not sure if i posted this in correct place

View previous topic View next topic Go down

not sure if i posted this in correct place

Post by ganjiry on Thu 02 Sep 2010, 10:57 pm

hi all @ GeekPolice. sorry if i have posted this in wrong place. im in need of ur hlp again plz. 4 the last few days ive been getting these probs. my processor is going crazy(using more than usual) everytime i log on or off i get messege please wait for user profile services/ and please wait for group management. unexpected shut downs where i get a quick blue screen then comp restarts. side bar gadgets/ windows desktop failing. ive tried evrything i can think of 2 fix it but no success. ie. malwarebytes advanced systemcare. stopzilla. any help will b greatly appreciated plz. here are the otl logs..................................................................OTL logfile created on: 02/09/2010 12:15:08 - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\ryan\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 52.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 79.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 286.27 Gb Total Space | 33.34 Gb Free Space | 11.65% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 6.96 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 5.57 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 3.20 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive H: | 6.96 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
I: Drive not present or media not loaded

Computer Name: RYAN-PC
Current User Name: ryan
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/09/02 12:12:44 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\ryan\Desktop\OTL.com
PRC - [2010/08/27 21:28:02 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010/05/31 12:18:16 | 000,323,976 | ---- | M] (BillP Studios) -- C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2010/05/14 11:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2010/04/01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010/04/01 10:16:12 | 000,275,776 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
PRC - [2010/03/20 13:46:00 | 000,177,600 | R--- | M] (iS3, Inc.) -- c:\Program Files (x86)\STOPzilla!\STOPzilla.exe
PRC - [2010/03/20 13:45:58 | 000,120,256 | R--- | M] (iS3, Inc.) -- c:\Program Files (x86)\Common Files\iS3\Anti-Spyware\SZTargetUpdate.Exe
PRC - [2010/03/18 16:59:36 | 000,057,344 | R--- | M] (iS3, Inc.) -- c:\Program Files (x86)\Common Files\iS3\Anti-Spyware\SZServer.exe
PRC - [2010/02/26 01:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\ccsvchst.exe
PRC - [2009/08/21 01:26:02 | 000,262,912 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
PRC - [2009/08/21 01:25:50 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
PRC - [2009/07/04 02:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
PRC - [2009/06/05 03:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/05 03:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009/06/04 14:04:50 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
PRC - [2008/12/08 16:16:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
PRC - [2007/04/30 19:43:54 | 003,450,608 | ---- | M] (Stardock) -- C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe


========== Modules (SafeList) ==========

MOD - [2010/09/02 12:12:44 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\ryan\Desktop\OTL.com
MOD - [2009/07/14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009/07/14 02:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA)
SRV:64bit: - File not found [On_Demand | Stopped] -- C:\Windows\SysNative\GameMon.des -- (npggsvc)
SRV:64bit: - [2009/08/18 12:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV:64bit: - [2009/08/05 22:30:58 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/04 02:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe -- (Updater Service)
SRV - [2010/08/27 21:28:02 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/08/26 12:31:27 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/05/14 11:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2010/03/18 16:59:36 | 000,057,344 | R--- | M] (iS3, Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\iS3\Anti-Spyware\SZServer.exe -- (szserver)
SRV - [2010/03/18 14:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/26 01:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\ccSvcHst.exe -- (N360)
SRV - [2010/02/10 18:07:00 | 003,458,548 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)
SRV - [2009/11/05 03:17:40 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/08/21 01:25:50 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009/06/05 03:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2009/06/04 14:04:50 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2008/12/08 16:16:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0)
SRV - [2007/12/17 23:00:00 | 000,163,840 | ---- | M] (SEIKO EPSON CORPORATION) [On_Demand | Stopped] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE -- (EPSON_EB_RPCV4_01) EPSON V5 Service4(01)
SRV - [2007/01/11 23:02:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [On_Demand | Stopped] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\RtsUCcid.sys -- (USBCCID)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\N360x64\0308000.029\SYMNDISV.SYS -- (SYMNDISV)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\N360x64\0308000.029\SYMFW.SYS -- (SYMFW)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\Rts516xIR.sys -- (RtsUIR)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\npptNT2.sys -- (NPPTNT2)
DRV:64bit: - File not found [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\ctredr15.sys -- (ctredr15.sys)
DRV:64bit: - [2010/05/26 10:39:08 | 000,006,144 | ---- | M] (Sophos Plc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\381.tmp -- (MEMSWEEP2)
DRV:64bit: - [2010/05/06 05:01:59 | 000,451,120 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symtdiv.sys -- (SYMTDIv)
DRV:64bit: - [2010/04/29 06:03:51 | 000,150,064 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\ironx64.sys -- (SymIRON)
DRV:64bit: - [2010/04/26 22:15:00 | 000,828,912 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/04/22 04:02:20 | 000,221,232 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symefa64.sys -- (SymEFA)
DRV:64bit: - [2010/04/22 03:29:51 | 000,505,392 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2010/04/22 03:29:51 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2010/03/17 19:26:51 | 000,173,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2010/02/26 01:22:52 | 000,615,040 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\cchpx64.sys -- (ccHP)
DRV:64bit: - [2010/01/28 15:25:02 | 000,086,120 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009/12/22 17:05:40 | 000,034,152 | R--- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/10/15 04:50:05 | 000,433,200 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symds64.sys -- (SymDS)
DRV:64bit: - [2009/09/17 21:12:06 | 000,292,912 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/09/15 21:40:42 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Intel(R)
DRV:64bit: - [2009/09/11 13:49:18 | 000,076,552 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:64bit: - [2009/09/11 13:49:08 | 000,015,880 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:64bit: - [2009/09/11 13:48:46 | 000,041,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:64bit: - [2009/09/11 13:48:36 | 000,026,248 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:64bit: - [2009/08/11 21:59:50 | 000,686,080 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2009/07/14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/20 12:35:00 | 000,317,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:64bit: - [2009/06/20 03:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20)
DRV:64bit: - [2009/06/10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009/06/10 21:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/05 02:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/06/05 01:46:50 | 000,216,064 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/05/25 04:57:42 | 000,243,760 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009/05/06 00:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009/05/06 00:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2009/03/02 15:00:46 | 000,118,888 | ---- | M] (Rocket Division Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\StarPortLite.sys -- (StarPortLite) StarPort Storage Controller (Lite)
DRV:64bit: - [2009/02/03 16:46:14 | 000,077,952 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sfsync04.sys -- (sfsync04) StarForce Protection Synchronization Driver (version 4.x)
DRV:64bit: - [2009/02/03 16:40:13 | 000,077,432 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sfdrv01a.sys -- (sfdrv01a) StarForce Protection Environment Driver (version 1.x.a)
DRV:64bit: - [2008/07/04 15:33:32 | 000,115,072 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2008/06/16 04:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2007/04/03 13:59:28 | 000,130,312 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s616unic.sys -- (s616unic) Sony Ericsson Device 616 USB Ethernet Emulation SEMC616 (WDM)
DRV:64bit: - [2007/04/03 13:59:26 | 000,123,656 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s616obex.sys -- (s616obex)
DRV:64bit: - [2007/04/03 13:59:24 | 000,126,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s616mgmt.sys -- (s616mgmt) Sony Ericsson Device 616 USB WMC Device Management Drivers (WDM)
DRV:64bit: - [2007/04/03 13:59:22 | 000,144,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s616mdm.sys -- (s616mdm)
DRV:64bit: - [2007/04/03 13:59:22 | 000,019,720 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s616mdfl.sys -- (s616mdfl)
DRV:64bit: - [2007/04/03 13:59:20 | 000,108,296 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s616bus.sys -- (s616bus) Sony Ericsson Device 616 driver (WDM)
DRV:64bit: - [2006/06/14 15:58:10 | 000,014,192 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2010/08/26 13:50:05 | 001,791,536 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20100901.039\EX64.SYS -- (NAVEX15)
DRV - [2010/08/26 13:50:05 | 000,132,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/08/26 13:50:05 | 000,117,808 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20100901.039\ENG64.SYS -- (NAVENG)
DRV - [2010/08/10 02:11:04 | 000,945,200 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20100810.004\BHDrvx64.sys -- (BHDrvx64)
DRV - [2010/05/28 20:33:18 | 000,463,408 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20100830.002\IDSviA64.sys -- (IDSVia64)
DRV - [2010/05/27 08:39:52 | 000,475,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2010/01/15 17:22:22 | 000,074,768 | R--- | M] (iS3 Inc.) [Kernel | Boot | Running] -- C:\Windows\SySWOW64\DRIVERS\szkg64.sys -- (szkg5)
DRV - [2010/01/15 17:22:22 | 000,074,768 | R--- | M] (iS3 Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SySWOW64\drivers\is3srv64.sys -- (is3srv)
DRV - [2005/01/03 16:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\URLSearchHook: {D3F669EB-57CE-4f45-8FBD-E245CBB46366} - C:\Program Files (x86)\STOPzilla!\Toolbar\SZIESearchHook.dll (iS3 Inc.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\{780044d1-e8c0-488f-8059-4522ddbfc2ea}: C:\Program Files (x86)\Stopzilla!\Toolbar\Extension [2009/12/22 17:21:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2010/05/26 08:32:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\ [2010/03/17 22:10:43 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2009/12/22 17:22:06 | 000,000,860 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (ZILLAbar Browser Helper Object) - {1827766B-9F49-4854-8034-F6EE26FCB1EC} - C:\Program Files (x86)\STOPzilla!\Toolbar\SZSG.dll (iS3, Inc)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (STOPzilla Browser Helper Object) - {E3215F20-3212-11D6-9F8B-00D0B743919D} - c:\Program Files (x86)\STOPzilla!\SZIEBHO.dll (iS3, Inc.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (STOPzilla) - {98828DED-A591-462F-83BA-D2F62A68B8B8} - C:\Program Files (x86)\STOPzilla!\Toolbar\SZSG.dll (iS3, Inc)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - Startup: C:\Users\ryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe (Stardock)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_21)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} [You must be registered and logged in to see this link.] (System Requirements Lab Class)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} [You must be registered and logged in to see this link.] (Checkers Class)
O16 - DPF: {38AB6A6C-CC4C-4F9E-A3DD-3C5681EF18A1} [You must be registered and logged in to see this link.] (SonyOnlineInstallerX)
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} [You must be registered and logged in to see this link.] (MUCatalogWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} [You must be registered and logged in to see this link.] (Reg Error: Value error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_20)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} [You must be registered and logged in to see this link.] (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_20)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} [You must be registered and logged in to see this link.] (Reg Error: Value error.)
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} [You must be registered and logged in to see this link.] (Reg Error: Value error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [You must be registered and logged in to see this link.] (Reg Error: Value error.)
O16 - DPF: CabBuilder [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/29 03:01:24 | 000,000,047 | R--- | M] () - E:\Autorun.inf -- [ UDF ]
O32 - AutoRun File - [2009/07/07 11:14:20 | 000,193,816 | R--- | M] (CAPCOM CO., LTD.) - E:\autorun.exe -- [ UDF ]
O32 - AutoRun File - [2010/08/24 15:48:06 | 000,000,058 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2008/07/16 01:53:55 | 000,000,142 | R--- | M] () - H:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{13865012-a461-11df-bd9f-00262d62b60b}\Shell - "" = AutoRun
O33 - MountPoints2\{13865012-a461-11df-bd9f-00262d62b60b}\Shell\AutoRun\command - "" = F:\Setup.exe -- [2010/08/24 15:48:06 | 000,604,075 | R--- | M] (2K Games )
O33 - MountPoints2\{32f7e015-ef4c-11de-9a5c-0026c6258be0}\Shell - "" = AutoRun
O33 - MountPoints2\{32f7e015-ef4c-11de-9a5c-0026c6258be0}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe -- File not found
O33 - MountPoints2\{32f7e018-ef4c-11de-9a5c-0026c6258be0}\Shell - "" = AutoRun
O33 - MountPoints2\{32f7e018-ef4c-11de-9a5c-0026c6258be0}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe -- File not found
O33 - MountPoints2\{94a4563a-a783-11df-9661-00262d62b60b}\Shell - "" = AutoRun
O33 - MountPoints2\{94a4563a-a783-11df-9661-00262d62b60b}\Shell\AutoRun\command - "" = H:\Setup\rsrc\AUTORUN.EXE -- [2007/08/16 02:55:00 | 000,051,048 | R--- | M] (Activision)
O33 - MountPoints2\{94a4563a-a783-11df-9661-00262d62b60b}\Shell\dinstall\command - "" = H:\DirectX\DXSETUP.exe -- [2008/05/30 23:34:50 | 000,528,392 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{b608481f-a216-11df-8887-00262d62b60b}\Shell - "" = AutoRun
O33 - MountPoints2\{b608481f-a216-11df-8887-00262d62b60b}\Shell\AutoRun\command - "" = E:\autorun.exe -- [2009/07/07 11:14:20 | 000,193,816 | R--- | M] (CAPCOM CO., LTD.)
O33 - MountPoints2\{c08d6f3b-8cd7-11df-ace2-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{c08d6f3b-8cd7-11df-ace2-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe -- [2009/07/07 11:14:20 | 000,193,816 | R--- | M] (CAPCOM CO., LTD.)
O33 - MountPoints2\{d1c738af-ef2b-11de-afc9-0026c6258be0}\Shell - "" = AutoRun
O33 - MountPoints2\{d1c738af-ef2b-11de-afc9-0026c6258be0}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe -- File not found
O33 - MountPoints2\{d1c738de-ef2b-11de-afc9-0026c6258be0}\Shell - "" = AutoRun
O33 - MountPoints2\{d1c738de-ef2b-11de-afc9-0026c6258be0}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe -- File not found
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found


