1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

RunDLL error"The specified module could not be found."

Discussion in 'Virus & Other Malware Removal' started by Xdflames, Aug 22, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. Xdflames

    Xdflames Thread Starter

    Joined:
    Aug 22, 2011
    Messages:
    18
    Hello, first post and was hoping you guys could help me out here.
    I have been having this error for quite a while now, I suppose it happened because of me deleting something I wasn't supposed to on accident.

    On start-up I get the error message titled RunDLL that says:

    There was a problem starting
    c:\Users\---\AppData\Roaming\atvshgtm.dll

    The specified module could not be found.

    Running Windows 7 64 bit. Any help is appreciated.

    Edit: Just to point out, there is only an "OK" option afterwards, which I can click and it will run fine. The first time it popped up I looked around and couldn't find anything, then afterwards I ended up ignoring it for a while.
     
  2. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,047
    Please click HERE to download and install HijackThis.

    Run it and select Do a system scan and save a logfile from the Main Menu.

    The log will be saved in Notepad. Copy and paste the log in your next reply.

    IMPORTANT: Do not "Fix" anything


    If Windows is denying access to the Hosts file, disable the UAC and run HijackThis again.
     
  3. Xdflames

    Xdflames Thread Starter

    Joined:
    Aug 22, 2011
    Messages:
    18
    Here it is.
    ----------------------------------

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 4:55:22 PM, on 8/22/2011
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16800)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
    C:\Program Files (x86)\AlienRespawn\Components\DSUpdate\DSUpd.exe
    C:\Program Files (x86)\AlienRespawn\Components\Scheduler\STService.exe
    C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
    C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files (x86)\Steam\Steam.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
    C:\Program Files (x86)\AlienRespawn\Toaster.exe
    C:\Program Files\Alienware\Command Center\AlienFusionController.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files\Alienware\Command Center\AlienFXHook32Mngr.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alienware.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.alienware.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r
    O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
    O4 - HKLM\..\RunOnce: [Launcher] C:\Program Files (x86)\AlienRespawn\Components\Scheduler\Launcher.exe
    O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
    O4 - HKCU\..\Run: [Windows Explorer] rundll32.exe "C:\Users\Ben\AppData\Roaming\atvshgtm.dll",EntryPoint
    O4 - HKCU\..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - Global Startup: AWMouseCI.lnk = C:\Program Files\Alienware\Alienware TactX Mouse CI\AWMouseCI.exe
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O15 - Trusted Zone: *.clonewarsadventures.com
    O15 - Trusted Zone: *.freerealms.com
    O15 - Trusted Zone: *.soe.com
    O15 - Trusted Zone: *.sony.com
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Alienware Fusion Service (AlienFusionService) - Alienware - C:\Program Files\Alienware\Command Center\AlienFusionService.exe
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    O23 - Service: Broadcom Power monitoring service (BPowMon) - Broadcom Corp. - C:\Program Files\Broadcom\BPowMon\BPowMon.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
    O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: lxeb_device - Unknown owner - C:\Windows\system32\lxebcoms.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\AlienRespawn\sftservice.EXE
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

    --
    End of file - 10374 bytes
     
  4. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,047
    As I suspected, your computer is infected. Please click on Report and kindly ask to be moved to the Virus & Other Malware Removal forum. Be sure to provide the appropriate reports in that forum after reading THIS. From there, be patient. The malware removal experts are very busy! You should get an answer within the next 48 hours.
     
  5. Xdflames

    Xdflames Thread Starter

    Joined:
    Aug 22, 2011
    Messages:
    18
    I do not think my computer is infected, but I will do as you asked.

