | ---- | C] () -- C:\windows\SeraphInstall.INI

[2009/09/15 02:22:07 | 000,102,832 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat

[2009/09/13 20:31:05 | 000,000,361 | ---- | C] () -- C:\windows\lgfwup.ini

[2009/09/03 15:16:40 | 000,000,558 | ---- | C] () -- C:\windows\DFC.INI

[2009/09/03 08:52:31 | 001,662,976 | ---- | C] () -- C:\windows\System32\nvwdmcpl.dll

[2009/09/03 08:52:31 | 001,019,904 | ---- | C] () -- C:\windows\System32\nvwimg.dll

[2009/09/03 08:52:30 | 001,470,464 | ---- | C] () -- C:\windows\System32\nview.dll

[2009/09/03 08:52:30 | 000,581,632 | ---- | C] () -- C:\windows\System32\nvhwvid.dll

[2009/09/03 08:52:30 | 000,466,944 | ---- | C] () -- C:\windows\System32\nvshell.dll

[2009/09/03 08:52:30 | 000,286,720 | ---- | C] () -- C:\windows\System32\nvnt4cpl.dll

[2009/08/20 22:59:59 | 000,000,241 | ---- | C] () -- C:\Documents and Settings\Lucas\Application Data\default.rss

[2009/08/06 16:29:18 | 000,000,025 | ---- | C] () -- C:\windows\CDE PXA640.ini

[2009/08/03 00:21:54 | 000,197,912 | ---- | C] () -- C:\windows\System32\physxcudart_20.dll

[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\windows\System32\AgCPanelTraditionalChinese.dll

[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\windows\System32\AgCPanelSwedish.dll

[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\windows\System32\AgCPanelSpanish.dll

[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\windows\System32\AgCPanelSimplifiedChinese.dll

[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\windows\System32\AgCPanelPortugese.dll

[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\windows\System32\AgCPanelKorean.dll

[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\windows\System32\AgCPanelJapanese.dll

[2009/08/03 00:21:52 | 000,058,648 | ---- | C] () -- C:\windows\System32\AgCPanelGerman.dll

[2009/08/03 00:21:52 | 000,058,648 | ---- | C] () -- C:\windows\System32\AgCPanelFrench.dll

[2009/07/29 19:04:47 | 000,005,112 | ---- | C] () -- C:\windows\version.ini

[2009/07/29 15:56:22 | 000,000,014 | ---- | C] () -- C:\windows\System32\systeminfo3.dll

[2009/07/29 15:56:19 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\Lucas\Application Data\pcouffin.log

[2009/07/29 15:56:16 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Lucas\Application Data\inst.exe

[2009/07/29 15:56:16 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Lucas\Application Data\pcouffin.cat

[2009/07/29 15:56:16 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Lucas\Application Data\pcouffin.inf

[2009/07/29 09:01:02 | 000,005,194 | ---- | C] () -- C:\windows\System32\Setup2k.ini

[2009/07/29 09:01:02 | 000,000,197 | ---- | C] () -- C:\windows\System32\presetup.ini

[2009/07/27 22:47:41 | 000,691,696 | ---- | C] () -- C:\windows\System32\drivers\sptd.sys

[2009/07/27 21:38:28 | 000,059,392 | ---- | C] () -- C:\Documents and Settings\Lucas\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/07/27 20:07:13 | 000,000,069 | ---- | C] () -- C:\windows\NeroDigital.ini

[2009/07/27 18:35:28 | 000,004,767 | ---- | C] () -- C:\windows\Irremote.ini

[2009/07/27 00:39:56 | 000,212,992 | ---- | C] () -- C:\windows\System32\nvapi.dll

[2009/07/27 00:28:38 | 000,003,628 | ---- | C] () -- C:\windows\System32\AudioDrv.ini

[2009/07/27 00:28:06 | 000,005,663 | ---- | C] () -- C:\windows\System32\ludap17.ini

[2009/07/27 00:28:06 | 000,000,072 | ---- | C] () -- C:\windows\System32\ctzapxx.ini

[2009/07/27 00:23:27 | 000,024,576 | ---- | C] () -- C:\windows\System32\AsIO.dll

[2009/07/27 00:23:27 | 000,012,664 | ---- | C] () -- C:\windows\System32\drivers\AsIO.sys

[2009/07/27 00:23:26 | 000,012,096 | ---- | C] () -- C:\windows\System32\drivers\AsInsHelp64.sys

[2009/07/27 00:23:26 | 000,010,304 | ---- | C] () -- C:\windows\System32\drivers\AsInsHelp32.sys

[2009/07/26 23:59:55 | 000,000,962 | ---- | C] () -- C:\windows\System32\AsusSetup.ini

[2009/07/26 23:59:55 | 000,000,403 | ---- | C] () -- C:\windows\System32\raidmgmt.ini

[2009/07/26 23:57:53 | 000,034,186 | ---- | C] () -- C:\windows\Ascd_log.ini

[2009/07/26 23:57:32 | 000,005,810 | ---- | C] () -- C:\windows\System32\drivers\ASACPI.sys

[2009/07/26 23:57:16 | 000,010,288 | ---- | C] () -- C:\windows\System32\drivers\ASUSHWIO.SYS

[2007/12/28 17:32:14 | 000,065,536 | ---- | C] () -- C:\windows\System32\P17.dll

[2003/10/02 19:48:18 | 000,053,248 | ---- | C] () -- C:\windows\System32\P17CPI.dll

========== LOP Check ==========

[2010/02/07 02:18:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TOSHIBA

[2010/03/07 10:13:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft

[2009/10/11 10:37:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\TOSHIBA

[2010/03/28 23:50:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucas\Application Data\Arario

[2010/02/15 01:51:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucas\Application Data\BDL+D

[2009/09/10 00:41:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucas\Application Data\Beelzebub

[2010/03/29 20:27:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucas\Application Data\BSplayer PRO

[2010/03/26 23:26:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucas\Application Data\DAEMON Tools Lite

[2010/04/01 23:07:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucas\Application Data\Desktopicon

[2009/08/09 23:47:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucas\Application Data\DooGA Co.,Ltd

[2009/11/07 10:13:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucas\Application Data\Flood Light Games

[2010/03/08 00:26:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Lucas\Application Data\Hangame

[2010/02/28 22:56:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucas\Application Data\HgTAgent

[2009/09/14 22:23:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucas\Application Data\ImgBurn

[2009/08/16 22:53:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucas\Application Data\SEGA

[2010/03/17 17:52:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucas\Application Data\Thinstall

[2009/10/11 18:28:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucas\Application Data\TOSHIBA

[2010/03/07 10:13:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucas\Application Data\Ubisoft

[2010/04/01 23:11:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucas\Application Data\uTorrent

[2009/07/29 15:56:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucas\Application Data\Vso

[2010/03/18 12:13:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lucas\Application Data\ヤブサメ

[2009/10/11 10:37:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lucas2\Application Data\TOSHIBA

[2010/03/29 23:22:00 | 000,000,472 | ---- | M] () -- C:\windows\Tasks\Ad-Aware Update (Weekly).job

[2010/04/01 23:15:00 | 000,000,422 | -H-- | M] () -- C:\windows\Tasks\User_Feed_Synchronization-{03C27DEC-8CCD-4BC9-B350-2A61B9AA147B}.job

========== Purity Check ==========

< End of report >

OTL Extras logfile created on: 2010/04/01 23:14:01 - Run 1