MsConfig:64bit - StartUpReg: Start WingMan Profiler - hkey= - key= - C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
MsConfig:64bit - StartUpReg: Steam - hkey= - key= - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
MsConfig:64bit - StartUpReg: uTorrent - hkey= - key= - C:\Program Files (x86)\uTorrent\uTorrent.exe File not found
MsConfig:64bit - State: "startup" - Reg Error: Key error.
MsConfig:64bit - State: "bootini" - Reg Error: Key error.

ganjiry

Rookie Surfer
Rookie Surfer

Posts : 61
Joined : 2010-05-10
Operating System : windows7

View user profile

Back to top Go down

Re: not sure if i posted this in correct place

Post by ganjiry on Thu 02 Sep 2010, 11:00 pm

second part of first log...................afeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PEVSystemStart - Service
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: procexp90.Sys - Driver
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: SymEFA.sys - C:\Windows\SysNative\drivers\N360x64\0402000.00C\symefa64.sys (Symantec Corporation)
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - Service
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: hitmanpro35 - Reg Error: Value error.
SafeBootNet:64bit: hitmanpro35.sys - Reg Error: Value error.
SafeBootNet:64bit: HitmanPro35Crusader - Reg Error: Value error.
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PEVSystemStart - Service
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: procexp90.Sys - Driver
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: SymEFA.sys - C:\Windows\SysNative\drivers\N360x64\0402000.00C\symefa64.sys (Symantec Corporation)
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: hitmanpro35 - Reg Error: Value error.
SafeBootNet: hitmanpro35.sys - Reg Error: Value error.
SafeBootNet: HitmanPro35Crusader - Reg Error: Value error.
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - Service
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 8.0
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 8.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.XFR1 - xfcodec64.dll ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2010/09/02 12:12:44 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\ryan\Desktop\OTL.com
[2010/09/02 11:41:00 | 000,183,296 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe
[2010/09/02 11:41:00 | 000,165,888 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe
[2010/09/02 11:41:00 | 000,165,888 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe
[2010/09/02 11:40:44 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/09/02 11:10:18 | 016,127,776 | ---- | C] (Sun Microsystems, Inc.) -- C:\Users\ryan\Desktop\jre-6u21-windows-x64.exe
[2010/09/01 19:49:06 | 000,000,000 | ---D | C] -- C:\Users\ryan\Documents\CAPCOM
[2010/09/01 19:11:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CAPCOM
[2010/09/01 10:37:24 | 000,000,000 | ---D | C] -- C:\Users\ryan\AppData\Roaming\Tunngle
[2010/09/01 10:37:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Tunngle
[2010/09/01 10:37:15 | 000,031,232 | ---- | C] (Tunngle.net) -- C:\Windows\SysNative\drivers\tap0901t.sys
[2010/09/01 10:37:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tunngle
[2010/08/31 20:10:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2010/08/31 19:49:05 | 000,000,000 | ---D | C] -- C:\Users\ryan\AppData\Local\2K Games
[2010/08/31 19:36:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\2K Games
[2010/08/31 18:17:24 | 000,000,000 | ---D | C] -- C:\Users\ryan\AppData\Roaming\TweakNow RegCleaner
[2010/08/31 18:17:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TweakNow RegCleaner
[2010/08/30 21:13:42 | 000,000,000 | ---D | C] -- C:\Users\ryan\AppData\Roaming\SEGA Corporation
[2010/08/30 21:13:40 | 000,000,000 | ---D | C] -- C:\ProgramData\SEGA Corporation
[2010/08/29 21:49:30 | 000,000,000 | ---D | C] -- C:\Users\ryan\AppData\Local\Activision
[2010/08/25 17:53:03 | 000,000,000 | ---D | C] -- C:\Users\ryan\AppData\Roaming\Easeware
[2010/08/25 00:01:49 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2010/08/23 02:15:21 | 000,000,000 | ---D | C] -- C:\Users\ryan\Documents\Codemasters
[2010/08/23 01:08:56 | 000,000,000 | ---D | C] -- C:\ProgramData\THQ
[2010/08/20 09:08:46 | 000,000,000 | ---D | C] -- C:\Users\ryan\AppData\Roaming\Soluto
[2010/08/19 23:38:18 | 000,000,000 | ---D | C] -- C:\Users\ryan\AppData\Roaming\Ubisoft
[2010/08/18 23:00:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Codemasters
[2010/08/18 22:42:24 | 000,839,680 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\mkl_vml_p4.dll
[2010/08/18 22:42:24 | 000,532,480 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\mkl_vml_p3.dll
[2010/08/18 22:42:24 | 000,512,000 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\mkl_vml_def.dll
[2010/08/18 22:42:23 | 003,485,696 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\mkl_p4.dll
[2010/08/18 22:42:23 | 002,793,472 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\mkl_p3.dll
[2010/08/18 22:42:22 | 002,441,216 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\mkl_def.dll
[2010/08/18 22:42:22 | 002,174,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\mkl_lapack32.dll
[2010/08/18 22:42:22 | 002,125,824 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\mkl_lapack64.dll
[2010/08/18 22:42:22 | 000,872,448 | ---- | C] (Blue Ripple Sound Limited) -- C:\Windows\SysWow64\rapture3d_oal.dll
[2010/08/18 22:42:22 | 000,184,320 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\libguide40.dll
[2010/08/18 22:42:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BRS
[2010/08/18 22:23:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Codemasters
[2010/08/18 17:18:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Soluto
[2010/08/18 16:53:54 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010/08/16 17:43:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\City Interactive
[2010/08/14 19:31:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NovaLogic