    Here is the DDS with the Attach attached to the post as asked. Also, this is off-topic, but could you tell me why I have more then one Conhost's running in my processes? It has been doing that ever since I got my computer.
    -------------------------------
    .
    DDS (Ver_2011-06-23.01) - NTFSAMD64
    Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_26
    Run by Ben at 17:17:50 on 2011-08-22
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.6135.4202 [GMT -4:00]
    .
    AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
    SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\atieclxx.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\Alienware\Command Center\AlienFusionService.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    C:\Program Files\Broadcom\BPowMon\BPowMon.exe
    C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
    C:\Windows\system32\lxebcoms.exe
    C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
    C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
    C:\Windows\SysWOW64\PnkBstrA.exe
    C:\Program Files (x86)\AlienRespawn\sftservice.EXE
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\AlienRespawn\Components\DSUpdate\DSUpd.exe
    C:\Program Files (x86)\AlienRespawn\Components\Scheduler\STService.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
    C:\Program Files\Alienware\Command Center\ThermalController.exe
    C:\Program Files\Alienware\Alienware TactX Keyboard CI\txkbci.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files (x86)\Steam\Steam.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files\Alienware\Alienware TactX Mouse CI\AWMouseCI.exe
    c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files (x86)\AlienRespawn\Toaster.exe
    C:\Program Files\Alienware\Command Center\AlienFusionController.exe
    C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Alienware\Command Center\RemotingServiceController.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Alienware\Command Center\DoorController.exe
    C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\Alienware\Command Center\AlienFXHook32Mngr.exe
    C:\Windows\system32\conhost.exe
    C:\Program Files\Alienware\Command Center\AlienFXHook64Mngr.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\SysWOW64\NOTEPAD.EXE
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Windows\system32\wuauclt.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.alienware.com/
    uDefault_Page_URL = hxxp://www.alienware.com/
    uInternet Settings,ProxyOverride = *.local
    mWinlogon: Userinit=userinit.exe
    BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
    uRun: [Windows Explorer] rundll32.exe "C:\Users\Ben\AppData\Roaming\atvshgtm.dll",EntryPoint
    uRun: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
    mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r
    mRun: [UpdReg] C:\Windows\UpdReg.EXE
    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
    mRunOnce: [Launcher] C:\Program Files (x86)\AlienRespawn\Components\Scheduler\Launcher.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AWMOUS~1.LNK - C:\Program Files (x86)\Alienware\Alienware TactX Mouse CI\AWMouseCI.exe
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    Trusted Zone: clonewarsadventures.com
    Trusted Zone: freerealms.com
    Trusted Zone: soe.com
    Trusted Zone: sony.com
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    TCP: Interfaces\{E7968A59-B590-4F57-A315-6D4DE7D3DC45} : DhcpNameServer = 74.128.19.102 74.128.17.114
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
    BHO-X64: 0x1 - No File
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun-x64: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r
    mRun-x64: [UpdReg] C:\Windows\UpdReg.EXE
    mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun-x64: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
    mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun-x64: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
    mRunOnce-x64: [Launcher] C:\Program Files (x86)\AlienRespawn\Components\Scheduler\Launcher.exe
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\achh3cjg.default\
    FF - prefs.js: browser.startup.homepage - www.igoogle.com
    FF - plugin: C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\npesnlaunch.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
    ============= SERVICES / DRIVERS ===============
    .
    R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
    R2 AlienFusionService;Alienware Fusion Service;C:\Program Files\Alienware\Command Center\AlienFusionService.exe [2010-5-4 14648]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
    R2 BPowMon;Broadcom Power monitoring service;C:\Program Files\Broadcom\BPowMon\BPowMon.exe [2009-10-27 117608]
    R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-8-4 2329480]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-12-23 13336]
    R2 lxeb_device;lxeb_device;C:\Windows\system32\lxebcoms.exe -service --> C:\Windows\system32\lxebcoms.exe -service [?]
    R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\AlienRespawn\SftService.exe [2010-12-23 705856]
    R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
    R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
    R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
    R3 AWOPFilterDriver;AWOPFilterDriver;\??\C:\Windows\system32\drivers\AWOPFilterDriver.sys --> C:\Windows\system32\drivers\AWOPFilterDriver.sys [?]
    R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]
    R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
    R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
    R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    .
    =============== Created Last 30 ================
    .
    2011-08-22 20:45:55 388096 ----a-r- C:\Users\Ben\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2011-08-22 20:45:54 -------- d-----w- C:\Program Files (x86)\Trend Micro
    2011-08-22 19:53:38 -------- d-----w- C:\Users\Ben\AppData\Local\{F72284A0-A704-4D6C-84B5-DF7C99C83A75}
    2011-08-22 19:53:27 -------- d-----w- C:\Users\Ben\AppData\Local\{738ADF71-5959-4183-A02E-5C5960FC4C06}
    2011-08-22 02:39:10 -------- d-----w- C:\Users\Ben\AppData\Local\{15B5DDA6-52A8-4A6A-8D0E-FB4FE76A58D8}
    2011-08-22 02:38:37 -------- d-----w- C:\Users\Ben\AppData\Local\{7FDAF9F0-0EE6-449E-821E-DA6FD0FB3BD4}
    2011-08-21 23:40:14 8862544 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6ADBA92E-DF1F-4B2D-9721-43285E4D4288}\mpengine.dll
    2011-08-21 14:38:06 -------- d-----w- C:\Users\Ben\AppData\Local\{634446C5-2CC2-4884-9CCA-0CF275247B7C}
    2011-08-21 14:37:53 -------- d-----w- C:\Users\Ben\AppData\Local\{6C56C878-2B0A-4ED5-A52E-FA3615CF8038}
    2011-08-20 16:08:02 -------- d-----w- C:\Users\Ben\AppData\Local\{27687CD2-61E5-4EEB-AC48-78C0C547C836}
    2011-08-20 16:07:51 -------- d-----w- C:\Users\Ben\AppData\Local\{FA96B01D-52A7-43CA-B1B4-64E2635962D7}
    2011-08-19 20:42:07 -------- d-----w- C:\Users\Ben\AppData\Local\{BFE0C3D4-13EC-426E-85D2-8F231EC0A2E0}
    2011-08-19 20:41:56 -------- d-----w- C:\Users\Ben\AppData\Local\{5B48B9F1-954E-4087-AC2F-440CBE3D4589}
    2011-08-18 20:25:14 -------- d-----w- C:\Users\Ben\AppData\Local\{1A69BC32-4F5F-431A-BD3D-EB683E8F9D37}
    2011-08-18 20:25:02 -------- d-----w- C:\Users\Ben\AppData\Local\{317A8AA8-E9D6-497E-BBB8-BE0F0A6D7A04}
    2011-08-17 20:00:31 -------- d-----w- C:\Users\Ben\AppData\Local\{2B7ACA1D-2368-464E-BA70-DFAF96DD5F95}
    2011-08-17 20:00:18 -------- d-----w- C:\Users\Ben\AppData\Local\{D95B02C9-AC43-4077-BA83-0DE5D817B0CF}
    2011-08-16 17:16:00 -------- d-----w- C:\Users\Ben\AppData\Local\{F8234D12-6263-4A6E-8AA2-CA9DC3F93059}
    2011-08-16 17:15:26 -------- d-----w- C:\Users\Ben\AppData\Local\{C9C2AF20-2E7D-4E30-AB71-F2897C9B84FC}
    2011-08-16 15:27:10 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi
    2011-08-16 05:15:01 -------- d-----w- C:\Users\Ben\AppData\Local\{DB0BD9FE-F9EF-4CEA-A209-5BCA2975C7A6}
    2011-08-16 05:14:27 -------- d-----w- C:\Users\Ben\AppData\Local\{13758CCA-2927-47A8-B067-E3926EC4BB90}
    2011-08-15 17:14:15 -------- d-----w- C:\Users\Ben\AppData\Local\{B708E39F-3195-4C50-8C97-C0018C892E2F}
    2011-08-15 17:13:42 -------- d-----w- C:\Users\Ben\AppData\Local\{4E5099D5-A51A-44E0-80C3-838DC89BEEF6}
    2011-08-15 05:13:17 -------- d-----w- C:\Users\Ben\AppData\Local\{7E0E35B1-B5E1-4902-B00C-933A899AA41F}
    2011-08-15 05:12:45 -------- d-----w- C:\Users\Ben\AppData\Local\{115125E1-78D2-4150-B8A8-B84794DD7C0C}
    2011-08-14 17:12:19 -------- d-----w- C:\Users\Ben\AppData\Local\{35871A5C-5B23-4507-B131-DEB426B65476}
    2011-08-14 17:11:52 -------- d-----w- C:\Users\Ben\AppData\Local\{1D842A12-9949-448A-BD54-3DEF3056D1A3}
    2011-08-13 18:03:09 -------- d-----w- C:\Users\Ben\AppData\Local\{D919D427-0217-4639-9425-F11AEB17890F}
    2011-08-13 18:02:45 -------- d-----w- C:\Users\Ben\AppData\Local\{448DC873-D195-43F5-8F7B-E50B1B17ADB2}
    2011-08-13 05:17:52 -------- d-----w- C:\Users\Ben\AppData\Local\{D49CF5BE-13F5-471C-8262-C392475DD418}
    2011-08-13 05:17:19 -------- d-----w- C:\Users\Ben\AppData\Local\{14F2E2D0-695E-44A6-9BD3-1EBDEFC5AB09}
    2011-08-12 17:16:53 -------- d-----w- C:\Users\Ben\AppData\Local\{EDF1A7FA-2504-4302-90D0-A36E4769C668}
    2011-08-12 17:16:20 -------- d-----w- C:\Users\Ben\AppData\Local\{D2C69EEE-5B82-4B10-A000-8878D5DA9474}
    2011-08-12 05:15:55 -------- d-----w- C:\Users\Ben\AppData\Local\{4005ED97-48C9-4762-81B3-3E07FE69031A}
    2011-08-12 05:15:22 -------- d-----w- C:\Users\Ben\AppData\Local\{A7A2C386-15BB-4C44-AB1A-6F36F2BCF5EA}
    2011-08-11 17:15:09 -------- d-----w- C:\Users\Ben\AppData\Local\{CC10CBC9-F30B-4E34-B363-CFC60A7C308B}
    2011-08-11 17:14:37 -------- d-----w- C:\Users\Ben\AppData\Local\{4BE2F749-3C89-4F05-911B-7D96DE313807}
    2011-08-11 16:22:15 601424 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DAD5597A-FF17-4568-B9BD-CB37A90EE054}\gapaengine.dll
    2011-08-11 05:14:12 -------- d-----w- C:\Users\Ben\AppData\Local\{72997A44-F610-48B3-ACBC-C328D56C7BA2}
    2011-08-11 05:13:38 -------- d-----w- C:\Users\Ben\AppData\Local\{956CD10C-53BC-4B98-AA26-E534C3BF23FE}
    2011-08-10 17:13:25 -------- d-----w- C:\Users\Ben\AppData\Local\{861DA62C-0101-44CE-BDFC-9DB0BF5B7838}
    2011-08-10 17:12:52 -------- d-----w- C:\Users\Ben\AppData\Local\{582DDA31-EDD2-4CE0-93A0-46EE2FCE4BB9}
    2011-08-10 05:12:28 -------- d-----w- C:\Users\Ben\AppData\Local\{D073D85A-519F-479E-907B-EE27B78A7F05}
    2011-08-10 05:11:55 -------- d-----w- C:\Users\Ben\AppData\Local\{14EBEEBD-6A85-41AC-9DC9-593172549E00}
    2011-08-09 17:11:42 -------- d-----w- C:\Users\Ben\AppData\Local\{2A487D99-3F08-4CF2-AB5A-6F2041D4EFB4}
    2011-08-09 17:11:09 -------- d-----w- C:\Users\Ben\AppData\Local\{8F7AE3A0-E4E1-4715-9539-F0AEF0214890}
    2011-08-09 05:10:45 -------- d-----w- C:\Users\Ben\AppData\Local\{BDC2B8D9-7B53-408A-AA59-D2029719EB4C}
    2011-08-09 05:10:11 -------- d-----w- C:\Users\Ben\AppData\Local\{2D959B95-CBF6-468E-BA82-2CAA3650ACBA}
    2011-08-08 17:09:55 -------- d-----w- C:\Users\Ben\AppData\Local\{DAC22408-CF29-47D2-A93B-894D77080B47}
    2011-08-08 17:09:33 -------- d-----w- C:\Users\Ben\AppData\Local\{48C1AAD5-233A-4228-9612-3A7F078D2992}
    2011-08-07 20:58:27 -------- d-----w- C:\Users\Ben\AppData\Local\{E9A8CD52-8228-4E59-9F2B-DFB06FC5F833}
    2011-08-07 20:58:03 -------- d-----w- C:\Users\Ben\AppData\Local\{F08C52E8-687D-4D8B-956F-7D14EE747326}
    2011-08-07 00:40:12 -------- d-----w- C:\Users\Ben\AppData\Local\{B9779C1E-B044-4E17-8AAB-5785BE228D19}
    2011-08-05 23:43:16 -------- d-----w- C:\Users\Ben\AppData\Local\{DA0F01B5-FB4D-4A4C-9573-F86CAF65BB3B}
    2011-08-05 23:43:03 -------- d-----w- C:\Users\Ben\AppData\Local\{C25695D4-080E-430A-975D-F42F8215668D}
    2011-08-05 17:12:26 -------- d-----w- C:\Users\Ben\AppData\Local\{24537CA9-0A94-4C41-8678-403ACB90586E}
    2011-08-05 07:27:32 -------- d-----w- C:\Program Files\iTunes
    2011-08-05 07:27:32 -------- d-----w- C:\Program Files\iPod
    2011-08-05 07:26:16 -------- d-----w- C:\Program Files\Bonjour
    2011-08-05 07:26:16 -------- d-----w- C:\Program Files (x86)\Bonjour
    2011-08-05 03:42:14 -------- d-----w- C:\Users\Ben\AppData\Local\{05D32B02-1430-426E-B750-31C3DE4DC4D6}
    2011-08-05 03:41:41 -------- d-----w- C:\Users\Ben\AppData\Local\{9CB8FFA6-E81C-4F78-8A1C-05BF8BECB4CE}
    2011-08-04 15:41:26 -------- d-----w- C:\Users\Ben\AppData\Local\{80779EC2-49FA-48F2-BFCE-6C022C020F15}
    2011-08-03 19:18:15 -------- d-----w- C:\Users\Ben\AppData\Local\{33A3D0A9-16A6-4BAF-BDC6-3A4FA21D674F}
    2011-08-02 19:59:40 -------- d-----w- C:\Users\Ben\AppData\Local\{A8E18409-BF4E-4E6E-A9F6-1D747AACD282}
    2011-08-01 20:58:29 -------- d-----w- C:\Users\Ben\AppData\Local\{4782AA2E-83CB-4A6D-B9F6-D2152CFA3A59}
    2011-08-01 07:45:05 -------- d-----w- C:\Users\Ben\AppData\Local\{71730BE9-14F9-4D49-831C-1433A4AA54FC}
    2011-07-31 21:04:33 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
    2011-07-31 21:04:25 8578896 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll
    2011-07-31 20:54:56 1657216 ----a-w- C:\Windows\System32\drivers\ntfs.sys
    2011-07-31 20:53:55 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe
    2011-07-31 20:53:55 31232 ----a-w- C:\Windows\System32\prevhost.exe
    2011-07-31 19:44:17 -------- d-----w- C:\Users\Ben\AppData\Local\{CD982A03-AE27-450C-8561-F4DFE56303EB}
    2011-07-31 10:52:07 -------- d-----w- C:\Users\Ben\AppData\Local\VeniceAlphaTrial
    2011-07-31 10:52:07 -------- d-----w- C:\Users\Ben\AppData\Local\BF3
    2011-07-31 10:51:49 -------- d-----w- C:\Program Files (x86)\BF3 Alpha Trial Web Plugins
    2011-07-31 10:50:56 -------- d-----w- C:\ProgramData\EA Core
    2011-07-31 10:27:45 -------- d--h--w- C:\Program Files (x86)\Common Files\EAInstaller
    2011-07-31 09:53:06 -------- d-----w- C:\ProgramData\Electronic Arts
    2011-07-31 08:17:47 51600 ----a-w- C:\Windows\System32\drivers\dsiarhwprog_x64.sys
    2011-07-31 04:43:07 -------- d-----w- C:\Users\Ben\AppData\Local\Oblivion
    2011-07-31 00:02:21 -------- d-----w- C:\Users\Ben\AppData\Local\{1E8273FA-8AAD-4685-B58D-AA1236681124}
    2011-07-30 18:11:37 -------- d-----w- C:\Users\Ben\AppData\Local\{D4C1C9F6-0046-41CB-B107-624FA0EA8C7C}
    2011-07-30 06:10:50 -------- d-----w- C:\Users\Ben\AppData\Local\{7D3564E4-4EAC-4E11-B0A3-7599DE1D86B9}
    2011-07-29 18:10:00 -------- d-----w- C:\Users\Ben\AppData\Local\{9FDFF96D-966F-40B3-825C-FCC9AD7107DA}
    2011-07-29 01:32:32 -------- d-----w- C:\Users\Ben\AppData\Roaming\TerrariaWorldViewer
    2011-07-28 18:08:16 -------- d-----w- C:\Users\Ben\AppData\Local\{2E3E2040-FA69-45A4-BAE3-7070238204DB}
    2011-07-27 18:58:19 -------- d-----w- C:\Down
    2011-07-27 18:57:58 -------- d-----w- C:\Windyzone
    2011-07-27 18:57:38 -------- d-----w- C:\Users\Ben\AppData\Local\{C450B427-6303-4DBB-8B98-33F42F4FD222}
    2011-07-27 02:37:05 -------- d-----w- C:\Program Files (x86)\Perfectworld Entertainment
    2011-07-26 19:06:14 -------- d-----w- C:\Users\Ben\AppData\Local\{568710B3-F100-4900-A0B1-9FD4DAA723AB}
    2011-07-26 09:49:50 -------- d-----w- C:\Program Files\Paint.NET
    2011-07-26 09:49:35 -------- d-----w- C:\Users\Ben\AppData\Local\Paint.NET
    2011-07-26 09:30:52 -------- d-----w- C:\ProgramData\Pure Networks
    2011-07-26 05:14:48 -------- d-----w- C:\Users\Ben\AppData\Roaming\Windows Live Writer
    2011-07-26 05:14:48 -------- d-----w- C:\Users\Ben\AppData\Local\Windows Live Writer
    2011-07-26 05:13:42 -------- d-----w- C:\Users\Ben\AppData\Local\{81041410-FD1F-4CE7-957F-A67D30C75787}
    2011-07-26 05:11:12 -------- d-----w- C:\Windows\en
    2011-07-26 05:08:40 18328 ----a-w- C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
    2011-07-25 22:09:02 -------- d-----w- C:\Users\Ben\AppData\Local\{89A5987F-AD7E-42A8-8FA5-9FE013799831}
    2011-07-24 20:31:45 -------- d-----w- C:\Users\Ben\AppData\Local\{E8CBF004-5F9C-406A-8774-D9CDFB359C73}
    2011-07-24 08:30:59 -------- d-----w- C:\Users\Ben\AppData\Local\{FE83610E-61CB-4090-95C6-7C9A69F1B2E8}
    .
    ==================== Find3M ====================
    .
    2011-08-18 20:29:14 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-07-20 21:10:50 280768 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
    2011-07-20 21:10:50 280768 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
    2011-07-20 21:07:41 266400 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
    2011-07-12 15:34:00 96104 ----a-w- C:\Windows\System32\dns-sd.exe
    2011-07-12 15:34:00 85864 ----a-w- C:\Windows\System32\dnssd.dll
    2011-07-12 15:34:00 61288 ----a-w- C:\Windows\System32\jdns_sd.dll
    2011-07-12 15:34:00 212840 ----a-w- C:\Windows\System32\dnssdX.dll
    2011-07-12 15:20:54 83816 ----a-w- C:\Windows\SysWow64\dns-sd.exe
    2011-07-12 15:20:54 73064 ----a-w- C:\Windows\SysWow64\dnssd.dll
    2011-07-12 15:20:54 50536 ----a-w- C:\Windows\SysWow64\jdns_sd.dll
    2011-07-12 15:20:54 178536 ----a-w- C:\Windows\SysWow64\dnssdX.dll
    2011-07-09 05:56:08 421200 ----a-w- C:\Windows\SysWow64\msvcp100.dll
    2011-07-09 05:56:00 768848 ----a-w- C:\Windows\SysWow64\msvcr100.dll
    2011-06-11 02:56:44 3134464 ----a-w- C:\Windows\System32\win32k.sys
    2011-06-02 06:45:22 362496 ----a-w- C:\Windows\System32\wow64win.dll
    2011-06-02 06:45:22 243200 ----a-w- C:\Windows\System32\wow64.dll
    2011-06-02 06:45:22 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
    2011-06-02 06:44:54 214528 ----a-w- C:\Windows\System32\winsrv.dll
    2011-06-02 06:42:37 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
    2011-06-02 06:39:54 422400 ----a-w- C:\Windows\System32\KernelBase.dll
    2011-06-02 06:35:56 338944 ----a-w- C:\Windows\System32\conhost.exe
    2011-06-02 05:59:44 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
    2011-06-02 05:56:28 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
    2011-06-02 05:56:06 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
    2011-06-02 05:54:51 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
    2011-06-02 05:54:50 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll
    2011-06-02 03:51:00 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
    2011-06-02 03:50:59 2048 ----a-w- C:\Windows\SysWow64\user.exe
    2011-06-02 03:45:49 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    2011-06-02 03:45:49 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    2011-06-02 03:45:49 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    2011-06-02 03:45:49 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    2011-05-28 03:25:16 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
    2011-05-28 03:00:02 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    .
    ============= FINISH: 17:18:19.96 ===============
     