[2010/08/10 20:17:36 | 005,507,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010/08/10 20:17:35 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2010/08/10 20:17:35 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2010/08/10 20:17:30 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010/08/10 20:17:30 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010/08/10 20:17:30 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010/08/10 20:17:30 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010/08/10 20:17:30 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010/08/10 20:17:30 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010/08/10 20:17:22 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2010/08/10 20:17:22 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[2010/08/10 20:17:20 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2010/08/10 16:16:27 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images
[2010/08/08 00:49:14 | 000,000,000 | ---D | C] -- C:\Users\ryan\AppData\Local\storage
[2010/08/07 23:59:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Toolbar
[2010/08/07 23:59:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2010/08/07 23:58:43 | 000,000,000 | ---D | C] -- C:\Users\ryan\AppData\Roaming\DAEMON Tools Lite
[2010/08/07 23:58:40 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010/08/07 23:17:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alcohol Soft
[2010/08/07 16:57:00 | 000,000,000 | ---D | C] -- C:\Users\ryan\AppData\Roaming\IGN_DLM
[2009/08/22 07:08:27 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe
[5 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[10 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/09/02 12:15:37 | 000,011,928 | ---- | M] () -- C:\Windows\SysNative\drivers\kgpcpy.cfg
[2010/09/02 12:15:12 | 004,456,448 | -HS- | M] () -- C:\Users\ryan\ntuser.dat
[2010/09/02 12:12:44 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\ryan\Desktop\OTL.com
[2010/09/02 11:53:02 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-960824132-2242764314-4250865621-1001UA.job
[2010/09/02 11:40:46 | 000,468,480 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll
[2010/09/02 11:40:46 | 000,183,296 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe
[2010/09/02 11:40:46 | 000,165,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe
[2010/09/02 11:40:46 | 000,165,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe
[2010/09/02 11:24:47 | 000,000,208 | ---- | M] () -- C:\Users\ryan\Desktop\RESIDENT EVIL 5.lnk
[2010/09/02 11:11:08 | 016,127,776 | ---- | M] (Sun Microsystems, Inc.) -- C:\Users\ryan\Desktop\jre-6u21-windows-x64.exe
[2010/09/02 07:44:47 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/09/02 07:44:47 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/09/02 07:37:28 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/09/02 07:36:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/09/02 07:36:49 | 3217,235,968 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/02 00:12:13 | 003,162,104 | -H-- | M] () -- C:\Users\ryan\AppData\Local\IconCache.db
[2010/09/01 19:53:01 | 000,000,850 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-960824132-2242764314-4250865621-1001Core.job
[2010/09/01 18:03:03 | 000,111,928 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010/09/01 17:26:13 | 000,000,410 | ---- | M] () -- C:\Windows\tasks\AWC Update.job
[2010/09/01 16:24:01 | 000,081,552 | ---- | M] () -- C:\Users\ryan\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/09/01 16:17:39 | 000,350,968 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/09/01 16:11:19 | 000,007,597 | ---- | M] () -- C:\Users\ryan\AppData\Local\Resmon.ResmonCfg
[2010/09/01 08:53:03 | 000,019,528 | ---- | M] () -- C:\Windows\SysNative\drivers\hitmanpro35.sys
[2010/09/01 00:07:35 | 000,001,239 | ---- | M] () -- C:\Users\ryan\Desktop\Mafia II.lnk
[2010/08/31 18:17:27 | 000,001,106 | ---- | M] () -- C:\Users\Public\Desktop\TweakNow RegCleaner.lnk
[2010/08/31 12:05:09 | 000,000,430 | ---- | M] () -- C:\Windows\SysNative\.crusader
[2010/08/31 11:57:52 | 000,001,507 | ---- | M] () -- C:\Users\ryan\Desktop\HitmanPro35_x64 - Shortcut.lnk
[2010/08/30 15:36:11 | 000,000,232 | ---- | M] () -- C:\Users\ryan\Desktop\Call of Duty® World at War.lnk
[2010/08/29 20:50:26 | 000,682,280 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe
[2010/08/28 16:23:18 | 000,001,257 | ---- | M] () -- C:\Users\ryan\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare.lnk
[2010/08/28 13:23:36 | 000,000,632 | RHS- | M] () -- C:\Users\ryan\ntuser.pol
[2010/08/27 21:28:02 | 000,066,872 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010/08/26 23:27:59 | 000,524,288 | -HS- | M] () -- C:\Users\ryan\ntuser.dat{cf93b617-b0f5-11df-af27-00262d62b60b}.TMContainer00000000000000000002.regtrans-ms
[2010/08/26 23:27:59 | 000,524,288 | -HS- | M] () -- C:\Users\ryan\ntuser.dat{cf93b617-b0f5-11df-af27-00262d62b60b}.TMContainer00000000000000000001.regtrans-ms
[2010/08/26 23:27:59 | 000,065,536 | -HS- | M] () -- C:\Users\ryan\ntuser.dat{cf93b617-b0f5-11df-af27-00262d62b60b}.TM.blf
[2010/08/25 14:38:46 | 000,001,273 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio 2010 Advanced.lnk
[2010/08/23 11:14:00 | 000,001,108 | ---- | M] () -- C:\Users\ryan\Application Data\Microsoft\Internet Explorer\Quick Launch\Game Booster.lnk
[2010/08/23 11:14:00 | 000,001,092 | ---- | M] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2010/08/23 11:14:00 | 000,001,084 | ---- | M] () -- C:\Users\Public\Desktop\Game Booster.lnk
[2010/08/23 10:51:33 | 000,000,198 | ---- | M] () -- C:\Users\ryan\Desktop\DiRT2.lnk
[2010/08/23 10:51:11 | 000,000,196 | ---- | M] () -- C:\Users\ryan\Desktop\GRID.lnk
[2010/08/23 09:00:46 | 000,002,026 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/08/21 20:59:23 | 000,000,736 | ---- | M] () -- C:\Windows\SysWow64\drivers\kgpcpy.cfg
[2010/08/20 11:07:27 | 000,000,193 | ---- | M] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2010/08/19 23:54:40 | 000,001,278 | ---- | M] () -- C:\Users\ryan\Desktop\AssassinsCreedIIGame - Shortcut.lnk
[2010/08/19 13:02:46 | 000,466,520 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2010/08/19 13:02:46 | 000,445,016 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2010/08/19 13:02:46 | 000,122,968 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2010/08/19 13:02:46 | 000,109,144 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2010/08/18 19:07:10 | 002,434,856 | ---- | M] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2010/08/16 17:56:55 | 000,002,240 | ---- | M] () -- C:\Users\Public\Desktop\Sniper Ghost Warrior.lnk
[2010/08/15 21:07:52 | 000,001,219 | ---- | M] () -- C:\Users\ryan\Desktop\Play Call of Duty Modern Warfare 2 Singleplayer.lnk