    Attached Files:

  6. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    28,766
    Hiya

    As I've moved it, I may as well reply to it as well :)

    Give me a few mins to read it, and I'll reply :)

    eddie
     
  7. Xdflames

    Xdflames Thread Starter

    Joined:
    Aug 22, 2011
    Messages:
    18
    Okay, thank you very much for reading it.
     
  8. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    28,766
    Just looking through, and nice to see you're a gamer, especially Bad Company 2. Are you getting BF3 when it comes out? Most of our clan are :)


    Anyway, back to this thread ;)



    Please download Malwarebytes' Anti-Malware from Here or Here

    Double Click mbam-setup.exe to install the application.
    • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select "Perform Full Scan", then click Scan.
    • The scan may take some time to finish,so please be patient.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Make sure that everything is checked, and click Remove Selected.
    • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
    • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    • Copy&Paste the entire report in your next reply.
    Extra Note:
    If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.






    Download and scan with SUPERAntiSpyware Free for Home Users
    • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
    • An icon will be created on your desktop. Double-click that icon to launch the program.
    • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
    • Under "Configuration and Preferences", click the Preferences button.
    • Click the Scanning Control tab.
    • Under Scanner Options make sure the following are checked (leave all others unchecked):
      • Close browsers before scanning.
      • Scan for tracking cookies.
      • Terminate memory threats before quarantining.
    • Click the "Close" button to leave the control center screen.
    • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
    • On the left, make sure you check C:\Fixed Drive.
    • On the right, under "Complete Scan", choose Perform Complete Scan.
    • Click "Next" to start the scan. Please be patient while it scans your computer.
    • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
    • Make sure everything has a checkmark next to it and click "Next".
    • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
    • If asked if you want to reboot, click "Yes".
    • To retrieve the removal information after reboot, launch SUPERAntispyware again.
      • Click Preferences, then click the Statistics/Logs tab.
      • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
      • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
      • Please copy and paste the Scan Log results in your next reply.
    • Click Close to exit the program.

    Please include the MBAM log and, SUPERAntiSpyware Scan Log and a fresh HijackThis log in your next reply

    eddie
     
  9. Xdflames

    Xdflames Thread Starter

    Joined:
    Aug 22, 2011
    Messages:
    18
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 4:55:22 PM, on 8/22/2011
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16800)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
    C:\Program Files (x86)\AlienRespawn\Components\DSUpdate\DSUpd.exe
    C:\Program Files (x86)\AlienRespawn\Components\Scheduler\STService.exe
    C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
    C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files (x86)\Steam\Steam.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
    C:\Program Files (x86)\AlienRespawn\Toaster.exe
    C:\Program Files\Alienware\Command Center\AlienFusionController.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files\Alienware\Command Center\AlienFXHook32Mngr.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alienware.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.alienware.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r
    O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
    O4 - HKLM\..\RunOnce: [Launcher] C:\Program Files (x86)\AlienRespawn\Components\Scheduler\Launcher.exe
    O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
    O4 - HKCU\..\Run: [Windows Explorer] rundll32.exe "C:\Users\Ben\AppData\Roaming\atvshgtm.dll",EntryPoint
    O4 - HKCU\..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - Global Startup: AWMouseCI.lnk = C:\Program Files\Alienware\Alienware TactX Mouse CI\AWMouseCI.exe
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O15 - Trusted Zone: *.clonewarsadventures.com
    O15 - Trusted Zone: *.freerealms.com
    O15 - Trusted Zone: *.soe.com
    O15 - Trusted Zone: *.sony.com
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Alienware Fusion Service (AlienFusionService) - Alienware - C:\Program Files\Alienware\Command Center\AlienFusionService.exe
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    O23 - Service: Broadcom Power monitoring service (BPowMon) - Broadcom Corp. - C:\Program Files\Broadcom\BPowMon\BPowMon.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
    O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: lxeb_device - Unknown owner - C:\Windows\system32\lxebcoms.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\AlienRespawn\sftservice.EXE
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

    --
    End of file - 10374 bytes





    Malwarebytes' Anti-Malware 1.51.1.1800
    www.malwarebytes.org

    Database version: 7539

    Windows 6.1.7600
    Internet Explorer 8.0.7600.16385

    8/22/2011 6:27:01 PM
    mbam-log-2011-08-22 (18-27-01).txt

    Scan type: Full scan (C:\|D:\|Y:\|)
    Objects scanned: 330356
    Time elapsed: 42 minute(s), 22 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 1
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 1

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows Explorer (Trojan.Agent) -> Value: Windows Explorer -> Quarantined and deleted successfully.