[2010/08/14 23:11:50 | 000,524,288 | -HS- | M] () -- C:\Users\ryan\ntuser.dat{2d63d415-a7ee-11df-9fad-caf567472e33}.TMContainer00000000000000000002.regtrans-ms
[2010/08/14 23:11:50 | 000,524,288 | -HS- | M] () -- C:\Users\ryan\ntuser.dat{2d63d415-a7ee-11df-9fad-caf567472e33}.TMContainer00000000000000000001.regtrans-ms
[2010/08/14 23:11:50 | 000,065,536 | -HS- | M] () -- C:\Users\ryan\ntuser.dat{2d63d415-a7ee-11df-9fad-caf567472e33}.TM.blf
[2010/08/14 15:05:51 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/08/14 15:05:51 | 000,628,460 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/08/14 15:05:51 | 000,110,612 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/08/12 19:23:29 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010/08/08 00:48:01 | 000,000,556 | ---- | M] () -- C:\Users\ryan\Desktop\SKIDROW - Shortcut.lnk
[2010/08/07 23:59:11 | 000,001,962 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010/08/07 23:33:01 | 000,000,124 | ---- | M] () -- C:\Users\ryan\Documents\ax_files.xml
[2010/08/04 00:06:49 | 000,002,700 | ---- | M] () -- C:\Users\ryan\Documents\cc_20100804_000610.reg
[5 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[10 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/09/02 11:24:47 | 000,000,208 | ---- | C] () -- C:\Users\ryan\Desktop\RESIDENT EVIL 5.lnk
[2010/09/02 07:37:51 | 000,011,928 | ---- | C] () -- C:\Windows\SysNative\drivers\kgpcpy.cfg
[2010/09/01 00:07:35 | 000,001,239 | ---- | C] () -- C:\Users\ryan\Desktop\Mafia II.lnk
[2010/08/31 18:17:27 | 000,001,106 | ---- | C] () -- C:\Users\Public\Desktop\TweakNow RegCleaner.lnk
[2010/08/31 12:05:09 | 000,000,430 | ---- | C] () -- C:\Windows\SysNative\.crusader
[2010/08/31 11:57:52 | 000,001,507 | ---- | C] () -- C:\Users\ryan\Desktop\HitmanPro35_x64 - Shortcut.lnk
[2010/08/30 15:36:11 | 000,000,232 | ---- | C] () -- C:\Users\ryan\Desktop\Call of Duty® World at War.lnk
[2010/08/28 16:23:18 | 000,001,257 | ---- | C] () -- C:\Users\ryan\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare.lnk
[2010/08/26 11:07:06 | 000,524,288 | -HS- | C] () -- C:\Users\ryan\ntuser.dat{cf93b617-b0f5-11df-af27-00262d62b60b}.TMContainer00000000000000000002.regtrans-ms
[2010/08/26 11:07:06 | 000,524,288 | -HS- | C] () -- C:\Users\ryan\ntuser.dat{cf93b617-b0f5-11df-af27-00262d62b60b}.TMContainer00000000000000000001.regtrans-ms
[2010/08/26 11:07:06 | 000,065,536 | -HS- | C] () -- C:\Users\ryan\ntuser.dat{cf93b617-b0f5-11df-af27-00262d62b60b}.TM.blf
[2010/08/25 14:38:46 | 000,001,273 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio 2010 Advanced.lnk
[2010/08/23 11:14:00 | 000,001,108 | ---- | C] () -- C:\Users\ryan\Application Data\Microsoft\Internet Explorer\Quick Launch\Game Booster.lnk
[2010/08/23 11:14:00 | 000,001,092 | ---- | C] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2010/08/23 11:14:00 | 000,001,084 | ---- | C] () -- C:\Users\Public\Desktop\Game Booster.lnk
[2010/08/23 10:51:33 | 000,000,198 | ---- | C] () -- C:\Users\ryan\Desktop\DiRT2.lnk
[2010/08/23 10:51:11 | 000,000,196 | ---- | C] () -- C:\Users\ryan\Desktop\GRID.lnk
[2010/08/21 20:59:22 | 000,000,736 | ---- | C] () -- C:\Windows\SysWow64\drivers\kgpcpy.cfg
[2010/08/20 01:12:48 | 000,000,410 | ---- | C] () -- C:\Windows\tasks\AWC Update.job
[2010/08/19 23:54:40 | 000,001,278 | ---- | C] () -- C:\Users\ryan\Desktop\AssassinsCreedIIGame - Shortcut.lnk
[2010/08/18 17:20:51 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2010/08/16 17:56:55 | 000,002,240 | ---- | C] () -- C:\Users\Public\Desktop\Sniper Ghost Warrior.lnk
[2010/08/15 21:07:52 | 000,001,219 | ---- | C] () -- C:\Users\ryan\Desktop\Play Call of Duty Modern Warfare 2 Singleplayer.lnk
[2010/08/14 22:52:45 | 000,524,288 | -HS- | C] () -- C:\Users\ryan\ntuser.dat{2d63d415-a7ee-11df-9fad-caf567472e33}.TMContainer00000000000000000002.regtrans-ms
[2010/08/14 22:52:45 | 000,524,288 | -HS- | C] () -- C:\Users\ryan\ntuser.dat{2d63d415-a7ee-11df-9fad-caf567472e33}.TMContainer00000000000000000001.regtrans-ms
[2010/08/14 22:52:45 | 000,065,536 | -HS- | C] () -- C:\Users\ryan\ntuser.dat{2d63d415-a7ee-11df-9fad-caf567472e33}.TM.blf
[2010/08/08 00:48:01 | 000,000,556 | ---- | C] () -- C:\Users\ryan\Desktop\SKIDROW - Shortcut.lnk
[2010/08/07 23:59:11 | 000,001,962 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010/08/07 23:30:03 | 000,000,124 | ---- | C] () -- C:\Users\ryan\Documents\ax_files.xml
[2010/08/04 00:06:16 | 000,002,700 | ---- | C] () -- C:\Users\ryan\Documents\cc_20100804_000610.reg
[2010/07/14 12:51:51 | 000,000,096 | -HS- | C] () -- C:\Windows\WSYS049.SYS
[2010/06/12 20:45:01 | 000,000,151 | ---- | C] () -- C:\Windows\PhotoSnapViewer.INI
[2010/05/08 18:24:13 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2010/04/02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010/03/28 18:54:11 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI
[2010/03/27 16:59:55 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2010/02/16 00:03:51 | 000,000,682 | ---- | C] () -- C:\Windows\wininit.ini
[2010/02/07 14:17:00 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/02/02 22:55:55 | 000,007,597 | ---- | C] () -- C:\Users\ryan\AppData\Local\Resmon.ResmonCfg
[2010/02/01 21:30:12 | 000,000,000 | ---- | C] () -- C:\Users\ryan\AppData\Roaming\wklnhst.dat
[2010/01/08 20:07:41 | 000,000,982 | ---- | C] () -- C:\Windows\SOFPLAT.ini
[2009/12/24 21:18:40 | 000,069,632 | R--- | C] () -- C:\Windows\SysWow64\xmltok.dll
[2009/12/24 21:18:40 | 000,036,864 | R--- | C] () -- C:\Windows\SysWow64\xmlparse.dll
[2009/12/23 23:03:35 | 000,004,608 | ---- | C] () -- C:\Users\ryan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/05 10:45:39 | 000,001,590 | ---- | C] () -- C:\Windows\WPatchProgress.ini
[2009/11/05 03:23:44 | 000,000,033 | ---- | C] () -- C:\Windows\LaunApp.ini
[2009/08/22 07:07:42 | 000,776,614 | ---- | C] () -- C:\Program Files (x86)\Common Files\packardbell.ico
[2009/08/16 07:27:29 | 000,872,448 | ---- | C] () -- C:\Windows\iconv.dll
[2009/08/16 07:27:29 | 000,743,424 | ---- | C] () -- C:\Windows\libxml2.dll
[2009/08/16 07:27:26 | 000,000,189 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2009/08/16 07:27:26 | 000,000,168 | ---- | C] () -- C:\Windows\WisLangCode.ini
[2009/08/16 07:27:26 | 000,000,147 | ---- | C] () -- C:\Windows\WisPriority.ini
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