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    c:\Users\Ben\AppData\Local\Temp\ondc.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.



    I would rather not post the SUPERAntiSpyware scan log though, but if you sincerely need it let me know. It removed 326 threats though, all of them being cookies.
    Unfortunately, even though my brother cleared the history cookies have been showing up. Going to have to restrict his computer access apparently.

    Edit: I will be getting BF3 when it comes out, but it might be a while. It just depends on what is going on in my family and such.
     
  10. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,047
    That's what I was seeing in HijackThis.

    O4 - HKCU\..\Run: [Windows Explorer] rundll32.exe "C:\Users\Ben\AppData\Roaming\atvshgtm.dll",EntryPoint

    atvshgtm.dll being in your error message.
     
  11. Xdflames

    Xdflames Thread Starter

    Joined:
    Aug 22, 2011
    Messages:
    18
    I see, thanks for pointing that out. So I would guess that it is just a coincidence that the error popped up after deleting a few things?
    Also, was any of those really serious infections?

    Edit: I just restarted and the error message did not come up, if there is anything else I need to do let me know. I will wait for a reply before I mark this as Solved.
     
  12. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,047
    Please wait for further instructions from eddie5659. MBAM and SAS may have missed more serious infections.
     
  13. Xdflames

    Xdflames Thread Starter

    Joined:
    Aug 22, 2011
    Messages:
    18
    Will do. Thank you.
     
  14. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    28,766
    Its okay about the SAS log :)

    Okay, lets just run this to see if anything else is present:

    Download OTL to your Desktop
    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
      • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
      • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic
     
  15. Xdflames

    Xdflames Thread Starter

    Joined:
    Aug 22, 2011
    Messages:
    18
    OTL logfile created on: 8/23/2011 6:10:42 PM - Run 1
    OTL by OldTimer - Version 3.2.26.5 Folder = C:\Users\Ben\Downloads
    64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    5.99 Gb Total Physical Memory | 4.07 Gb Available Physical Memory | 67.89% Memory free
    11.98 Gb Paging File | 9.56 Gb Available in Paging File | 79.82% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 923.45 Gb Total Space | 792.56 Gb Free Space | 85.83% Space Free | Partition Type: NTFS

    Computer Name: BEN-PC | User Name: Ben | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2011/08/23 18:09:47 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Ben\Downloads\OTL.exe
    PRC - [2011/08/02 15:59:32 | 000,411,432 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    PRC - [2011/08/02 15:59:25 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
    PRC - [2011/04/20 21:58:47 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
    PRC - [2011/01/13 14:53:38 | 000,321,464 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\AlienRespawn\Components\DSUpdate\DSUpd.exe
    PRC - [2011/01/13 14:42:12 | 003,667,264 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\AlienRespawn\Toaster.exe
    PRC - [2011/01/13 14:39:32 | 000,783,680 | ---- | M] () -- C:\Program Files (x86)\AlienRespawn\Components\Scheduler\STService.exe
    PRC - [2011/01/13 14:37:02 | 000,705,856 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\AlienRespawn\SftService.exe
    PRC - [2010/05/04 16:01:08 | 000,013,624 | ---- | M] (Alienware) -- C:\Program Files\Alienware\Command Center\AlienFXHook32Mngr.exe
    PRC - [2010/05/04 16:00:34 | 000,061,256 | ---- | M] (Alienware Corporation) -- C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
    PRC - [2010/05/04 15:53:40 | 000,016,704 | ---- | M] () -- C:\Program Files\Alienware\Command Center\AlienFusionController.exe
    PRC - [2010/03/03 22:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    PRC - [2010/03/03 22:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    PRC - [2009/10/13 10:39:04 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe


    ========== Modules (No Company Name) ==========

    MOD - [2011/08/22 23:22:09 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\60aa01ac9637903f30ac346c55ce58bb\PresentationFramework.Aero.ni.dll
    MOD - [2011/08/22 23:21:58 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\456d5e9d3a0a37697ab28c150e9ac5b7\System.Runtime.Remoting.ni.dll
    MOD - [2011/08/22 23:21:57 | 006,618,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\86f429e0a23238cf277d464bd0433d86\System.Data.ni.dll
    MOD - [2011/08/22 23:21:50 | 014,322,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\462ca53f84ff85f159d5555d91a5e28d\PresentationFramework.ni.dll
    MOD - [2011/08/22 23:21:38 | 012,431,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ad9c2f4737e1e07fa774af31a7d74235\System.Windows.Forms.ni.dll
    MOD - [2011/08/22 23:21:32 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eba4ec48e3f7f16864c6d96f510fafd9\System.Drawing.ni.dll
    MOD - [2011/08/22 23:21:28 | 012,216,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\808e41877f992187276492aa2e55e909\PresentationCore.ni.dll
    MOD - [2011/08/22 23:21:18 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cea5d9b8e3d6ff3bf3be32cf5fcbcd02\WindowsBase.ni.dll
    MOD - [2011/08/22 23:21:11 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\155679a9c8991cc33f90d6b27bac1977\System.Xml.ni.dll
    MOD - [2011/08/22 23:21:08 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\0bddc91cbf37d143f08f6684b2919566\System.Configuration.ni.dll
    MOD - [2011/08/22 23:20:36 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\610374fef100556da252243e673ac64b\System.ni.dll
    MOD - [2011/08/02 15:59:32 | 014,401,832 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
    MOD - [2011/08/02 15:59:31 | 000,914,216 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-52.dll
    MOD - [2011/08/02 15:59:31 | 000,190,248 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
    MOD - [2011/08/02 15:59:31 | 000,155,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-52.dll
    MOD - [2011/08/02 15:59:31 | 000,091,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-50.dll
    MOD - [2011/07/31 17:13:49 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\23bc3936180ff789f44259a211dfc7fc\mscorlib.ni.dll
    MOD - [2011/05/26 13:42:00 | 000,067,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    MOD - [2011/01/13 14:42:02 | 000,025,920 | ---- | M] () -- C:\Program Files (x86)\AlienRespawn\SftBRCCPiped.dll
    MOD - [2011/01/13 14:39:32 | 000,783,680 | ---- | M] () -- C:\Program Files (x86)\AlienRespawn\Components\Scheduler\STService.exe
    MOD - [2011/01/13 14:37:50 | 000,079,168 | ---- | M] () -- C:\Program Files (x86)\AlienRespawn\zlib1.dll
    MOD - [2011/01/13 14:37:26 | 000,075,072 | ---- | M] () -- C:\Program Files (x86)\AlienRespawn\STRegistry.dll
    MOD - [2011/01/13 14:37:24 | 000,111,936 | ---- | M] () -- C:\Program Files (x86)\AlienRespawn\STPE.dll
    MOD - [2011/01/13 14:37:20 | 000,121,152 | ---- | M] () -- C:\Program Files (x86)\AlienRespawn\STNLS.dll
    MOD - [2011/01/13 14:37:18 | 000,128,320 | ---- | M] () -- C:\Program Files (x86)\AlienRespawn\STLog.dll
    MOD - [2011/01/13 14:37:14 | 000,234,816 | ---- | M] () -- C:\Program Files (x86)\AlienRespawn\STFiles.dll
    MOD - [2011/01/13 14:37:04 | 000,025,920 | ---- | M] () -- C:\Program Files (x86)\AlienRespawn\STBRCCServCLR.dll
    MOD - [2011/01/13 14:36:50 | 001,123,648 | ---- | M] () -- C:\Program Files (x86)\AlienRespawn\libxml2.dll
    MOD - [2010/12/23 14:49:41 | 000,027,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienLabs.MasterIOBoard.Communication.PID0x513\1.0.90.0__bebb3c8816410241\AlienLabs.MasterIOBoard.Communication.PID0x513.dll
    MOD - [2010/12/23 14:49:41 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienLabs.MasterIOBoard.Communication\1.0.90.0__bebb3c8816410241\AlienLabs.MasterIOBoard.Communication.dll
    MOD - [2010/12/23 14:49:41 | 000,008,192 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienLabs.MasterIOBoard.Communication.Core\1.0.90.0__bebb3c8816410241\AlienLabs.MasterIOBoard.Communication.Core.dll
    MOD - [2010/12/23 14:49:40 | 004,790,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienwareAlienFXModelResources\1.0.90.0__bebb3c8816410241\AlienwareAlienFXModelResources.dll
    MOD - [2010/12/23 14:49:40 | 000,443,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienwareAlienFXTools\1.0.90.0__bebb3c8816410241\AlienwareAlienFXTools.dll
    MOD - [2010/12/23 14:49:40 | 000,075,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienLabsTools\1.0.90.0__bebb3c8816410241\AlienLabsTools.dll
    MOD - [2010/12/23 14:49:40 | 000,037,712 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Alienlabs.CommandCenter.Tools\1.0.90.0__bebb3c8816410241\Alienlabs.CommandCenter.Tools.dll
    MOD - [2010/12/23 14:49:40 | 000,037,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x511\1.0.90.0__bebb3c8816410241\AlienFX.Communication.PID0x511.dll
    MOD - [2010/12/23 14:49:40 | 000,036,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x514\1.0.90.0__bebb3c8816410241\AlienFX.Communication.PID0x514.dll
    MOD - [2010/12/23 14:49:40 | 000,036,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x512\1.0.90.0__bebb3c8816410241\AlienFX.Communication.PID0x512.dll
    MOD - [2010/12/23 14:49:40 | 000,028,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x516\1.0.90.0__bebb3c8816410241\AlienFX.Communication.PID0x516.dll
    MOD - [2010/12/23 14:49:40 | 000,027,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x515\1.0.90.0__bebb3c8816410241\AlienFX.Communication.PID0x515.dll
    MOD - [2010/12/23 14:49:40 | 000,027,424 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LightFX\1.0.90.0__bebb3c8816410241\LightFX.dll
    MOD - [2010/12/23 14:49:40 | 000,024,904 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.XPS\1.0.90.0__bebb3c8816410241\AlienFX.Communication.XPS.dll
    MOD - [2010/12/23 14:49:40 | 000,024,896 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.DeviceDiscovery\1.0.90.0__bebb3c8816410241\AlienFX.DeviceDiscovery.dll
    MOD - [2010/12/23 14:49:40 | 000,019,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x513\1.0.90.0__bebb3c8816410241\AlienFX.Communication.PID0x513.dll
    MOD - [2010/12/23 14:49:40 | 000,017,224 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.Core\1.0.90.0__bebb3c8816410241\AlienFX.Communication.Core.dll
    MOD - [2010/12/23 14:49:40 | 000,011,584 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication\1.0.90.0__bebb3c8816410241\AlienFX.Communication.dll
    MOD - [2010/06/01 11:17:46 | 000,929,792 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
    MOD - [2010/05/04 15:53:44 | 000,154,424 | ---- | M] () -- C:\Program Files\Alienware\Command Center\AlienFusionDomain.dll
    MOD - [2010/05/04 15:53:40 | 000,016,704 | ---- | M] () -- C:\Program Files\Alienware\Command Center\AlienFusionController.exe
    MOD - [2009/06/10 17:23:18 | 000,372,736 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
    MOD - [2009/06/10 17:23:17 | 002,933,248 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
    MOD - [2009/06/10 17:14:41 | 000,667,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll


    ========== Win32 Services (SafeList) ==========

    SRV:64bit: - [2011/08/11 19:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
    SRV:64bit: - [2011/04/27 17:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
    SRV:64bit: - [2011/04/27 17:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
    SRV:64bit: - [2011/01/04 22:57:44 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
    SRV:64bit: - [2010/05/04 15:53:56 | 000,014,648 | ---- | M] (Alienware) [Auto | Running] -- C:\Program Files\Alienware\Command Center\AlienFusionService.exe -- (AlienFusionService)
    SRV:64bit: - [2010/04/14 19:56:24 | 001,052,328 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxebcoms.exe -- (lxeb_device)
    SRV:64bit: - [2009/10/27 16:56:14 | 000,117,608 | ---- | M] (Broadcom Corp.) [Auto | Running] -- C:\Program Files\Broadcom\BPowMon\BPowMon.exe -- (BPowMon)
    SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV - [2011/08/04 14:34:48 | 002,329,480 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
    SRV - [2011/08/02 15:59:32 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
    SRV - [2011/04/20 21:58:47 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
    SRV - [2011/01/13 14:37:02 | 000,705,856 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\AlienRespawn\sftservice.EXE -- (SftService)
    SRV - [2010/12/23 15:03:58 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
    SRV - [2010/10/27 01:07:58 | 004,060,752 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)
    SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2010/03/03 22:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
    SRV - [2009/10/13 10:39:04 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
    SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2011/07/22 12:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
    DRV:64bit: - [2011/07/12 17:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
    DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
    DRV:64bit: - [2011/04/27 15:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
    DRV:64bit: - [2011/03/11 02:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2011/03/11 02:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2011/01/04 23:37:14 | 008,283,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
    DRV:64bit: - [2011/01/04 22:19:38 | 000,294,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
    DRV:64bit: - [2010/12/23 14:40:11 | 000,019,464 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AWOPFilterDriver.sys -- (AWOPFilterDriver)
    DRV:64bit: - [2010/11/17 08:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
    DRV:64bit: - [2010/03/22 19:29:12 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
    DRV:64bit: - [2009/10/16 07:32:24 | 000,321,064 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
    DRV:64bit: - [2009/07/29 22:14:10 | 000,090,664 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SI3132.sys -- (SI3132)
    DRV:64bit: - [2009/07/29 22:14:10 | 000,022,056 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SiWinAcc.sys -- (SiFilter)
    DRV:64bit: - [2009/07/29 22:14:10 | 000,017,448 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SiRemFil.sys -- (SiRemFil)
    DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
    DRV:64bit: - [2009/04/22 19:10:40 | 000,058,384 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
    DRV:64bit: - [2009/04/22 19:10:32 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
    DRV:64bit: - [2009/03/18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
    DRV:64bit: - [2007/02/08 09:48:04 | 000,051,600 | ---- | M] (Thesycon GmbH, Germany) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dsiarhwprog_x64.sys -- (usbio)
    DRV:64bit: - [2006/11/01 14:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
    DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
    DRV - [2005/01/03 20:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alienware.com/
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://support.alienware.com [binary data]
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://support.alienware.com [binary data]
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.alienware.com/
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    ========== FireFox ==========

    FF - prefs.js..browser.startup.homepage: "www.igoogle.com"
    FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
    FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23


    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch: C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\npesnlaunch.dll (ESN AB)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll File not found
    FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/08/18 16:28:02 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/08/22 23:08:42 | 000,000,000 | ---D | M]

    [2010/12/28 14:43:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ben\AppData\Roaming\Mozilla\Extensions
    [2011/08/21 14:12:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\achh3cjg.default\extensions
    [2011/08/02 16:05:07 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\achh3cjg.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
    [2011/07/08 11:58:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
    [2011/01/04 17:01:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
    [2011/06/03 20:49:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
    [2011/07/08 11:58:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
    File not found (No name found) --
    () (No name found) -- C:\USERS\BEN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ACHH3CJG.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
    [2011/08/18 16:28:02 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
    [2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
    [2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