========== Custom Scans ==========


< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[10 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\*.exe /lockedfiles >
[10 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.sys >
[2004/04/23 15:26:44 | 000,033,216 | ---- | M] (Logitech, Inc.) -- C:\Windows\SysWOW64\LFLoad.sys
[2005/01/03 16:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) -- C:\Windows\SysWOW64\npptNT2.sys
[10 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.dll >

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >

< %SYSTEMDRIVE%\*.* >
[2009/07/14 02:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2009/07/27 21:40:53 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010/09/02 07:36:49 | 3217,235,968 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/02 07:36:50 | 4289,650,688 | -HS- | M] () -- C:\pagefile.sys
[2009/10/28 17:59:36 | 000,004,140 | RHS- | M] () -- C:\Patch.rev
[2009/12/22 16:56:25 | 000,000,224 | RHS- | M] () -- C:\Preload.rev
[2010/01/30 20:44:47 | 000,000,158 | ---- | M] () -- C:\X-Plane Installer.prf

< %PROGRAMFILES%\*. >
[2010/08/31 19:36:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\2K Games
[2010/03/27 17:02:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ABBYY FineReader 6.0 Sprint
[2010/08/29 20:36:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Activision
[2010/06/01 18:32:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2010/06/08 14:35:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Ahead
[2010/08/07 23:33:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Alcohol Soft
[2010/07/13 10:14:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\America's Army
[2010/09/02 11:29:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Ashampoo
[2010/06/02 20:14:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\BillP Studios
[2010/08/26 11:05:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bonjour
[2010/08/18 22:42:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\BRS
[2010/09/01 19:11:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CAPCOM
[2010/08/26 11:05:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CCleaner
[2010/08/16 17:43:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\City Interactive
[2010/08/23 01:43:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Codemasters
[2010/09/02 11:59:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2010/05/18 11:39:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Conduit
[2010/08/26 11:05:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DAEMON Tools Lite
[2010/08/07 23:59:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DAEMON Tools Toolbar
[2010/04/12 13:16:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\dumps
[2010/08/24 20:32:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Eidos
[2010/08/17 06:18:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\epson
[2010/08/26 11:05:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\GameSpy Arcade
[2010/09/02 11:41:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google
[2010/07/24 15:55:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ijji
[2010/08/30 20:43:24 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2009/08/16 06:45:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel
[2010/08/11 02:01:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2010/08/23 11:13:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\IObit
[2010/04/17 09:32:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
[2010/05/11 17:43:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Kontiki
[2010/02/27 00:49:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Launch Manager
[2009/12/23 23:17:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Logitech
[2010/05/25 20:58:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft
[2010/02/06 02:50:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2009/08/22 07:00:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2010/02/28 01:02:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
[2010/09/02 12:07:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2009/11/05 03:20:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2009/12/22 18:44:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Sync Framework
[2010/08/26 11:05:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Works
[2010/06/25 10:01:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2009/07/14 06:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2010/02/05 20:31:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSN Games
[2009/12/23 01:48:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSXML 4.0
[2010/06/08 16:05:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Nero
[2010/08/23 01:14:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Netdevil
[2009/08/22 07:23:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NewTech Infosystems
[2009/12/22 17:05:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Norton 360
[2010/02/11 17:40:17 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Norton Support
[2010/06/14 12:22:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NortonInstaller
[2010/08/14 19:31:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NovaLogic
[2010/08/31 20:10:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NVIDIA Corporation
[2010/02/04 18:33:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Oberon Media
[2010/08/11 10:38:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\OGPlanet
[2010/08/23 02:12:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\OpenAL
[2010/01/01 23:27:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Packard Bell
[2010/09/01 23:58:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Packard Bell GameZone
[2010/04/08 00:38:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Pando Networks
[2010/08/26 11:05:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\QuickTime
[2010/03/23 12:59:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\RealArcade
[2009/08/16 06:46:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek
[2009/07/14 06:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2010/05/28 23:37:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ReflexiveArcade
[2010/05/11 17:43:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Sky
[2010/02/03 14:21:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Sky Broadband
[2010/01/17 21:34:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Sky Games
[2010/01/20 21:19:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Sony Online Entertainment
[2010/05/26 21:53:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Stardock
[2010/09/01 00:24:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Steam
[2010/08/26 11:05:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\STOPzilla!
[2010/04/26 09:19:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SystemRequirementsLab
[2010/07/21 23:59:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Trend Micro
[2010/09/01 16:11:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Tunngle
[2010/08/31 18:20:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\TweakNow RegCleaner
[2009/12/24 21:18:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Ubi Soft
[2010/08/26 11:02:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Ubisoft
[2009/07/14 05:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2010/05/06 16:44:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Valve
[2009/11/05 03:12:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Video Web Camera
[2009/08/22 08:52:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2010/05/28 23:56:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2009/11/05 03:19:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live SkyDrive
[2010/05/12 01:23:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2010/05/26 22:26:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2009/07/14 06:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2009/08/22 08:52:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2009/08/22 08:52:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2009/08/22 08:52:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar

< %appdata%\*.* >
[2010/02/01 21:30:12 | 000,000,000 | ---- | M] () -- C:\Users\ryan\AppData\Roaming\wklnhst.dat


< MD5 for: AGP440.SYS >
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: DISK.SYS >
[2009/07/14 02:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\SysWow64\DriverStore\FileRepository\disk.inf_amd64_neutral_10ce25bbc5a9cc43\disk.sys
[2009/07/14 02:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\winsxs\amd64_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_55bb738b8ddd8a01\disk.sys