    O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O4:64bit: - HKLM..\Run: [] File not found
    O4:64bit: - HKLM..\Run: [AlienFX Controller] C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe (Alienware Corporation)
    O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
    O4:64bit: - HKLM..\Run: [Launch Keyboard CI] c:\Program Files\Alienware\Alienware TactX Keyboard CI\txkbci.exe (Alienware)
    O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
    O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
    O4:64bit: - HKLM..\Run: [RunDLLEntry_EptMon] C:\Windows\SysNative\EptMon64.DLL (Creative Technology Ltd.)
    O4:64bit: - HKLM..\Run: [RunDLLEntry_THXCfg] C:\Windows\SysNative\THXCfg64.DLL (Creative Technology Ltd.)
    O4:64bit: - HKLM..\Run: [Thermal Controller] C:\Program Files\Alienware\Command Center\ThermalController.exe (Alienware Corp.)
    O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
    O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
    O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
    O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
    O4 - HKLM..\Run: [THX Audio Control Panel] C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe (Creative Technology Ltd)
    O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
    O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
    O4 - HKCU..\Run: [Overwolf] File not found
    O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
    O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
    O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\AlienRespawn\Components\Scheduler\Launcher.exe (Softthinks)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O13 - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
    O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
    O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
    O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
    O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
    O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 74.128.19.102 74.128.17.114
    O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
    O32 - HKLM CDRom: AutoRun - 1
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2011/08/23 15:58:40 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{644B20C8-E43C-438E-B758-90472DFBCC04}
    [2011/08/23 15:58:07 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{8D546BDD-9A8C-4F09-802B-434B6545FD98}
    [2011/08/22 23:08:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
    [2011/08/22 23:08:26 | 000,000,000 | -HSD | C] -- C:\Config.Msi
    [2011/08/22 21:26:36 | 000,000,000 | ---D | C] -- C:\Windows\Sun
    [2011/08/22 18:35:30 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Roaming\SUPERAntiSpyware.com
    [2011/08/22 18:35:18 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
    [2011/08/22 18:35:16 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
    [2011/08/22 18:35:16 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
    [2011/08/22 17:43:32 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Roaming\Malwarebytes
    [2011/08/22 17:43:26 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
    [2011/08/22 17:43:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2011/08/22 17:43:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2011/08/22 17:43:22 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
    [2011/08/22 17:43:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    [2011/08/22 16:45:55 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
    [2011/08/22 16:45:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
    [2011/08/22 15:53:38 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{F72284A0-A704-4D6C-84B5-DF7C99C83A75}
    [2011/08/22 15:53:27 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{738ADF71-5959-4183-A02E-5C5960FC4C06}
    [2011/08/21 22:39:10 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{15B5DDA6-52A8-4A6A-8D0E-FB4FE76A58D8}
    [2011/08/21 22:38:37 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{7FDAF9F0-0EE6-449E-821E-DA6FD0FB3BD4}
    [2011/08/21 10:38:06 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{634446C5-2CC2-4884-9CCA-0CF275247B7C}
    [2011/08/21 10:37:53 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{6C56C878-2B0A-4ED5-A52E-FA3615CF8038}
    [2011/08/20 12:08:02 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{27687CD2-61E5-4EEB-AC48-78C0C547C836}
    [2011/08/20 12:07:51 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{FA96B01D-52A7-43CA-B1B4-64E2635962D7}
    [2011/08/19 16:42:07 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{BFE0C3D4-13EC-426E-85D2-8F231EC0A2E0}
    [2011/08/19 16:41:56 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{5B48B9F1-954E-4087-AC2F-440CBE3D4589}
    [2011/08/18 16:25:14 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{1A69BC32-4F5F-431A-BD3D-EB683E8F9D37}
    [2011/08/18 16:25:02 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{317A8AA8-E9D6-497E-BBB8-BE0F0A6D7A04}
    [2011/08/17 16:00:31 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{2B7ACA1D-2368-464E-BA70-DFAF96DD5F95}
    [2011/08/17 16:00:18 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{D95B02C9-AC43-4077-BA83-0DE5D817B0CF}
    [2011/08/16 13:16:00 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{F8234D12-6263-4A6E-8AA2-CA9DC3F93059}
    [2011/08/16 13:15:26 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{C9C2AF20-2E7D-4E30-AB71-F2897C9B84FC}
    [2011/08/16 11:27:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
    [2011/08/16 11:27:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
    [2011/08/16 01:15:01 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{DB0BD9FE-F9EF-4CEA-A209-5BCA2975C7A6}
    [2011/08/16 01:14:27 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{13758CCA-2927-47A8-B067-E3926EC4BB90}
    [2011/08/15 13:14:15 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{B708E39F-3195-4C50-8C97-C0018C892E2F}
    [2011/08/15 13:13:42 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{4E5099D5-A51A-44E0-80C3-838DC89BEEF6}
    [2011/08/15 01:13:17 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{7E0E35B1-B5E1-4902-B00C-933A899AA41F}
    [2011/08/15 01:12:45 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{115125E1-78D2-4150-B8A8-B84794DD7C0C}
    [2011/08/14 13:12:19 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{35871A5C-5B23-4507-B131-DEB426B65476}
    [2011/08/14 13:11:52 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{1D842A12-9949-448A-BD54-3DEF3056D1A3}
    [2011/08/13 14:03:09 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{D919D427-0217-4639-9425-F11AEB17890F}
    [2011/08/13 14:02:45 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{448DC873-D195-43F5-8F7B-E50B1B17ADB2}
    [2011/08/13 01:17:52 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{D49CF5BE-13F5-471C-8262-C392475DD418}
    [2011/08/13 01:17:19 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{14F2E2D0-695E-44A6-9BD3-1EBDEFC5AB09}
    [2011/08/12 13:16:53 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{EDF1A7FA-2504-4302-90D0-A36E4769C668}
    [2011/08/12 13:16:20 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{D2C69EEE-5B82-4B10-A000-8878D5DA9474}
    [2011/08/12 01:15:55 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{4005ED97-48C9-4762-81B3-3E07FE69031A}
    [2011/08/12 01:15:22 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{A7A2C386-15BB-4C44-AB1A-6F36F2BCF5EA}
    [2011/08/11 13:15:09 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{CC10CBC9-F30B-4E34-B363-CFC60A7C308B}
    [2011/08/11 13:14:37 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{4BE2F749-3C89-4F05-911B-7D96DE313807}
    [2011/08/11 01:14:12 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{72997A44-F610-48B3-ACBC-C328D56C7BA2}
    [2011/08/11 01:13:38 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{956CD10C-53BC-4B98-AA26-E534C3BF23FE}
    [2011/08/10 13:13:25 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{861DA62C-0101-44CE-BDFC-9DB0BF5B7838}
    [2011/08/10 13:12:52 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{582DDA31-EDD2-4CE0-93A0-46EE2FCE4BB9}
    [2011/08/10 01:12:28 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{D073D85A-519F-479E-907B-EE27B78A7F05}
    [2011/08/10 01:11:55 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{14EBEEBD-6A85-41AC-9DC9-593172549E00}
    [2011/08/09 13:11:42 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{2A487D99-3F08-4CF2-AB5A-6F2041D4EFB4}
    [2011/08/09 13:11:09 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{8F7AE3A0-E4E1-4715-9539-F0AEF0214890}
    [2011/08/09 01:10:45 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{BDC2B8D9-7B53-408A-AA59-D2029719EB4C}
    [2011/08/09 01:10:11 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{2D959B95-CBF6-468E-BA82-2CAA3650ACBA}
    [2011/08/08 13:09:55 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{DAC22408-CF29-47D2-A93B-894D77080B47}
    [2011/08/08 13:09:33 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{48C1AAD5-233A-4228-9612-3A7F078D2992}
    [2011/08/07 16:58:27 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{E9A8CD52-8228-4E59-9F2B-DFB06FC5F833}
    [2011/08/07 16:58:03 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{F08C52E8-687D-4D8B-956F-7D14EE747326}
    [2011/08/06 20:40:12 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{B9779C1E-B044-4E17-8AAB-5785BE228D19}
    [2011/08/06 03:35:07 | 000,000,000 | ---D | C] -- C:\Users\Ben\Desktop\TShock 3.2.1.0805
    [2011/08/05 19:43:16 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{DA0F01B5-FB4D-4A4C-9573-F86CAF65BB3B}
    [2011/08/05 19:43:03 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{C25695D4-080E-430A-975D-F42F8215668D}
    [2011/08/05 15:38:00 | 000,000,000 | ---D | C] -- C:\Users\Ben\Desktop\Legends-Of-Yore
    [2011/08/05 13:12:26 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{24537CA9-0A94-4C41-8678-403ACB90586E}
    [2011/08/05 03:27:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    [2011/08/05 03:27:32 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
    [2011/08/05 03:27:32 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
    [2011/08/05 03:26:16 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
    [2011/08/05 03:26:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
    [2011/08/04 23:42:14 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{05D32B02-1430-426E-B750-31C3DE4DC4D6}
    [2011/08/04 23:41:41 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{9CB8FFA6-E81C-4F78-8A1C-05BF8BECB4CE}
    [2011/08/04 11:41:26 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{80779EC2-49FA-48F2-BFCE-6C022C020F15}
    [2011/08/03 15:18:15 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{33A3D0A9-16A6-4BAF-BDC6-3A4FA21D674F}
    [2011/08/02 15:59:40 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{A8E18409-BF4E-4E6E-A9F6-1D747AACD282}
    [2011/08/01 16:58:29 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{4782AA2E-83CB-4A6D-B9F6-D2152CFA3A59}
    [2011/08/01 03:45:05 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{71730BE9-14F9-4D49-831C-1433A4AA54FC}
    [2011/07/31 17:05:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
    [2011/07/31 17:04:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
    [2011/07/31 15:44:17 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{CD982A03-AE27-450C-8561-F4DFE56303EB}
    [2011/07/31 06:52:07 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\VeniceAlphaTrial
    [2011/07/31 06:52:07 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\BF3
    [2011/07/31 06:51:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BF3 Alpha Trial Web Plugins
    [2011/07/31 06:50:56 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
    [2011/07/31 06:27:45 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller
    [2011/07/31 05:53:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
    [2011/07/31 04:17:47 | 000,051,600 | ---- | C] (Thesycon GmbH, Germany) -- C:\Windows\SysNative\drivers\dsiarhwprog_x64.sys
    [2011/07/31 00:43:07 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\Oblivion
    [2011/07/30 20:03:47 | 000,000,000 | ---D | C] -- C:\Users\Ben\Documents\Datel
    [2011/07/30 20:02:21 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{1E8273FA-8AAD-4685-B58D-AA1236681124}
    [2011/07/30 14:11:37 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{D4C1C9F6-0046-41CB-B107-624FA0EA8C7C}
    [2011/07/30 02:10:50 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{7D3564E4-4EAC-4E11-B0A3-7599DE1D86B9}
    [2011/07/29 22:41:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
    [2011/07/29 14:10:00 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{9FDFF96D-966F-40B3-825C-FCC9AD7107DA}
    [2011/07/28 21:32:32 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Roaming\TerrariaWorldViewer
    [2011/07/28 14:08:16 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{2E3E2040-FA69-45A4-BAE3-7070238204DB}
    [2011/07/27 14:58:19 | 000,000,000 | ---D | C] -- C:\Down
    [2011/07/27 14:57:58 | 000,000,000 | ---D | C] -- C:\Windyzone
    [2011/07/27 14:57:38 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{C450B427-6303-4DBB-8B98-33F42F4FD222}
    [2011/07/26 22:37:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Perfectworld Entertainment
    [2011/07/26 15:06:14 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{568710B3-F100-4900-A0B1-9FD4DAA723AB}
    [2011/07/26 06:17:25 | 000,000,000 | ---D | C] -- C:\Users\Ben\Documents\Paint.NET User Files
    [2011/07/26 05:54:24 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
    [2011/07/26 05:54:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
    [2011/07/26 05:54:23 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Roaming\Notepad++
    [2011/07/26 05:54:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Notepad++
    [2011/07/26 05:49:50 | 000,000,000 | ---D | C] -- C:\Program Files\Paint.NET
    [2011/07/26 05:49:35 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\Paint.NET
    [2011/07/26 05:30:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Pure Networks
    [2011/07/26 01:14:48 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Roaming\Windows Live Writer
    [2011/07/26 01:14:48 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\Windows Live Writer
    [2011/07/26 01:13:42 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{81041410-FD1F-4CE7-957F-A67D30C75787}
    [2011/07/26 01:11:12 | 000,000,000 | ---D | C] -- C:\Windows\en
    [2011/07/26 01:08:43 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
    [2011/07/25 18:09:02 | 000,000,000 | ---D | C] -- C:\Users\Ben\AppData\Local\{89A5987F-AD7E-42A8-8FA5-9FE013799831}
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2011/08/23 16:04:15 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2011/08/23 16:04:15 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2011/08/23 15:56:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2011/08/23 15:56:18 | 529,731,583 | -HS- | M] () -- C:\hiberfil.sys
    [2011/08/22 23:10:10 | 000,789,710 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2011/08/22 23:10:10 | 000,671,176 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2011/08/22 23:10:10 | 000,126,262 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2011/08/22 23:10:07 | 000,789,710 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2011/08/22 23:08:43 | 000,002,016 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
    [2011/08/22 18:35:18 | 000,001,810 | ---- | M] () -- C:\Users\Ben\Desktop\SUPERAntiSpyware Free Edition.lnk
    [2011/08/22 17:43:26 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2011/08/22 16:45:55 | 000,002,965 | ---- | M] () -- C:\Users\Ben\Desktop\HiJackThis.lnk
    [2011/08/18 16:28:12 | 000,002,054 | ---- | M] () -- C:\Users\Ben\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
    [2011/08/12 03:44:01 | 000,000,129 | ---- | M] () -- C:\Users\Ben\jagex_runescape_preferences2.dat
    [2011/08/12 03:17:21 | 000,000,035 | ---- | M] () -- C:\Users\Ben\jagex_runescape_preferences.dat
    [2011/08/05 03:27:56 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
    [2011/07/31 17:07:55 | 000,274,320 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2011/07/31 17:04:43 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
    [2011/07/30 20:16:42 | 000,461,824 | ---- | M] () -- C:\Users\Ben\Desktop\Pokesav Black and White - PSN [English Beta].exe
    [2011/07/29 22:41:55 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
    [2011/07/26 05:54:24 | 000,001,055 | ---- | M] () -- C:\Users\Ben\Desktop\Notepad++.lnk
    [2011/07/26 05:50:07 | 000,001,178 | ---- | M] () -- C:\Users\Public\Desktop\Paint.NET.lnk
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2011/08/22 23:08:43 | 000,002,016 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
    [2011/08/22 23:08:42 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
    [2011/08/22 18:35:18 | 000,001,810 | ---- | C] () -- C:\Users\Ben\Desktop\SUPERAntiSpyware Free Edition.lnk
    [2011/08/22 17:43:26 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2011/08/22 16:45:55 | 000,002,965 | ---- | C] () -- C:\Users\Ben\Desktop\HiJackThis.lnk
    [2011/08/05 03:27:56 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
    [2011/07/29 22:41:55 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
    [2011/07/28 16:48:44 | 000,000,129 | ---- | C] () -- C:\Users\Ben\jagex_runescape_preferences2.dat
    [2011/07/28 16:48:16 | 000,000,035 | ---- | C] () -- C:\Users\Ben\jagex_runescape_preferences.dat
    [2011/07/26 05:54:24 | 000,001,055 | ---- | C] () -- C:\Users\Ben\Desktop\Notepad++.lnk
    [2011/07/26 05:50:07 | 000,001,190 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
    [2011/07/26 05:50:07 | 000,001,178 | ---- | C] () -- C:\Users\Public\Desktop\Paint.NET.lnk
    [2011/07/26 01:10:08 | 000,001,307 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
    [2011/04/20 21:58:47 | 000,280,768 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
    [2011/04/20 21:58:47 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
    [2011/04/20 21:58:46 | 000,837,192 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
    [2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
    [2011/03/26 00:30:06 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
    [2011/01/12 18:59:40 | 000,000,091 | ---- | C] () -- C:\Users\Ben\AppData\Local\fusioncache.dat
    [2011/01/12 17:55:19 | 000,789,710 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2010/12/29 20:00:13 | 000,000,268 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
    [2010/12/23 15:05:30 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
    [2010/12/23 15:04:25 | 000,177,664 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
    [2010/12/23 15:04:25 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
    [2010/12/23 15:04:25 | 000,001,264 | ---- | C] () -- C:\Windows\THXCfg_SP_APOIM.ini
    [2010/12/23 15:04:25 | 000,001,247 | ---- | C] () -- C:\Windows\THXCfg_HP_APOIM.ini
    [2010/12/23 15:04:25 | 000,001,247 | ---- | C] () -- C:\Windows\THXCfg_APOIM.ini
    [2010/12/15 15:33:32 | 000,002,975 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
    [2010/05/04 16:06:48 | 000,097,584 | ---- | C] () -- C:\Windows\SysWow64\CCBiosSupportAPI.dll
    [2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
    [2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
    [2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
    [2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
    [2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
    [2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
    [2009/07/08 21:03:02 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
    [2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
    [2009/02/20 08:48:44 | 000,023,552 | ---- | C] () -- C:\Windows\SysWow64\lxebsmr.dll
    [2009/02/20 08:48:04 | 000,299,008 | ---- | C] () -- C:\Windows\SysWow64\lxebsm.dll

    ========== LOP Check ==========

    [2011/08/20 16:53:00 | 000,000,000 | ---D | M] -- C:\Users\Ben\AppData\Roaming\.minecraft
    [2011/07/26 05:57:42 | 000,000,000 | ---D | M] -- C:\Users\Ben\AppData\Roaming\Notepad++
    [2011/05/02 20:54:33 | 000,000,000 | ---D | M] -- C:\Users\Ben\AppData\Roaming\runic games
    [2011/07/21 19:01:01 | 000,000,000 | ---D | M] -- C:\Users\Ben\AppData\Roaming\SystemRequirementsLab
    [2011/07/28 21:33:39 | 000,000,000 | ---D | M] -- C:\Users\Ben\AppData\Roaming\TerrariaWorldViewer
    [2011/07/26 01:14:48 | 000,000,000 | ---D | M] -- C:\Users\Ben\AppData\Roaming\Windows Live Writer
    [2011/07/26 19:45:42 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

    ========== Purity Check ==========



    < End of report >

    OTL Extras logfile created on: 8/23/2011 6:10:42 PM - Run 1
    OTL by OldTimer - Version 3.2.26.5 Folder = C:\Users\Ben\Downloads
    64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    5.99 Gb Total Physical Memory | 4.07 Gb Available Physical Memory | 67.89% Memory free
    11.98 Gb Paging File | 9.56 Gb Available in Paging File | 79.82% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 923.45 Gb Total Space | 792.56 Gb Free Space | 85.83% Space Free | Partition Type: NTFS

    Computer Name: BEN-PC | User Name: Ben | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %* File not found
    cmdfile [open] -- "%1" %* File not found
    comfile [open] -- "%1" %* File not found
    exefile [open] -- "%1" %* File not found
    helpfile [open] -- Reg Error: Key error.
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %* File not found
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1" File not found
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
    scrfile [open] -- "%1" /S File not found
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    ========== Authorized Applications List ==========


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
    "{13A3A271-B2AA-486C-9AD5-F272079BB9B5}" = Alienware TactX Keyboard CI 1.00.130
    "{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
    "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
    "{22441735-5983-AD2A-5CC5-FA2CCD7EF732}" = ATI Stream SDK v2 Developer
    "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
    "{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java(TM) 6 Update 20 (64-bit)
    "{42738DB0-FC3E-4672-A99B-9372F5696E30}" = Microsoft Security Client
    "{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support
    "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    "{688758A2-8520-4470-8FA6-765BAC86FC53}" = Broadcom Management Programs
    "{73BA9A8F-6B40-BF79-541E-464156FBA764}" = ccc-utility64
    "{7A4D8A1A-7E49-A74A-038C-3A372948C9FA}" = ATI AVIVO64 Codecs
    "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB3}" = Paint.NET v3.5.8
    "{AE1E0DFB-A3D9-451C-AA7F-46FD390400D4}" = Command Center
    "{B0D59FDC-FEAB-49A2-9B5A-E5E0A8F9D7E0}" = Alienware TactX(TM) Mouse CI 1.00
    "{B361F88B-D513-9D45-E7F2-871B61C46D32}" = WMV9/VC-1 Video Playback
    "{B613A9BB-2B34-4824-A4BE-2427653D59D6}" = iTunes
    "{C5970161-E13E-6661-BBDA-A08268313C83}" = ATI Catalyst Install Manager
    "{CA0D2F09-F811-48D4-843E-C87696C6A9D9}" = Bonjour
    "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
    "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
    "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
    "{EE269999-1AB7-7B39-7944-513CF3426CB8}" = AMD Drag and Drop Transcoding
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
    "Microsoft Security Client" = Microsoft Security Essentials

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{010A785B-F920-4350-821B-6309909C20BB}" = THX TruStudio PC
    "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
    "{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable
    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
    "{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = AlienRespawn
    "{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
    "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
    "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
    "{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help
    "{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help
    "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 26
    "{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
    "{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
    "{31a3fa52-836b-48df-9c60-4a5021a454db}" = Nero 9 Essentials
    "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
    "{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
    "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
    "{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent
    "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
    "{417E8AF0-DAED-4807-82CD-0E4232EFA559}" = RustyHearts PWE
    "{41AA8F20-FD30-4878-9080-6D5BE575FD41}" = Dell InHome Service Agreement
    "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
    "{47E16407-05D3-4D2A-B2B9-C30700B7C2AD}" = LogMeIn Hamachi
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
    "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
    "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
    "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
    "{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
    "{5E08ECD1-C98E-4711-BF65-8FD736B3F969}" = Nero RescueAgent Help
    "{5FD89EA1-99C2-40EE-BBF5-20F8991ED756}" = Catalyst Control Center - Branding
    "{60C731FB-C951-41CE-AD41-8E54C8594609}" = Nero Disc Copy Gadget Help
    "{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner
    "{6331C6C0-3754-E910-7113-5013355C8E47}" = CCC Help English
    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
    "{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
    "{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
    "{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
    "{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help
    "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
    "{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{92482FB3-C05B-41C6-89E7-75D985602A6E}" = System Requirements Lab
    "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
    "{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
    "{95C3927C-C899-C5D8-0EA7-67895FC979B2}" = ccc-core-static
    "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
    "{A2F166A0-F031-4E27-A057-C69733219434}_is1" = Runes of Magic
    "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
    "{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = AlienRespawn - Support Software
    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
    "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
    "{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
    "{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
    "{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
    "{BA688606-4B20-4982-995E-EDADC6A6817E}" = League of Legends
    "{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
    "{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
    "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
    "{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
    "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
    "{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help
    "{CC084EC0-5F74-4A17-8635-3ED61D501643}_is1" = Flyff
    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
    "{CE96F5A5-584D-4F8F-AA3E-9BAED413DB72}" = Nero CoverDesigner Help
    "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
    "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
    "{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype¬ô 5.3
    "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
    "{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help
    "{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
    "{ED4B50B7-C06B-57FE-7985-AA83DDBEEEF5}" = Catalyst Control Center Graphics Previews Common
    "{F01A9563-2A27-6ABC-2E04-03B7873DF7E0}" = Catalyst Control Center InstallProxy
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F1861F30-3419-44DB-B2A1-C274825698B3}" = Nero Disc Copy Gadget
    "{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
    "{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
    "{F6BDD7C5-89ED-4569-9318-469AA9732572}" = Nero BurnRights Help
    "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
    "{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
    "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
    "BandiMPEG1" = Bandisoft MPEG-1 Decoder
    "Fraps" = Fraps (remove only)
    "InstallShield_{AE1E0DFB-A3D9-451C-AA7F-46FD390400D4}" = Command Center
    "LogMeIn Hamachi" = LogMeIn Hamachi
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
    "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
    "Mozilla Firefox 6.0 (x86 en-US)" = Mozilla Firefox 6.0 (x86 en-US)
    "Notepad++" = Notepad++
    "PunkBusterSvc" = PunkBuster Services
    "Runic Games Torchlight" = Torchlight
    "StarCraft II" = StarCraft II
    "Steam App 105600" = Terraria
    "Steam App 1250" = Killing Floor
    "Steam App 22330" = The Elder Scrolls IV: Oblivion
    "Steam App 24960" = Battlefield: Bad Company 2
    "Steam App 440" = Team Fortress 2
    "Steam App 57300" = Amnesia: The Dark Descent
    "Steam App 8190" = Just Cause 2
    "Steam App 8980" = Borderlands
    "Steam App 98200" = Frozen Synapse
    "WinLiveSuite" = Windows Live Essentials
    "Yahoo! Messenger" = Yahoo! Messenger
    "Yahoo! Software Update" = Yahoo! Software Update

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 8/16/2011 11:26:04 AM | Computer Name = Ben-PC | Source = SideBySide | ID = 16842785
    Description = Activation context generation failed for "C:\Windows\system32\conhost.exe".
    Dependent
    Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"
    could not be found. Please use sxstrace.exe for detailed diagnosis.

    Error - 8/16/2011 11:26:38 AM | Computer Name = Ben-PC | Source = SideBySide | ID = 16842785
    Description = Activation context generation failed for "C:\Windows\system32\conhost.exe".
    Dependent
    Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"
    could not be found. Please use sxstrace.exe for detailed diagnosis.

    Error - 8/16/2011 11:26:38 AM | Computer Name = Ben-PC | Source = SideBySide | ID = 16842785
    Description = Activation context generation failed for "C:\Windows\system32\conhost.exe".
    Dependent
    Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"
    could not be found. Please use sxstrace.exe for detailed diagnosis.

    Error - 8/16/2011 11:26:42 AM | Computer Name = Ben-PC | Source = SideBySide | ID = 16842785
    Description = Activation context generation failed for "C:\Windows\system32\conhost.exe".
    Dependent
    Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"
    could not be found. Please use sxstrace.exe for detailed diagnosis.

    Error - 8/16/2011 11:26:43 AM | Computer Name = Ben-PC | Source = SideBySide | ID = 16842785
    Description = Activation context generation failed for "C:\Windows\system32\conhost.exe".
    Dependent
    Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"
    could not be found. Please use sxstrace.exe for detailed diagnosis.

    Error - 8/16/2011 11:26:48 AM | Computer Name = Ben-PC | Source = SideBySide | ID = 16842785
    Description = Activation context generation failed for "C:\Windows\system32\conhost.exe".
    Dependent
    Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"
    could not be found. Please use sxstrace.exe for detailed diagnosis.

    Error - 8/16/2011 11:26:49 AM | Computer Name = Ben-PC | Source = SideBySide | ID = 16842785
    Description = Activation context generation failed for "C:\Windows\system32\conhost.exe".
    Dependent
    Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"
    could not be found. Please use sxstrace.exe for detailed diagnosis.

    Error - 8/16/2011 11:26:50 AM | Computer Name = Ben-PC | Source = SideBySide | ID = 16842785
    Description = Activation context generation failed for "C:\Windows\system32\conhost.exe".
    Dependent
    Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"
    could not be found. Please use sxstrace.exe for detailed diagnosis.

    Error - 8/16/2011 11:26:50 AM | Computer Name = Ben-PC | Source = SideBySide | ID = 16842785
    Description = Activation context generation failed for "C:\Windows\system32\conhost.exe".
    Dependent
    Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"
    could not be found. Please use sxstrace.exe for detailed diagnosis.

    Error - 8/16/2011 11:26:50 AM | Computer Name = Ben-PC | Source = SideBySide | ID = 16842785
    Description = Activation context generation failed for "C:\Windows\system32\conhost.exe".
    Dependent
    Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"
    could not be found. Please use sxstrace.exe for detailed diagnosis.

    [ Dell Events ]
    Error - 6/26/2011 1:56:37 AM | Computer Name = Ben-PC | Source = DataSafe | ID = 17
    Description = The process was interrupted before completion.

    Error - 8/1/2011 1:28:25 AM | Computer Name = Ben-PC | Source = DataSafe | ID = 17
    Description = The process was interrupted before completion.

    Error - 8/1/2011 1:28:25 AM | Computer Name = Ben-PC | Source = DataSafe | ID = 17
    Description = The process was interrupted before completion.

    Error - 8/2/2011 7:45:31 PM | Computer Name = Ben-PC | Source = DataSafe | ID = 17
    Description = The process was interrupted before completion.

    Error - 8/2/2011 7:45:31 PM | Computer Name = Ben-PC | Source = DataSafe | ID = 17
    Description = The process was interrupted before completion.

    Error - 8/7/2011 4:58:11 PM | Computer Name = Ben-PC | Source = DataSafe | ID = 17
    Description = The process was interrupted before completion.

    Error - 8/7/2011 4:58:11 PM | Computer Name = Ben-PC | Source = DataSafe | ID = 17
    Description = The process was interrupted before completion.

    Error - 8/22/2011 4:55:01 PM | Computer Name = Ben-PC | Source = DataSafe | ID = 17
    Description = The process was interrupted before completion.

    Error - 8/22/2011 4:55:01 PM | Computer Name = Ben-PC | Source = DataSafe | ID = 17
    Description = The process was interrupted before completion.

    Error - 8/22/2011 6:30:18 PM | Computer Name = Ben-PC | Source = DataSafe | ID = 17
    Description = The process was interrupted before completion.

    [ System Events ]
    Error - 8/16/2011 11:27:17 AM | Computer Name = Ben-PC | Source = Service Control Manager | ID = 7000
    Description = The LogMeIn Hamachi Tunneling Engine service failed to start due to
    the following error: %%1053

    Error - 8/16/2011 1:48:10 PM | Computer Name = Ben-PC | Source = bowser | ID = 8003
    Description =

    Error - 8/16/2011 3:09:00 PM | Computer Name = Ben-PC | Source = bowser | ID = 8003
    Description =

    Error - 8/18/2011 4:24:31 PM | Computer Name = Ben-PC | Source = Service Control Manager | ID = 7009
    Description = A timeout was reached (30000 milliseconds) while waiting for the Alienware
    Fusion Service service to connect.

    Error - 8/18/2011 4:24:31 PM | Computer Name = Ben-PC | Source = Service Control Manager | ID = 7000
    Description = The Alienware Fusion Service service failed to start due to the following
    error: %%1053

    Error - 8/19/2011 4:41:29 PM | Computer Name = Ben-PC | Source = Service Control Manager | ID = 7009
    Description = A timeout was reached (30000 milliseconds) while waiting for the Alienware
    Fusion Service service to connect.

    Error - 8/19/2011 4:41:29 PM | Computer Name = Ben-PC | Source = Service Control Manager | ID = 7000
    Description = The Alienware Fusion Service service failed to start due to the following
    error: %%1053

    Error - 8/22/2011 11:08:27 PM | Computer Name = Ben-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
    Description = Installation Failure: Windows failed to install the following update
    with error 0x80070643: Security Update for Microsoft .NET Framework 4 on Windows
    XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows
    Server 2008 R2 for x64-based Systems (KB2539636).

    Error - 8/22/2011 11:19:53 PM | Computer Name = Ben-PC | Source = Microsoft Antimalware | ID = 3002
    Description = %%860 Real-Time Protection feature has encountered an error and failed.

    Feature:
    %%835 Error Code: 0x80004005 Error description: Unspecified error Reason: %%842

    Error - 8/23/2011 3:57:15 PM | Computer Name = Ben-PC | Source = Microsoft Antimalware | ID = 3002
    Description = %%860 Real-Time Protection feature has encountered an error and failed.

    Feature:
    %%835 Error Code: 0x80004005 Error description: Unspecified error Reason: %%842


    < End of report >
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1013849