< MD5 for: IASTOR.SYS >
[2009/06/05 02:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2009/06/05 02:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\Windows\SysWow64\DriverStore\FileRepository\iaahci.inf_amd64_neutral_7fb62b08f6b7117a\iaStor.sys
[2010/06/08 10:33:14 | 000,540,696 | ---- | M] (Intel Corporation) MD5=2064090C9FAAD92C090D77E50E735B2E -- C:\Users\ryan\AppData\Roaming\Easeware\DriverEasy\drivers\sfpkgkgr.l1w\RST_9.6.4.1002_Win_drivers_and_utils\drivers\f6flpy-x64\iaStor.sys
[2009/06/05 02:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2010/06/08 10:23:34 | 000,435,736 | ---- | M] (Intel Corporation) MD5=D80AA0907748D7CC8EFAB3773F32629B -- C:\Users\ryan\AppData\Roaming\Easeware\DriverEasy\drivers\sfpkgkgr.l1w\RST_9.6.4.1002_Win_drivers_and_utils\drivers\f6flpy-x86\iaStor.sys

< MD5 for: IASTORV.SYS >
[2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009/07/14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< MD5 for: USBSTOR.SYS >
[2009/07/14 01:06:34 | 000,089,600 | ---- | M] (Microsoft Corporation) MD5=080D3820DA6C046BE82FC8B45A893E83 -- C:\Windows\SysWow64\DriverStore\FileRepository\usbstor.inf_amd64_neutral_c301b770e0bfb179\USBSTOR.SYS
[2009/07/14 01:06:34 | 000,089,600 | ---- | M] (Microsoft Corporation) MD5=080D3820DA6C046BE82FC8B45A893E83 -- C:\Windows\winsxs\amd64_usbstor.inf_31bf3856ad364e35_6.1.7600.16385_none_a47b405db18421ea\USBSTOR.SYS

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

========== Alternate Data Streams ==========

@Alternate Data Stream - 85 bytes -> C:\ProgramData:$SS_DESCRIPTOR_LVVWVBGV0VFBTLX4D06YH7LVUTPXGJMBKE1R0WT1VH7E24F7PHCTVF4VMVFVVX4VM
@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:4D066AD2
@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:26205E86
@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:1E3397DC
@Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:4CF61E54
@Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:F84F494D
@Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:ABE89FFE
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:E1F04E8D
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:C46995DA
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:5D7E5A8F
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:0B9176C0
@Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:93DE1838
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:F3176E45
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:D06A4C76
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:193426B4
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:E3C56885
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:9C5E2795
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:1D32EC29
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:C9E1E431
< End of report >

ganjiry

Rookie Surfer
Rookie Surfer

Posts : 61
Joined : 2010-05-10
Operating System : windows7

View user profile

Back to top Go down

Re: not sure if i posted this in correct place

Post by ganjiry on Thu 02 Sep 2010, 11:02 pm

and here is the extras log.....OTL Extras logfile created on: 02/09/2010 12:15:08 - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\ryan\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 52.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 79.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 286.27 Gb Total Space | 33.34 Gb Free Space | 11.65% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 6.96 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 5.57 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 3.20 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive H: | 6.96 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
I: Drive not present or media not loaded

Computer Name: RYAN-PC
Current User Name: ryan
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = ChromeHTML] -- C:\Users\ryan\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{26A24AE4-039D-4CA4-87B4-2F86416021FF}" = Java(TM) 6 Update 21 (64-bit)
"{68660049-8D48-427C-9FF7-139D8340CDC0}" = MSVC80_x64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96F1BA99-300F-4DD5-A26B-788EF63B53B1}" = Logitech Gaming Software 5.08
"{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}" = Broadcom Gigabit NetLink Controller
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C19D4D8F-4433-4F6D-9F0C-79589FD0B973}" = Bonjour
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"AF28C999BD8B360EAECBBC28BA9757F1A4F3EB9F" = Windows Driver Package - Synaptics (SynTP) Mouse (09/17/2009 14.0.6.0)
"CNXT_AUDIO_HDA" = Conexant HD Audio
"EPSON SX210 Series" = EPSON SX210 Series Printer Uninstall
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR archiver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{12A1B519-5934-4508-ADBD-335347B0DC87}" = Video Web Camera
"{14C35072-D7D0-4B29-B5BF-C94E426D77E9}" = Sky Broadband
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1BD07DF4-FB06-41BA-B896-B2DA59000C96}" = Windows Live Toolbar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Packard Bell Power Management
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{52D1D62C-FEAB-4580-849E-1DB624BADBBD}" = DiRT2
"{534307EB-1401-43EB-8DD7-111000008200}" = Kane & Lynch: Dead Men
"{5511C07D-A83C-45AD-92B6-42DF99729A3C}" = Adobe Photoshop Elements 7.0
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A0B7BA5-4682-4273-81C2-69B17E649103}" = GRID
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{67E03279-F703-408F-B4BF-46B5FC8D70CD}" = Microsoft Works
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Packard Bell Recovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110322783}" = Big Kahuna Reef
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114803710}" = Star Defender 4
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117152957}" = Bubbletown
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A9EB5FC-1155-497B-9AF9-D1AB20382B10}" = STOPzilla
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{9F479685-180E-4C05-9400-D59292A1B29C}" = Windows Live Movie Maker
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5653E98-C00B-421B-86A2-E7DA75BFD97A}" = iS3 STOPzilla Toolbar
"{A87B11AC-4344-4E5D-8B12-8F471A87DAD9}" = LightScribe 1.4.136.1
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AC08BBA0-96B9-431A-A7D0-D8598E493775}" = RESIDENT EVIL 5
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.4
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B28B351F-1232-46EA-85EF-B8EA91641033}" = Nero 7 Essentials
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{CB6075D9-F912-40AE-BEA6-E590DA24F16B}" = Adobe Photoshop Elements 7.0
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.3.22 Game
"{D7B31233-EE2B-4911-AA3F-2A8C28843D3B}" = SkyPlayer for Windows Media Center
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Packard Bell Updater
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 7" = Adobe Photoshop Elements 7.0
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"Ashampoo Burning Studio 2010 Advanced_is1" = Ashampoo Burning Studio 2010 Advanced
"Call of Duty Modern Warfare 2_is1" = Call of Duty Modern Warfare 2
"CCleaner" = CCleaner
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Game Booster_is1" = Game Booster
"GFWL_{534307EB-1401-43EB-8DD7-111000008200}" = Kane & Lynch: Dead Men
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Identity Card" = Identity Card
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Packard Bell MyBackup
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"LManager" = Launch Manager
"Mafia II_is1" = Mafia II
"N360" = Norton 360
"ObjectDock" = ObjectDock
"OpenAL" = OpenAL
"Packard Bell InfoCentre" = Packard Bell InfoCentre
"Packard Bell Registration" = Packard Bell Registration
"Packard Bell Welcome Center" = Welcome Center
"PackardBell Screensaver" = PackardBell ScreenSaver
"PunkBusterSvc" = PunkBuster Services
"RKMod COD 44.5" = RKMod COD 4
"Shockwave" = Shockwave
"Sniper Ghost Warrior Update 2_is1" = Sniper Ghost Warrior Update 2
"Sniper Ghost Warrior_is1" = Sniper Ghost Warrior
"Steam App 13140" = America's Army 3
"SystemRequirementsLab" = System Requirements Lab
"TweakNow RegCleaner_is1" = TweakNow RegCleaner
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPatrol" = WinPatrol

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"UnityWebPlayer" = Unity Web Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 14/05/2010 11:30:03 | Computer Name = ryan-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksCal.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 14/05/2010 11:30:03 | Computer Name = ryan-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksdb.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 14/05/2010 11:30:04 | Computer Name = ryan-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksss.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 14/05/2010 11:30:04 | Computer Name = ryan-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksWP.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 14/05/2010 11:30:08 | Computer Name = ryan-PC | Source = SideBySide | ID = 16842811
Description = Activation context generation failed for "c:\program files (x86)\microsoft\search
enhancement pack\search helper\sepsearchhelperie.dll".Error in manifest or policy
file "c:\program files (x86)\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll"
on line 2. Invalid Xml syntax.

Error - 14/05/2010 18:18:36 | Computer Name = ryan-PC | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\Windows
Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program
Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.

Error - 14/05/2010 18:18:36 | Computer Name = ryan-PC | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\Windows
Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program
Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.

Error - 14/05/2010 18:18:36 | Computer Name = ryan-PC | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\Windows
Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program
Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.

Error - 14/05/2010 21:09:51 | Computer Name = ryan-PC | Source = Bonjour Service | ID = 100
Description = 212: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 15/05/2010 15:49:38 | Computer Name = ryan-PC | Source = Bonjour Service | ID = 100
Description = 220: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

[ Media Center Events ]
Error - 13/02/2010 10:29:44 | Computer Name = ryan-PC | Source = MCUpdate | ID = 0
Description = 14:29:43 - Error connecting to the internet. 14:29:43 - Unable
to contact server..

Error - 28/02/2010 22:59:40 | Computer Name = ryan-PC | Source = MCUpdate | ID = 0
Description = 02:59:40 - Error connecting to the internet. 02:59:40 - Unable
to contact server..

Error - 28/02/2010 22:59:49 | Computer Name = ryan-PC | Source = MCUpdate | ID = 0
Description = 02:59:45 - Error connecting to the internet. 02:59:45 - Unable
to contact server..

Error - 21/03/2010 06:20:58 | Computer Name = ryan-PC | Source = MCUpdate | ID = 0
Description = 10:20:58 - Error connecting to the internet. 10:20:58 - Unable
to contact server..

Error - 21/03/2010 06:21:09 | Computer Name = ryan-PC | Source = MCUpdate | ID = 0
Description = 10:21:03 - Error connecting to the internet. 10:21:03 - Unable
to contact server..

Error - 18/04/2010 07:28:25 | Computer Name = ryan-PC | Source = MCUpdate | ID = 0
Description = 12:28:25 - Error connecting to the internet. 12:28:25 - Unable
to contact server..

Error - 18/04/2010 07:28:33 | Computer Name = ryan-PC | Source = MCUpdate | ID = 0
Description = 12:28:30 - Error connecting to the internet. 12:28:30 - Unable
to contact server..

Error - 02/05/2010 07:35:36 | Computer Name = ryan-PC | Source = MCUpdate | ID = 0
Description = 12:35:35 - Error connecting to the internet. 12:35:36 - Unable
to contact server..

Error - 02/05/2010 07:35:46 | Computer Name = ryan-PC | Source = MCUpdate | ID = 0
Description = 12:35:41 - Error connecting to the internet. 12:35:41 - Unable
to contact server..

Error - 30/08/2010 08:46:38 | Computer Name = ryan-PC | Source = MCUpdate | ID = 0
Description = 13:44:53 - Failed to retrieve Directory (Error: The operation has
timed out)

[ System Events ]
Error - 02/09/2010 05:01:47 | Computer Name = ryan-PC | Source = bowser | ID = 8003
Description =

Error - 02/09/2010 05:13:49 | Computer Name = ryan-PC | Source = bowser | ID = 8003
Description =

Error - 02/09/2010 05:25:51 | Computer Name = ryan-PC | Source = bowser | ID = 8003
Description =

Error - 02/09/2010 05:37:53 | Computer Name = ryan-PC | Source = bowser | ID = 8003
Description =

Error - 02/09/2010 05:49:54 | Computer Name = ryan-PC | Source = bowser | ID = 8003
Description =

Error - 02/09/2010 06:01:51 | Computer Name = ryan-PC | Source = bowser | ID = 8003
Description =

Error - 02/09/2010 06:13:54 | Computer Name = ryan-PC | Source = bowser | ID = 8003
Description =

Error - 02/09/2010 06:25:51 | Computer Name = ryan-PC | Source = bowser | ID = 8003
Description =

Error - 02/09/2010 06:37:54 | Computer Name = ryan-PC | Source = bowser | ID = 8003
Description =

Error - 02/09/2010 07:13:51 | Computer Name = ryan-PC | Source = bowser | ID = 8003
Description =


< End of report >
thank you in advance 4 any hlp u can provide

ganjiry

Rookie Surfer
Rookie Surfer

Posts : 61
Joined : 2010-05-10
Operating System : windows7

View user profile

Back to top Go down

Re: not sure if i posted this in correct place

Post by ganjiry on Sat 04 Sep 2010, 5:09 am

BUMP

ganjiry

Rookie Surfer
Rookie Surfer

Posts : 61
Joined : 2010-05-10
Operating System : windows7

View user profile

Back to top Go down

Re: not sure if i posted this in correct place

Post by Belahzur on Sun 05 Sep 2010, 3:55 am

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: not sure if i posted this in correct place

Post by ganjiry on Mon 06 Sep 2010, 2:05 am

i ran mbam...nothin found

ganjiry

Rookie Surfer
Rookie Surfer

Posts : 61
Joined : 2010-05-10
Operating System : windows7

View user profile

Back to top Go down

Re: not sure if i posted this in correct place

Post by Belahzur on Mon 06 Sep 2010, 8:18 am

Please post the log anyway.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: not sure if i posted this in correct place

Post by ganjiry on Mon 06 Sep 2010, 10:04 am

Malwarebytes' Anti-Malware 1.46
[You must be registered and logged in to see this link.]

Database version: 4552

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

06/09/2010 00:04:09
mbam-log-2010-09-06 (00-04-09).txt

Scan type: Quick scan
Objects scanned: 174445
Time elapsed: 7 minute(s), 11 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:

ganjiry

Rookie Surfer
Rookie Surfer

Posts : 61
Joined : 2010-05-10
Operating System : windows7

View user profile

Back to top Go down

Re: not sure if i posted this in correct place

Post by Sponsored content Today at 9:50 am


Sponsored content


Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum