I have gotten the blue screen of death twice since my original post. I've backed everything up in the expectation of needing to reload. Other than that, no other issues.
During the Malware scan, one thing popped up. A Trojan I believe. Malware removed it.
MBAM Log
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4438
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
8/16/2010 5:44:59 PM
mbam-log-2010-08-16 (17-44-59).txt
Scan type: Quick scan
Objects scanned: 128152
Time elapsed: 57 minute(s), 43 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Windows\System32\d3dd8thk.dll (Trojan.BHO) -> Delete on reboot.
OLT.txt
OTL logfile created on: 8/16/2010 5:56:51 PM - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Wolfe\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 52.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 67.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 218.78 Gb Total Space | 185.60 Gb Free Space | 84.83% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: WOLFE-PC
Current User Name: Wolfe
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ========== PRC - [2010/08/16 16:32:07 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Wolfe\Desktop\OTL.exe
PRC - [2010/07/14 17:00:22 | 000,304,480 | ---- | M] (eAcceleration Corp) -- C:\Program Files (x86)\StopSign\OnAccess\onaccess.exe
PRC - [2010/06/22 12:33:55 | 000,464,208 | ---- | M] (eAcceleration Corp) -- C:\Program Files (x86)\eAcceleration\Station\station_bk.exe
PRC - [2010/06/17 10:20:22 | 001,406,304 | R--- | M] (eAcceleration Corp) -- C:\Program Files (x86)\Acceleration Software\Anti-Virus\stopsignav.exe
PRC - [2010/05/03 16:28:57 | 000,365,912 | ---- | M] (eAcceleration Corp) -- C:\Program Files (x86)\StopSign\Firewall\FWService.exe
PRC - [2010/04/01 02:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010/03/15 14:56:58 | 000,144,720 | ---- | M] (eAcceleration) -- C:\Program Files (x86)\Common Files\eAcceleration\eacsvc.exe
PRC - [2010/03/15 12:33:42 | 000,111,672 | ---- | M] (eAcceleration Corp) -- C:\Program Files (x86)\eAcceleration\Framework\eac_svc.exe
PRC - [2010/03/15 12:29:37 | 000,263,504 | ---- | M] (eAcceleration Corp) -- C:\Program Files (x86)\eAcceleration\Framework\eac_productsvc.exe
PRC - [2010/03/08 16:56:38 | 000,260,608 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
PRC - [2010/03/03 06:21:16 | 001,300,560 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2010/02/01 11:05:02 | 000,349,552 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
PRC - [2010/01/26 17:58:38 | 000,256,280 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10e.exe
PRC - [2009/12/24 18:45:16 | 000,401,192 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
PRC - [2009/12/24 18:44:48 | 000,201,512 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
========== Modules (SafeList) ========== MOD - [2010/08/16 16:32:07 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Wolfe\Desktop\OTL.exe
MOD - [2009/07/13 18:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009/07/13 18:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
========== Win32 Services (SafeList) ========== SRV:
64bit: - [2010/03/17 07:17:08 | 000,202,752 | ---- | M] (AMD) [Disabled | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:
64bit: - [2010/02/05 20:23:06 | 000,865,824 | ---- | M] (Acer Incorporated) [Disabled | Stopped] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:
64bit: - [2010/01/28 16:27:36 | 000,243,232 | ---- | M] (Acer Group) [Disabled | Stopped] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV:
64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/05/03 16:28:57 | 000,365,912 | ---- | M] (eAcceleration Corp) [Auto | Running] -- C:\Program Files (x86)\StopSign\Firewall\FWService.exe -- (FWService)
SRV - [2010/03/15 14:56:58 | 000,144,720 | ---- | M] (eAcceleration) [Auto | Running] -- C:\Program Files (x86)\Common Files\eAcceleration\eacsvc.exe -- (StopSign Update Manager)
SRV - [2010/03/15 12:33:42 | 000,111,672 | ---- | M] (eAcceleration Corp) [Auto | Running] -- C:\Program Files (x86)\eAcceleration\Framework\eac_svc.exe -- (sstsmonsvc)
SRV - [2010/03/15 12:33:42 | 000,111,672 | ---- | M] (eAcceleration Corp) [Auto | Running] -- C:\Program Files (x86)\eAcceleration\Framework\eac_svc.exe -- (ssfwmonsvc)
SRV - [2010/03/15 12:33:42 | 000,111,672 | ---- | M] (eAcceleration Corp) [Auto | Running] -- C:\Program Files (x86)\eAcceleration\Framework\eac_svc.exe -- (eac_notifysvc)
SRV - [2010/03/15 12:29:37 | 000,263,504 | ---- | M] (eAcceleration Corp) [Auto | Running] -- C:\Program Files (x86)\eAcceleration\Framework\eac_productsvc.exe -- (eac_productsvc)
SRV - [2010/03/08 16:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010/03/03 06:21:16 | 000,325,200 | ---- | M] (Dritek System Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010/02/01 11:04:40 | 000,305,520 | ---- | M] (Egis Technology Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService)
SRV - [2010/01/08 06:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009/11/05 17:51:20 | 000,144,640 | ---- | M] (NewTech Infosystems, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe -- (NTISchedulerSvc)
SRV - [2009/11/05 17:50:50 | 000,050,432 | ---- | M] (NewTech InfoSystems, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe -- (NTIBackupSvc)
========== Driver Services (SafeList) ========== DRV:
64bit: - File not found [Kernel | Auto | Stopped] -- C:\Windows\SysNative\Drivers\Vcs.sys -- (Vcs)
DRV:
64bit: - [2010/08/12 11:59:15 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:
64bit: - [2010/05/03 16:29:04 | 000,068,704 | ---- | M] (eAcceleration Corp) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\fwcore.sys -- (FWCore)
DRV:
64bit: - [2010/03/20 11:59:08 | 000,321,064 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink ™
DRV:
64bit: - [2010/03/17 15:48:58 | 002,212,352 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:
64bit: - [2010/03/17 10:24:24 | 006,405,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:
64bit: - [2010/03/17 06:21:18 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:
64bit: - [2010/02/08 06:57:22 | 000,239,136 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:
64bit: - [2009/12/22 02:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:
64bit: - [2009/12/10 04:25:10 | 000,301,104 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:
64bit: - [2009/12/02 00:01:24 | 000,213,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:
64bit: - [2009/11/26 00:05:28 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:
64bit: - [2009/08/23 02:55:32 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:
64bit: - [2009/07/13 18:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:
64bit: - [2009/07/13 18:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:
64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:
64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:
64bit: - [2009/07/13 18:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:
64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:
64bit: - [2009/06/10 13:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:
64bit: - [2009/06/10 13:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:
64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:
64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:
64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:
64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:
64bit: - [2009/06/02 19:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:
64bit: - [2009/06/02 19:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:
64bit: - [2009/06/02 19:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:
64bit: - [2009/05/05 01:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:
64bit: - [2009/05/05 01:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:
64bit: - [2008/12/26 12:56:04 | 000,021,504 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vcsvad.sys -- (VCSVADHWSer) Avnex Virtual Audio Device (WDM)
DRV - [2003/04/15 18:07:26 | 000,006,852 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\Vcs.sys -- (Vcs)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://homepage.acer.com/rdr.aspx?b=ACAW&a...d4z195t4522n275IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://homepage.acer.com/rdr.aspx?b=ACAW&a...d4z195t4522n275IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://homepage.acer.com/rdr.aspx?b=ACAW&a...d4z195t4522n275IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://homepage.acer.com/rdr.aspx?b=ACAW&a...d4z195t4522n275 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://homepage.acer.com/rdr.aspx?b=ACAW&a...d4z195t4522n275IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.startup.homepage: "about:blank"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.87
FF - prefs.js..network.proxy.type: 0
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/08/11 17:25:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/08/11 20:36:24 | 000,000,000 | ---D | M]
[2010/08/11 17:25:33 | 000,000,000 | ---D | M] -- C:\Users\Wolfe\AppData\Roaming\Mozilla\Extensions
[2010/08/11 20:36:31 | 000,000,000 | ---D | M] -- C:\Users\Wolfe\AppData\Roaming\Mozilla\Firefox\Profiles\78fuzepx.default\extensions
[2010/08/11 17:25:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {5E753934-1350-1A8D-7616-466B1E540184} - C:\Windows\SysWow64\d3dd8thk.dll File not found
O2 - BHO: (no name) - {B753C7C5-0942-4b7f-BC27-942B52BDAC66} - C:\Program Files (x86)\StopSign\PopupBlocker\sspopupblocker.dll (eAcceleration Corp )
O3:
64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:
64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:
64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:
64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [OnAccess] C:\Program Files (x86)\StopSign\OnAccess\onaccess.exe (eAcceleration Corp)
O4 - HKLM..\Run: [SoftwareStation] C:\Program Files (x86)\eAcceleration\Station\station.exe (eAcceleration Corp)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [StopSignPopupBlocker] C:\Program Files (x86)\StopSign\PopupBlocker\sspopupblockerctrl.exe (eAcceleration Corp )
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [webscan] C:\Program Files (x86)\Acceleration Software\Anti-Virus\stopsignav.exe (eAcceleration Corp)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 0
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Block This Page - {24BE56F9-F0B6-4ac7-97F1-8CACEDA9A427} - C:\Program Files (x86)\StopSign\PopupBlocker\sspopupblocker.dll (eAcceleration Corp )
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}
http://download.bitdefender.com/resources/...can8/oscan8.cab (BDSCANONLINE Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.10 24.205.224.36 71.9.127.107
O18:
64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28:
64bit: - HKLM ShellExecuteHooks: {42DD0873-5FA9-465D-90DE-0826020416A5} - C:\Program Files (x86)\StopSign\OnAccess\onaccess_hk64.dll (eAcceleration Corp)
O28 - HKLM ShellExecuteHooks: {42DD0873-5FA9-465D-90DE-0826020416A5} - C:\Program Files (x86)\StopSign\OnAccess\onaccess_hk32.dll (eAcceleration Corp)
O29:
64bit: - HKLM SecurityProviders - (msapsspc.dll) - File not found
O29:
64bit: - HKLM SecurityProviders - (digest.dll) - File not found
O29:
64bit: - HKLM SecurityProviders - (msnsspc.dll) - File not found
O29 - HKLM SecurityProviders - (msapsspc.dll) - File not found
O29 - HKLM SecurityProviders - (digest.dll) - File not found
O29 - HKLM SecurityProviders - (msnsspc.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{590afdcb-9953-11df-b057-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{590afdcb-9953-11df-b057-806e6f6e6963}\Shell\AutoRun\command - "" = F:\WD SmartWare.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found
Drivers32:
64bit: aux - wdmaud.drv (Microsoft Corporation)
Drivers32:
64bit: aux1 - wdmaud.drv (Microsoft Corporation)
Drivers32:
64bit: midi - wdmaud.drv (Microsoft Corporation)
Drivers32:
64bit: midi1 - wdmaud.drv (Microsoft Corporation)
Drivers32:
64bit: midimapper - midimap.dll (Microsoft Corporation)
Drivers32:
64bit: mixer - wdmaud.drv (Microsoft Corporation)
Drivers32:
64bit: mixer1 - wdmaud.drv (Microsoft Corporation)
Drivers32:
64bit: mixer2 - wdmaud.drv (Microsoft Corporation)
Drivers32:
64bit: mixer3 - wdmaud.drv (Microsoft Corporation)
Drivers32:
64bit: msacm.imaadpcm - imaadp32.acm (Microsoft Corporation)
Drivers32:
64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:
64bit: msacm.msadpcm - msadp32.acm (Microsoft Corporation)
Drivers32:
64bit: msacm.msg711 - msg711.acm (Microsoft Corporation)
Drivers32:
64bit: msacm.msgsm610 - msgsm32.acm (Microsoft Corporation)
Drivers32:
64bit: MSVideo8 - VfWWDM32.dll (Microsoft Corporation)
Drivers32:
64bit: vidc.i420 - iyuv_32.dll (Microsoft Corporation)
Drivers32:
64bit: VIDC.IYUV - iyuv_32.dll (Microsoft Corporation)
Drivers32:
64bit: vidc.mrle - msrle32.dll (Microsoft Corporation)
Drivers32:
64bit: vidc.msvc - msvidc32.dll (Microsoft Corporation)
Drivers32:
64bit: VIDC.UYVY - msyuv.dll (Microsoft Corporation)
Drivers32:
64bit: VIDC.YUY2 - msyuv.dll (Microsoft Corporation)
Drivers32:
64bit: VIDC.YVU9 - tsbyuv.dll (Microsoft Corporation)
Drivers32:
64bit: VIDC.YVYU - msyuv.dll (Microsoft Corporation)
Drivers32:
64bit: wave - wdmaud.drv (Microsoft Corporation)
Drivers32:
64bit: wave1 - wdmaud.drv (Microsoft Corporation)
Drivers32:
64bit: wave2 - wdmaud.drv (Microsoft Corporation)
Drivers32:
64bit: wave3 - wdmaud.drv (Microsoft Corporation)
Drivers32:
64bit: wavemapper - msacm32.drv (Microsoft Corporation)
Drivers32: aux - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: aux1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midi - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\Windows\SysWow64\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer2 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer3 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.imaadpcm - C:\Windows\SysWow64\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\Windows\SysWow64\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\Windows\SysWow64\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\Windows\SysWow64\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.siren - C:\Windows\SysWow64\sirenacm.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\SysWow64\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.iyuv - C:\Windows\SysWow64\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - C:\Windows\SysWow64\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\Windows\SysWow64\msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.uyvy - C:\Windows\SysWow64\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yuy2 - C:\Windows\SysWow64\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvu9 - C:\Windows\SysWow64\tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvyu - C:\Windows\SysWow64\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wave2 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wave3 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\Windows\SysWow64\msacm32.drv (Microsoft Corporation)
========== Files/Folders - Created Within 90 Days ========== [2010/08/16 16:33:13 | 000,000,000 | ---D | C] -- C:\Users\Wolfe\AppData\Roaming\Malwarebytes
[2010/08/16 16:33:01 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/08/16 16:33:00 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/08/16 16:33:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/08/16 16:32:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/08/16 16:32:02 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Wolfe\Desktop\OTL.exe
[2010/08/13 01:29:21 | 000,000,000 | ---D | C] -- C:\Users\Wolfe\Desktop\drivers
[2010/08/12 13:17:48 | 004,614,113 | ---- | C] (LIGHTNING UK!) -- C:\Users\Wolfe\Desktop\SetupImgBurn_2.5.1.0.exe
[2010/08/12 11:57:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2010/08/12 11:56:40 | 000,000,000 | ---D | C] -- C:\Users\Wolfe\AppData\Roaming\DAEMON Tools Lite
[2010/08/12 11:56:36 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010/08/12 11:53:15 | 009,591,104 | ---- | C] (DT Soft Ltd.) -- C:\Users\Wolfe\Desktop\DTLite4356-0091.exe
[2010/08/11 17:25:11 | 000,000,000 | ---D | C] -- C:\Users\Wolfe\AppData\Local\Mozilla
[2010/08/11 17:25:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010/08/11 17:11:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner
[2010/08/11 05:04:36 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/08/09 10:08:52 | 000,000,000 | ---D | C] -- C:\Users\Wolfe\Desktop\Scanners
[2010/08/09 09:48:20 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Wolfe\Desktop\HijackThis.exe
[2010/08/09 09:41:40 | 000,000,000 | ---D | C] -- C:\Windows\BDOSCAN8
[2010/08/09 09:39:25 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/08/06 09:25:44 | 000,000,000 | ---D | C] -- C:\Users\Wolfe\AppData\Local\Adobe
[2010/08/06 07:04:21 | 000,000,000 | ---D | C] -- C:\Users\Wolfe\Desktop\New folder
[2010/08/06 01:28:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity
[2010/08/06 01:27:40 | 002,228,534 | ---- | C] ( ) -- C:\Users\Wolfe\Desktop\audacity-win-1.2.6.exe
[2010/08/05 15:32:36 | 000,000,000 | ---D | C] -- C:\Users\Wolfe\AppData\Roaming\gtk-2.0
[2010/08/05 15:32:32 | 000,000,000 | ---D | C] -- C:\Users\Wolfe\.thumbnails
[2010/08/05 15:31:10 | 000,000,000 | ---D | C] -- C:\Users\Wolfe\.gimp-2.6
[2010/08/05 15:31:09 | 000,000,000 | ---D | C] -- C:\Users\Wolfe\Documents\gegl-0.0
[2010/08/05 15:30:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIMP-2.0
[2010/08/05 15:24:54 | 000,000,000 | ---D | C] -- C:\Users\Wolfe\Desktop\SL
[2010/08/04 13:57:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Screaming Bee
[2010/08/04 13:48:54 | 000,000,000 | ---D | C] -- C:\Users\Wolfe\AppData\Roaming\Screaming Bee
[2010/08/04 13:47:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Screaming Bee
[2010/08/04 13:46:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Screaming Bee
[2010/08/04 13:21:54 | 000,021,504 | ---- | C] (Avnex) -- C:\Windows\SysNative\drivers\vcsvad.sys
[2010/08/04 12:57:43 | 000,000,000 | ---D | C] -- C:\vcs5BGEffects
[2010/08/04 12:57:41 | 000,000,000 | ---D | C] -- C:\vcs5core
[2010/08/04 12:57:41 | 000,000,000 | ---D | C] -- C:\AV_LOGS
[2010/08/04 12:55:40 | 000,000,000 | ---D | C] -- C:\Users\Wolfe\AppData\Local\jZip
[2010/08/04 12:55:34 | 000,000,000 | ---D | C] -- C:\Users\Wolfe\AppData\Roaming\Yahoo!
[2010/08/04 12:55:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo!
[2010/08/04 12:54:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\jZip
[2010/08/04 11:25:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SecondLife
[2010/08/04 11:06:34 | 000,000,000 | ---D | C] -- C:\Users\Wolfe\AppData\Local\SecondLife
[2010/08/04 11:05:03 | 000,000,000 | ---D | C] -- C:\Users\Wolfe\Desktop\GW Mod
[2010/08/03 11:57:07 | 000,000,000 | ---D | C] -- C:\Users\Wolfe\AppData\Roaming\Mozilla
[2010/08/03 11:56:54 | 000,000,000 | ---D | C] -- C:\Users\Wolfe\AppData\Roaming\SecondLife
[2010/08/03 11:56:54 | 000,000,000 | ---D | C] -- C:\Users\Wolfe\AppData\Local\Emerald
[2010/08/03 11:55:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emerald Viewer
[2010/08/01 10:25:54 | 000,000,000 | ---D | C] -- C:\Users\Wolfe\Documents\DVDVideoSoft
[2010/08/01 10:25:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2010/08/01 10:25:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2010/08/01 10:23:59 | 013,126,304 | ---- | C] (DVDVideoSoft Limited. ) -- C:\Users\Wolfe\Desktop\FreeAudioConverter.exe
[2010/08/01 01:46:10 | 000,000,000 | ---D | C] -- C:\Users\Wolfe\Desktop\conv
[2010/07/31 19:56:32 | 000,000,000 | ---D | C] -- C:\Users\Wolfe\Desktop\MP3 Player
[2010/07/31 19:55:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HooTech WMA MP3 Converter
[2010/07/31 19:53:56 | 000,000,000 | ---D | C] -- C:\Users\Wolfe\AppData\Local\MediaMonkey
[2010/07/31 19:53:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MediaMonkey
[2010/07/31 19:53:11 | 007,822,392 | ---- | C] (Ventis Media Inc. ) -- C:\Users\Wolfe\Desktop\MediaMonkey_3.2.1.1297.exe
[2010/07/28 23:56:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2010/07/28 23:56:02 | 000,000,000 | ---D | C] -- C:\Users\Wolfe\AppData\Roaming\uTorrent
[2010/07/28 23:55:55 | 000,327,984 | ---- | C] (BitTorrent, Inc.) -- C:\Users\Wolfe\Desktop\utorrent.exe
[2010/07/27 20:07:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Macromedia
[2010/07/27 20:05:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip
[2010/07/27 13:48:12 | 000,000,000 | ---D | C] -- C:\Users\Wolfe\Documents\Guild Wars
[2010/07/27 13:44:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Media Center Programs
[2010/07/27 13:44:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Guild Wars
[2010/07/27 00:54:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\temp
[2010/07/27 00:53:45 | 000,012,864 | ---- | C] (Un4seen Developments) -- C:\Windows\SysWow64\kara__ao.dll
[2010/07/27 00:53:44 | 000,098,872 | ---- | C] (nnnneen Developments) -- C:\Windows\SysWow64\Bass.dll
[2010/07/27 00:53:44 | 000,028,760 | ---- | C] (Mediasoft ) -- C:\Windows\SysWow64\Kara_K5.dll
[2010/07/27 00:53:44 | 000,017,472 | ---- | C] (nnnnnnn Developments) -- C:\Windows\SysWow64\Kara_C.dll
[2010/07/27 00:53:44 | 000,016,448 | ---- | C] (nnnnnnn Developments) -- C:\Windows\SysWow64\Kara_mx.dll
[2010/07/27 00:53:44 | 000,015,936 | ---- | C] (Mediasoft ) -- C:\Windows\SysWow64\Kara_ww.dll
[2010/07/27 00:53:44 | 000,012,352 | ---- | C] (nnnneen Developments) -- C:\Windows\SysWow64\Kara__E.dll
[2010/07/27 00:53:38 | 000,000,000 | ---D | C] -- C:\Edic
[2010/07/27 00:53:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Karaoke5
[2010/07/27 00:52:53 | 000,000,000 | ---D | C] -- C:\Users\Wolfe\AppData\Local\Western Digital
[2010/07/26 20:39:16 | 000,068,704 | ---- | C] (eAcceleration Corp) -- C:\Windows\SysNative\drivers\fwcore.sys
[2010/07/26 20:31:40 | 000,000,000 | ---D | C] -- C:\Users\Wolfe\AppData\Roaming\eAcceleration
[2010/07/26 20:30:59 | 000,000,000 | -H-D | C] -- C:\MyWinLockerData
[2010/07/26 20:30:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acceleration Software
[2010/07/26 20:29:45 | 000,000,000 | ---D | C] -- C:\ProgramData\eAcceleration
[2010/07/26 20:29:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\eAcceleration
[2010/07/26 20:29:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\eAcceleration
[2010/07/26 20:29:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StopSign
[2010/07/26 20:27:27 | 000,000,000 | ---D | C] -- C:\Users\Wolfe\AppData\Roaming\Adobe
[2010/07/26 20:24:22 | 000,000,000 | ---D | C] -- C:\Users\Wolfe\AppData\Roaming\Google
[2010/07/26 20:21:53 | 000,000,000 | ---D | C] -- C:\Users\Wolfe\AppData\Roaming\ATI
[2010/07/26 20:21:52 | 000,000,000 | ---D | C] -- C:\Users\Wolfe\AppData\Local\ATI
[2010/07/26 20:20:39 | 000,000,000 | ---D | C] -- C:\Users\Wolfe\AppData\Local\EgisTec IPS
[2010/07/26 20:20:38 | 000,000,000 | ---D | C] -- C:\Users\Wolfe\AppData\Roaming\Macromedia
[2010/07/26 20:20:21 | 000,000,000 | R--D | C] -- C:\Users\Wolfe\Searches
[2010/07/26 20:20:21 | 000,000,000 | -H-D | C] -- C:\Users\Wolfe\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2010/07/26 20:20:10 | 000,000,000 | ---D | C] -- C:\Users\Wolfe\AppData\Roaming\Identities
[2010/07/26 20:20:06 | 000,000,000 | R--D | C] -- C:\Users\Wolfe\Contacts
[2010/07/26 20:20:04 | 000,000,000 | ---D | C] -- C:\Users\Wolfe\AppData\Local\VirtualStore
[2010/07/26 20:19:14 | 000,000,000 | ---D | C] -- C:\ProgramData\OEM_E471269A730D
[2010/07/26 20:17:28 | 000,000,000 | --SD | C] -- C:\Users\Wolfe\AppData\Roaming\Microsoft
[2010/07/26 20:17:28 | 000,000,000 | R--D | C] -- C:\Users\Wolfe\Videos
[2010/07/26 20:17:28 | 000,000,000 | R--D | C] -- C:\Users\Wolfe\Saved Games
[2010/07/26 20:17:28 | 000,000,000 | R--D | C] -- C:\Users\Wolfe\Pictures
[2010/07/26 20:17:28 | 000,000,000 | R--D | C] -- C:\Users\Wolfe\Music
[2010/07/26 20:17:28 | 000,000,000 | R--D | C] -- C:\Users\Wolfe\Links
[2010/07/26 20:17:28 | 000,000,000 | R--D | C] -- C:\Users\Wolfe\Favorites
[2010/07/26 20:17:28 | 000,000,000 | R--D | C] -- C:\Users\Wolfe\Downloads
[2010/07/26 20:17:28 | 000,000,000 | R--D | C] -- C:\Users\Wolfe\Documents
[2010/07/26 20:17:28 | 000,000,000 | R--D | C] -- C:\Users\Wolfe\Desktop
[2010/07/26 20:17:28 | 000,000,000 | -HSD | C] -- C:\Users\Wolfe\AppData\Local\Temporary Internet Files
[2010/07/26 20:17:28 | 000,000,000 | -HSD | C] -- C:\Users\Wolfe\Templates
[2010/07/26 20:17:28 | 000,000,000 | -HSD | C] -- C:\Users\Wolfe\Start Menu
[2010/07/26 20:17:28 | 000,000,000 | -HSD | C] -- C:\Users\Wolfe\SendTo
[2010/07/26 20:17:28 | 000,000,000 | -HSD | C] -- C:\Users\Wolfe\Recent
[2010/07/26 20:17:28 | 000,000,000 | -HSD | C] -- C:\Users\Wolfe\PrintHood
[2010/07/26 20:17:28 | 000,000,000 | -HSD | C] -- C:\Users\Wolfe\NetHood
[2010/07/26 20:17:28 | 000,000,000 | -HSD | C] -- C:\Users\Wolfe\Documents\My Videos
[2010/07/26 20:17:28 | 000,000,000 | -HSD | C] -- C:\Users\Wolfe\Documents\My Pictures
[2010/07/26 20:17:28 | 000,000,000 | -HSD | C] -- C:\Users\Wolfe\Documents\My Music
[2010/07/26 20:17:28 | 000,000,000 | -HSD | C] -- C:\Users\Wolfe\My Documents
[2010/07/26 20:17:28 | 000,000,000 | -HSD | C] -- C:\Users\Wolfe\Local Settings
[2010/07/26 20:17:28 | 000,000,000 | -HSD | C] -- C:\Users\Wolfe\AppData\Local\History
[2010/07/26 20:17:28 | 000,000,000 | -HSD | C] -- C:\Users\Wolfe\Cookies
[2010/07/26 20:17:28 | 000,000,000 | -HSD | C] -- C:\Users\Wolfe\Application Data
[2010/07/26 20:17:28 | 000,000,000 | -HSD | C] -- C:\Users\Wolfe\AppData\Local\Application Data
[2010/07/26 20:17:28 | 000,000,000 | -H-D | C] -- C:\Users\Wolfe\AppData
[2010/07/26 20:17:28 | 000,000,000 | ---D | C] -- C:\Users\Wolfe\AppData\Local\Temp
[2010/07/26 20:17:28 | 000,000,000 | ---D | C] -- C:\Users\Wolfe\AppData\Local\Microsoft
[2010/07/26 20:17:28 | 000,000,000 | ---D | C] -- C:\Users\Wolfe\AppData\Roaming\Media Center Programs
[2010/07/26 20:17:22 | 000,000,000 | -HSD | C] -- C:\Recovery
========== Files - Modified Within 90 Days ========== [2010/08/16 17:56:31 | 000,713,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/08/16 17:56:31 | 000,615,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/08/16 17:56:31 | 000,103,702 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/08/16 17:51:24 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/08/16 17:51:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/08/16 17:51:15 | 1405,272,064 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/16 17:50:39 | 001,310,720 | -HS- | M] () -- C:\Users\Wolfe\NTUSER.DAT
[2010/08/16 17:50:27 | 002,069,449 | -H-- | M] () -- C:\Users\Wolfe\AppData\Local\IconCache.db
[2010/08/16 16:36:41 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/08/16 16:36:41 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/08/16 16:33:03 | 000,000,973 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/16 16:32:07 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Wolfe\Desktop\OTL.exe
[2010/08/15 02:16:31 | 186,692,087 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/08/14 01:14:23 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At4.job
[2010/08/13 19:04:25 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At3.job
[2010/08/13 13:45:25 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At2.job
[2010/08/13 02:25:34 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat
[2010/08/12 13:20:08 | 004,614,113 | ---- | M] (LIGHTNING UK!) -- C:\Users\Wolfe\Desktop\SetupImgBurn_2.5.1.0.exe
[2010/08/12 11:59:59 | 000,001,914 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010/08/12 11:59:15 | 000,834,544 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys
[2010/08/12 11:53:28 | 009,591,104 | ---- | M] (DT Soft Ltd.) -- C:\Users\Wolfe\Desktop\DTLite4356-0091.exe
[2010/08/12 11:49:39 | 000,535,482 | ---- | M] () -- C:\Users\Wolfe\Desktop\memtest86-3.5.iso.zip
[2010/08/11 17:25:23 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2010/08/11 17:25:08 | 000,001,927 | ---- | M] () -- C:\Users\Wolfe\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/08/11 17:25:08 | 000,001,903 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/08/11 17:22:30 | 000,006,924 | ---- | M] () -- C:\Users\Wolfe\Documents\BackUps To CCleaner2.reg
[2010/08/11 17:18:20 | 000,028,536 | ---- | M] () -- C:\Users\Wolfe\Documents\BackUps To CCleaner.reg
[2010/08/11 17:11:37 | 000,000,971 | ---- | M] () -- C:\Users\Wolfe\Desktop\CCleaner.lnk
[2010/08/10 15:56:56 | 001,677,857 | ---- | M] () -- C:\Users\Wolfe\Desktop\465_7442_EFS.pdf
[2010/08/09 10:05:06 | 001,130,629 | ---- | M] () -- C:\Users\Wolfe\Desktop\tdsskiller.zip
[2010/08/09 09:48:37 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Wolfe\Desktop\HijackThis.exe
[2010/08/09 07:01:24 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At1.job
[2010/08/08 14:00:28 | 000,019,268 | ---- | M] () -- C:\Users\Wolfe\Desktop\CaliforniaOpenCarry.pdf
[2010/08/06 01:28:22 | 000,000,907 | ---- | M] () -- C:\Users\Wolfe\Desktop\Audacity.lnk
[2010/08/06 01:27:44 | 002,228,534 | ---- | M] ( ) -- C:\Users\Wolfe\Desktop\audacity-win-1.2.6.exe
[2010/08/05 18:36:47 | 000,005,901 | ---- | M] () -- C:\Users\Wolfe\.recently-used.xbel
[2010/08/05 15:31:04 | 000,001,059 | ---- | M] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2010/08/04 23:41:34 | 000,056,533 | ---- | M] () -- C:\Users\Wolfe\Desktop\date-my-avatar-7ba3b.jpg
[2010/08/04 13:48:12 | 000,002,206 | ---- | M] () -- C:\Users\Wolfe\Desktop\MorphVOX Pro.lnk
[2010/08/04 12:55:26 | 000,000,915 | ---- | M] () -- C:\Users\Public\Desktop\jZip.lnk
[2010/08/04 12:55:26 | 000,000,883 | ---- | M] () -- C:\Users\Wolfe\Application Data\Microsoft\Internet Explorer\Quick Launch\jZip.lnk
[2010/08/04 11:26:15 | 000,001,047 | ---- | M] () -- C:\Users\Public\Desktop\Second Life.lnk
[2010/08/03 11:55:54 | 000,001,122 | ---- | M] () -- C:\Users\Public\Desktop\Emerald Viewer.lnk
[2010/08/01 10:25:54 | 000,001,203 | ---- | M] () -- C:\Users\Wolfe\Desktop\DVDVideoSoft Free Studio.lnk
[2010/08/01 10:24:14 | 013,126,304 | ---- | M] (DVDVideoSoft Limited. ) -- C:\Users\Wolfe\Desktop\FreeAudioConverter.exe
[2010/08/01 01:49:54 | 001,300,880 | ---- | M] () -- C:\Users\Wolfe\Documents\The Cranberries - Pretty.mp3
[2010/08/01 01:48:01 | 000,006,217 | -HS- | M] () -- C:\Users\Wolfe\Documents\Folder.jpg
[2010/08/01 01:48:01 | 000,006,217 | -HS- | M] () -- C:\Users\Wolfe\Documents\AlbumArt_{B6FCFC08-F898-43FF-AE86-9CA24C7BE488}_Large.jpg
[2010/08/01 01:48:01 | 000,001,628 | -HS- | M] () -- C:\Users\Wolfe\Documents\AlbumArtSmall.jpg
[2010/08/01 01:48:01 | 000,001,628 | -HS- | M] () -- C:\Users\Wolfe\Documents\AlbumArt_{B6FCFC08-F898-43FF-AE86-9CA24C7BE488}_Small.jpg
[2010/08/01 01:47:17 | 002,473,132 | ---- | M] () -- C:\Users\Wolfe\Documents\The Cranberries - Not Sorry.mp3
[2010/08/01 01:47:07 | 001,634,283 | ---- | M] () -- C:\Users\Wolfe\Documents\The Cranberries - How.mp3
[2010/08/01 01:47:01 | 002,229,059 | ---- | M] () -- C:\Users\Wolfe\Documents\Korn - Children Of The Korn.mp3
[2010/07/31 21:02:50 | 000,120,597 | ---- | M] () -- C:\Users\Wolfe\Desktop\4844040001_large.jpg
[2010/07/31 19:55:38 | 000,000,997 | ---- | M] () -- C:\Users\Public\Desktop\WMA MP3 Converter.lnk
[2010/07/31 19:54:05 | 000,000,955 | ---- | M] () -- C:\Users\Wolfe\Desktop\MediaMonkey.lnk
[2010/07/31 19:53:28 | 007,822,392 | ---- | M] (Ventis Media Inc. ) -- C:\Users\Wolfe\Desktop\MediaMonkey_3.2.1.1297.exe
[2010/07/31 19:51:57 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010/07/28 23:56:42 | 000,000,931 | ---- | M] () -- C:\Users\Wolfe\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2010/07/28 23:56:01 | 000,327,984 | ---- | M] (BitTorrent, Inc.) -- C:\Users\Wolfe\Desktop\utorrent.exe
[2010/07/28 23:54:07 | 000,341,224 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/07/27 11:10:45 | 000,039,252 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2010/07/27 11:10:45 | 000,039,252 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2010/07/27 00:54:17 | 000,078,712 | ---- | M] () -- C:\Users\Wolfe\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/07/27 00:53:46 | 000,000,900 | ---- | M] () -- C:\Users\Wolfe\Desktop\Karaoke 5.lnk
[2010/07/27 00:20:47 | 000,524,288 | -HS- | M] () -- C:\Users\Wolfe\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010/07/27 00:20:47 | 000,524,288 | -HS- | M] () -- C:\Users\Wolfe\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010/07/27 00:20:47 | 000,065,536 | -HS- | M] () -- C:\Users\Wolfe\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010/07/26 20:40:57 | 000,000,000 | ---- | M] () -- C:\Users\Wolfe\AppData\Roaming\wklnhst.dat
[2010/07/26 20:31:40 | 000,001,961 | ---- | M] () -- C:\Users\Wolfe\Application Data\Microsoft\Internet Explorer\Quick Launch\StopSign Software Station.lnk
[2010/07/26 20:27:09 | 000,001,401 | ---- | M] () -- C:\Users\Wolfe\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/07/26 20:17:28 | 000,000,020 | -HS- | M] () -- C:\Users\Wolfe\ntuser.ini
[2010/05/31 19:18:18 | 001,687,040 | ---- | M] () -- C:\Windows\SysWow64\sysdelop.dll
[2010/05/31 19:17:36 | 001,675,776 | ---- | M] () -- C:\Windows\SysWow64\core_snap.dll
========== Files Created - No Company Name ========== [2010/08/16 16:33:03 | 000,000,973 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/13 02:25:34 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat
[2010/08/12 11:59:59 | 000,001,914 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010/08/12 11:59:15 | 000,834,544 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys
[2010/08/12 11:49:33 | 000,535,482 | ---- | C] () -- C:\Users\Wolfe\Desktop\memtest86-3.5.iso.zip
[2010/08/12 00:41:09 | 186,692,087 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/08/11 17:25:23 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/08/11 17:25:08 | 000,001,927 | ---- | C] () -- C:\Users\Wolfe\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/08/11 17:25:08 | 000,001,903 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/08/11 17:22:28 | 000,006,924 | ---- | C] () -- C:\Users\Wolfe\Documents\BackUps To CCleaner2.reg
[2010/08/11 17:18:18 | 000,028,536 | ---- | C] () -- C:\Users\Wolfe\Documents\BackUps To CCleaner.reg
[2010/08/11 17:11:37 | 000,000,971 | ---- | C] () -- C:\Users\Wolfe\Desktop\CCleaner.lnk
[2010/08/10 15:56:48 | 001,677,857 | ---- | C] () -- C:\Users\Wolfe\Desktop\465_7442_EFS.pdf
[2010/08/09 10:03:24 | 001,130,629 | ---- | C] () -- C:\Users\Wolfe\Desktop\tdsskiller.zip
[2010/08/08 14:00:21 | 000,019,268 | ---- | C] () -- C:\Users\Wolfe\Desktop\CaliforniaOpenCarry.pdf
[2010/08/06 01:28:22 | 000,000,907 | ---- | C] () -- C:\Users\Wolfe\Desktop\Audacity.lnk
[2010/08/05 18:36:47 | 000,005,901 | ---- | C] () -- C:\Users\Wolfe\.recently-used.xbel
[2010/08/05 15:31:04 | 000,001,059 | ---- | C] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2010/08/04 23:42:15 | 000,056,533 | ---- | C] () -- C:\Users\Wolfe\Desktop\date-my-avatar-7ba3b.jpg
[2010/08/04 13:47:10 | 000,002,206 | ---- | C] () -- C:\Users\Wolfe\Desktop\MorphVOX Pro.lnk
[2010/08/04 13:34:20 | 000,006,852 | ---- | C] () -- C:\Windows\SysWow64\drivers\Vcs.sys
[2010/08/04 13:34:10 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At4.job
[2010/08/04 13:34:10 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At3.job
[2010/08/04 13:34:09 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At2.job
[2010/08/04 13:34:07 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At1.job
[2010/08/04 12:55:39 | 000,076,407 | ---- | C] () -- C:\Users\Wolfe\AppData\Roaming\Smiley.ico
[2010/08/04 12:55:26 | 000,000,915 | ---- | C] () -- C:\Users\Public\Desktop\jZip.lnk
[2010/08/04 12:55:26 | 000,000,883 | ---- | C] () -- C:\Users\Wolfe\Application Data\Microsoft\Internet Explorer\Quick Launch\jZip.lnk
[2010/08/04 11:26:15 | 000,001,047 | ---- | C] () -- C:\Users\Public\Desktop\Second Life.lnk
[2010/08/03 11:55:54 | 000,001,122 | ---- | C] () -- C:\Users\Public\Desktop\Emerald Viewer.lnk
[2010/08/01 10:25:54 | 000,001,203 | ---- | C] () -- C:\Users\Wolfe\Desktop\DVDVideoSoft Free Studio.lnk
[2010/08/01 01:48:01 | 000,006,217 | -HS- | C] () -- C:\Users\Wolfe\Documents\Folder.jpg
[2010/08/01 01:48:01 | 000,006,217 | -HS- | C] () -- C:\Users\Wolfe\Documents\AlbumArt_{B6FCFC08-F898-43FF-AE86-9CA24C7BE488}_Large.jpg
[2010/08/01 01:48:01 | 000,001,628 | -HS- | C] () -- C:\Users\Wolfe\Documents\AlbumArtSmall.jpg
[2010/08/01 01:48:01 | 000,001,628 | -HS- | C] () -- C:\Users\Wolfe\Documents\AlbumArt_{B6FCFC08-F898-43FF-AE86-9CA24C7BE488}_Small.jpg
[2010/08/01 01:47:18 | 001,300,880 | ---- | C] () -- C:\Users\Wolfe\Documents\The Cranberries - Pretty.mp3
[2010/08/01 01:47:07 | 002,473,132 | ---- | C] () -- C:\Users\Wolfe\Documents\The Cranberries - Not Sorry.mp3
[2010/08/01 01:47:01 | 001,634,283 | ---- | C] () -- C:\Users\Wolfe\Documents\The Cranberries - How.mp3
[2010/08/01 01:46:52 | 002,229,059 | ---- | C] () -- C:\Users\Wolfe\Documents\Korn - Children Of The Korn.mp3
[2010/07/31 21:01:44 | 000,120,597 | ---- | C] () -- C:\Users\Wolfe\Desktop\4844040001_large.jpg
[2010/07/31 19:55:38 | 000,000,997 | ---- | C] () -- C:\Users\Public\Desktop\WMA MP3 Converter.lnk
[2010/07/31 19:54:05 | 000,000,955 | ---- | C] () -- C:\Users\Wolfe\Desktop\MediaMonkey.lnk
[2010/07/31 19:51:57 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010/07/28 23:56:42 | 000,000,931 | ---- | C] () -- C:\Users\Wolfe\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2010/07/27 00:53:46 | 000,000,900 | ---- | C] () -- C:\Users\Wolfe\Desktop\Karaoke 5.lnk
[2010/07/27 00:53:45 | 001,687,040 | ---- | C] () -- C:\Windows\SysWow64\sysdelop.dll
[2010/07/27 00:53:45 | 001,675,776 | ---- | C] () -- C:\Windows\SysWow64\core_snap.dll
[2010/07/27 00:53:44 | 000,462,848 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2010/07/27 00:53:44 | 000,014,456 | ---- | C] () -- C:\Windows\SysWow64\Kara_v.dll
[2010/07/26 20:40:57 | 000,000,000 | ---- | C] () -- C:\Users\Wolfe\AppData\Roaming\wklnhst.dat
[2010/07/26 20:31:40 | 000,001,961 | ---- | C] () -- C:\Users\Wolfe\Application Data\Microsoft\Internet Explorer\Quick Launch\StopSign Software Station.lnk
[2010/07/26 20:27:09 | 000,001,401 | ---- | C] () -- C:\Users\Wolfe\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/07/26 20:17:28 | 001,310,720 | -HS- | C] () -- C:\Users\Wolfe\NTUSER.DAT
[2010/07/26 20:17:28 | 000,524,288 | -HS- | C] () -- C:\Users\Wolfe\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010/07/26 20:17:28 | 000,524,288 | -HS- | C] () -- C:\Users\Wolfe\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010/07/26 20:17:28 | 000,262,144 | -HS- | C] () -- C:\Users\Wolfe\ntuser.dat.LOG1
[2010/07/26 20:17:28 | 000,065,536 | -HS- | C] () -- C:\Users\Wolfe\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010/07/26 20:17:28 | 000,000,290 | ---- | C] () -- C:\Users\Wolfe\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2010/07/26 20:17:28 | 000,000,272 | ---- | C] () -- C:\Users\Wolfe\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010/07/26 20:17:28 | 000,000,020 | -HS- | C] () -- C:\Users\Wolfe\ntuser.ini
[2010/07/26 20:17:28 | 000,000,000 | -HS- | C] () -- C:\Users\Wolfe\ntuser.dat.LOG2
[2009/07/13 16:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 14:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/01/05 15:44:10 | 000,000,453 | ---- | C] () -- C:\Windows\bdoscandellang.ini
========== LOP Check ========== [2010/08/13 01:04:04 | 000,000,000 | ---D | M] -- C:\Users\Wolfe\AppData\Roaming\DAEMON Tools Lite
[2010/07/26 20:36:55 | 000,000,000 | ---D | M] -- C:\Users\Wolfe\AppData\Roaming\eAcceleration
[2010/08/05 18:36:47 | 000,000,000 | ---D | M] -- C:\Users\Wolfe\AppData\Roaming\gtk-2.0
[2010/08/04 13:48:54 | 000,000,000 | ---D | M] -- C:\Users\Wolfe\AppData\Roaming\Screaming Bee
[2010/08/06 21:27:33 | 000,000,000 | ---D | M] -- C:\Users\Wolfe\AppData\Roaming\SecondLife
[2010/08/13 02:17:59 | 000,000,000 | ---D | M] -- C:\Users\Wolfe\AppData\Roaming\uTorrent
[2010/08/09 07:01:24 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At1.job
[2010/08/13 13:45:25 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At2.job
[2010/08/13 19:04:25 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At3.job
[2010/08/14 01:14:23 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\At4.job
[2009/07/13 22:08:49 | 000,008,128 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* >[2010/04/02 00:58:52 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010/08/13 02:25:34 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat
[2010/08/16 17:51:15 | 1405,272,064 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/16 17:51:18 | 1873,698,816 | -HS- | M] () -- C:\pagefile.sys
[2010/04/02 00:15:34 | 000,003,274 | ---- | M] () -- C:\RHDSetup.log
[2010/08/09 09:49:14 | 000,000,268 | ---- | M] () -- C:\rkill.log
[2010/08/09 10:08:42 | 000,060,902 | ---- | M] () -- C:\TDSSKiller.2.4.1.0_09.08.2010_10.07.16_log.txt
< %systemroot%\system32\*.wt > < %systemroot%\system32\*.ruy > < %systemroot%\Fonts\*.com >[2009/07/13 22:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/13 22:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/13 22:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/13 22:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll > < %systemroot%\Fonts\*.ini >[2009/06/10 13:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 > < %systemroot%\system32\spool\prtprocs\w32x86\*.* > < %systemroot%\REPAIR\*.bak1 > < %systemroot%\REPAIR\*.ini > < %systemroot%\system32\*.jpg > < %systemroot%\*.scr >[2009/07/10 12:15:46 | 000,306,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
< %systemroot%\*._sy > < %APPDATA%\Adobe\Update\*.* > < %ALLUSERSPROFILE%\Favorites\*.* > < %APPDATA%\Microsoft\*.* > < %PROGRAMFILES%\*.* >[2009/07/13 21:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
< %APPDATA%\Update\*.* > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\system32\user32.dll /md5 >[2009/07/13 18:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll
< %systemroot%\system32\ws2_32.dll /md5 >[2009/07/13 18:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
< %systemroot%\system32\ws2help.dll /md5 >[2009/07/13 18:11:26 | 000,004,608 | ---- | M] (Microsoft Corporation) MD5=808AABDF9337312195CAFF76D1804786 -- C:\Windows\SysWOW64\ws2help.dll
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >< End of report >
EXTRAS.txt
OTL Extras logfile created on: 8/16/2010 5:56:52 PM - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Wolfe\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 52.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 67.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 218.78 Gb Total Space | 185.60 Gb Free Space | 84.83% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: WOLFE-PC
Current User Name: Wolfe
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [MediaMonkey.1Play] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)
Directory [MediaMonkey.2PlayNext] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
Directory [MediaMonkey.3Enqueue] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [MediaMonkey.1Play] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)
Directory [MediaMonkey.2PlayNext] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
Directory [MediaMonkey.3Enqueue] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{42281103-DF49-8A45-C960-977096F29F45}" = ccc-utility64
"{6F43CF39-8B2F-546B-57E3-4803E935C465}" = ATI Catalyst Install Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}" = MyWinLocker
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{15424D99-B708-54FD-94EC-997BE1976918}" = CCC Help Japanese
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1DCEE28F-CEDA-ADBA-DE41-1377ADD42DD3}" = CCC Help Finnish
"{204D48C5-6231-4955-83EC-623DCB437FD9}_is1" = Emerald Viewer 1.23.5.1636
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2552055A-7121-346E-F287-C0E7CC1BB36E}" = CCC Help Turkish
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{314AD191-596F-40C0-ACED-3AD78C9649F1}_is1" = WMA MP3 Converter v4.0 build 1217
"{327AD686-FD94-F270-C0C9-D379ACC3CCA3}" = CCC Help Russian
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3CABCB73-0ABE-9578-A11C-6888ECF5D6D7}" = CCC Help Portuguese
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3DCF232A-B152-4375-B840-F19D866A316D}" = Catalyst Control Center Graphics Full New
"{3F34DE3B-887D-72A9-FCFE-2676B2EDBE67}" = CCC Help Thai
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4C93C363-414E-11D4-9756-00C04F8EEB39}" = Macromedia Flash 5
"{51F026FA-5146-4232-A8BA-1364740BD053}" = Acer Crystal Eye webcam
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{5B30D670-AA94-3DAC-965D-CA8FED631DA3}" = Catalyst Control Center Graphics Previews Common
"{5F65AB3C-FCF3-E10B-3203-26F3C133F036}" = CCC Help Chinese Standard
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{64CFDAC9-C358-88FE-E0E3-B33ED5C8AB2C}" = CCC Help Norwegian
"{67E03279-F703-408F-B4BF-46B5FC8D70CD}" = Microsoft Works
"{702A9675-C93C-6914-7B90-8056525349A7}" = Catalyst Control Center Graphics Light
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"{7661AFE4-1F7A-8B5C-D395-3A8B682F106A}" = CCC Help Korean
"{77D3B22B-CB40-19AE-5A7D-9256E9862010}" = Catalyst Control Center Core Implementation
"{7A034366-3901-4204-BCE1-944C88587197}" = Female Voice Pack
"{7A555AD4-057E-EB0B-3C2D-82658AA1B190}" = CCC Help English
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{81FC1368-171E-4151-E3E1-D63C8CF1F150}" = CCC Help Polish
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{85DD738D-6572-53AA-E570-50D0D0842722}" = Catalyst Control Center Graphics Full Existing
"{86141D3B-58F6-D4E9-809E-05032F1C09BE}" = CCC Help Swedish
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{97DA45B6-451C-A4B8-897F-106E2B3B6E2F}" = CCC Help Dutch
"{987B04C4-B5AC-4AD6-A7E9-8D681085B850}" = AMD USB Filter Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A25A7B10-75EA-4208-AAF1-0E3841C444F1}" = MorphVOX Pro
"{A26840C5-95D5-BB10-700A-304AA9F4AF92}" = CCC Help Greek
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A385939C-3DE9-5568-D8B0-3972BA293DC7}" = CCC Help German
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI
"{B284EA3C-8391-5648-BFC4-800A44D01ADA}" = ccc-core-static
"{B2F1B278-B685-1112-F051-AD05C5946C0D}" = CCC Help French
"{B3A0945A-1A84-BD5C-D33A-F4DC811FCCCC}" = CCC Help Chinese Traditional
"{B4060669-4633-038A-8A50-E05D1F54929E}" = CCC Help Czech
"{BC171806-3828-33E5-289C-9609C5BC59DF}" = Catalyst Control Center Localization All
"{BDE26FB2-E880-BFF9-3A85-18D70FC44D8D}" = Catalyst Control Center InstallProxy
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C31501D8-8267-A455-D269-85FBDBE2BFC3}" = CCC Help Italian
"{C75A193A-D403-5707-7D32-166DF4EA47DD}" = CCC Help Spanish
"{D4905980-7A59-8CE0-1336-EBC0338DAC1B}" = CCC Help Hungarian
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F98098D2-8822-1B1D-6771-945669046216}" = CCC Help Danish
"{FC635D8E-FFBA-4B2C-BE68-A37D56BDFB74}" = Catalyst Control Center - Branding
"7-Zip" = 7-Zip 4.65
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Audacity_is1" = Audacity 1.2.6
"CCleaner" = CCleaner
"EaccelSetup" = StopSign Internet Security
"Free Audio Converter_is1" = Free Audio Converter version 2.0
"Guild Wars" = Guild Wars
"Identity Card" = Identity Card
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"jZip" = jZip
"Karaoke 5_is1" = Karaoke 5 ver. 39
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaMonkey_is1" = MediaMonkey 3.2
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"SecondLife" = SecondLife (remove only)
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"WinGimp-2.0_is1" = GIMP 2.6.10
"WinLiveSuite_Wave3" = Windows Live Essentials
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 8/13/2010 5:22:58 AM | Computer Name = Wolfe-PC | Source = EventSystem | ID = 4621
Description =
Error - 8/13/2010 8:02:12 AM | Computer Name = Wolfe-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe_WinDefend, version: 6.1.7600.16385,
time stamp: 0x4a5bc3c1 Faulting module name: ntdll.dll, version: 6.1.7600.16385,
time stamp: 0x4a5be02b Exception code: 0xc0000006 Fault offset: 0x000000000005345c
Faulting
process id: 0x2a4 Faulting application start time: 0x01cb3ac9e3511e0d Faulting application
path: C:\Windows\System32\svchost.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: 9ad20181-a6d2-11df-9e95-705ab6d9668f
Error - 8/13/2010 8:02:12 AM | Computer Name = Wolfe-PC | Source = Application Error | ID = 1005
Description = Windows cannot access the file for one of the following reasons: there
is a problem with the network connection, the disk that the file is stored on,
or the storage drivers installed on this computer; or the disk is missing. Windows
closed the program Host Process for Windows Services because of this error. Program:
Host Process for Windows Services File: The error value is listed in the Additional
Data section. User Action 1. Open the file again. This situation might be a temporary
problem that corrects itself when the program runs again. 2. If the file still cannot
be accessed and - It is on the network, your network administrator should verify
that there is not a problem with the network and that the server can be contacted.
-
It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the
disk is fully inserted into the computer. 3. Check and repair the file system by
running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click
OK. At the command prompt, type CHKDSK /F, and then press ENTER. 4. If the problem
persists, restore the file from a backup copy. 5. Determine whether other files
on the same disk can be opened. If not, the disk might be damaged. If it is a hard
disk, contact your administrator or computer hardware vendor for further assistance.
Additional
Data Error value: C0000185 Disk type: 0
Error - 8/13/2010 9:09:05 AM | Computer Name = Wolfe-PC | Source = Application Error | ID = 1000
Description = Faulting application name: wmpnetwk.exe, version: 12.0.7600.16385,
time stamp: 0x4a5bd03d Faulting module name: ntdll.dll, version: 6.1.7600.16385,
time stamp: 0x4a5be02b Exception code: 0xc0000006 Fault offset: 0x000000000005046a
Faulting
process id: 0xb7c Faulting application start time: 0x01cb3ac99eca4ce7 Faulting application
path: C:\Program Files\Windows Media Player\wmpnetwk.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: f2c34153-a6db-11df-9e95-705ab6d9668f
Error - 8/13/2010 9:09:05 AM | Computer Name = Wolfe-PC | Source = Application Error | ID = 1005
Description = Windows cannot access the file for one of the following reasons: there
is a problem with the network connection, the disk that the file is stored on,
or the storage drivers installed on this computer; or the disk is missing. Windows
closed the program Windows Media Player Network Sharing Service because of this
error. Program: Windows Media Player Network Sharing Service File: The error value
is listed in the Additional Data section. User Action 1. Open the file again. This
situation might be a temporary problem that corrects itself when the program runs
again. 2. If the file still cannot be accessed and - It is on the network, your network
administrator should verify that there is not a problem with the network and that
the server can be contacted. - It is on a removable disk, for example, a floppy
disk or CD-ROM, verify that the disk is fully inserted into the computer. 3. Check
and repair the file system by running CHKDSK. To run CHKDSK, click Start, click
Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then
press ENTER. 4. If the problem persists, restore the file from a backup copy. 5.
Determine whether other files on the same disk can be opened. If not, the disk might
be damaged. If it is a hard disk, contact your administrator or computer hardware
vendor for further assistance. Additional Data Error value: C0000185 Disk type: 0
Error - 8/13/2010 1:22:54 PM | Computer Name = Wolfe-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe_SysMain, version: 6.1.7600.16385,
time stamp: 0x4a5bc3c1 Faulting module name: sysmain.dll, version: 6.1.7600.16385,
time stamp: 0x4a5be07e Exception code: 0xc0000006 Fault offset: 0x000000000009c84e
Faulting
process id: 0x3a8 Faulting application start time: 0x01cb3ac992527e36 Faulting application
path: C:\Windows\System32\svchost.exe Faulting module path: c:\windows\system32\sysmain.dll
Report
Id: 6800afd9-a6ff-11df-9e95-705ab6d9668f
Error - 8/13/2010 1:22:58 PM | Computer Name = Wolfe-PC | Source = Application Error | ID = 1005
Description = Windows cannot access the file C:\Windows\Prefetch\AgCx_SC1.db.trx
for one of the following reasons: there is a problem with the network connection,
the disk that the file is stored on, or the storage drivers installed on this computer;
or the disk is missing. Windows closed the program Host Process for Windows Services
because of this error. Program: Host Process for Windows Services File: C:\Windows\Prefetch\AgCx_SC1.db.trx
The
error value is listed in the Additional Data section. User Action 1. Open the file
again. This situation might be a temporary problem that corrects itself when the
program runs again. 2. If the file still cannot be accessed and - It is on the network,
your
network administrator should verify that there is not a problem with the network
and that the server can be contacted. - It is on a removable disk, for example,
a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3.
Check and repair the file system by running CHKDSK. To run CHKDSK, click Start,
click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F,
and then press ENTER. 4. If the problem persists, restore the file from a backup
copy. 5. Determine whether other files on the same disk can be opened. If not, the
disk might be damaged. If it is a hard disk, contact your administrator or computer
hardware vendor for further assistance. Additional Data Error value: C0000185 Disk
type: 3
Error - 8/13/2010 3:25:42 PM | Computer Name = Wolfe-PC | Source = Application Error | ID = 1000
Description = Faulting application name: station_bk.exe, version: 2.0.0.92, time
stamp: 0x4c210faf Faulting module name: ntdll.dll, version: 6.1.7600.16385, time
stamp: 0x4a5bdb3b Exception code: 0xc0000006 Fault offset: 0x0004d961 Faulting process
id: 0x8f0 Faulting application start time: 0x01cb3ac99d1b73d5 Faulting application
path: C:\Program Files (x86)\eAcceleration\Station\station_bk.exe Faulting module
path: C:\Windows\SysWOW64\ntdll.dll Report Id: 8fac0d0a-a710-11df-9e95-705ab6d9668f
Error - 8/13/2010 3:25:43 PM | Computer Name = Wolfe-PC | Source = Application Error | ID = 1005
Description = Windows cannot access the file for one of the following reasons: there
is a problem with the network connection, the disk that the file is stored on,
or the storage drivers installed on this computer; or the disk is missing. Windows
closed the program StopSign Background Instance because of this error. Program:
StopSign Background Instance File: The error value is listed in the Additional Data
section. User Action 1. Open the file again. This situation might be a temporary problem
that corrects itself when the program runs again. 2. If the file still cannot be
accessed and - It is on the network, your network administrator should verify that
there is not a problem with the network and that the server can be contacted. -
It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the
disk is fully inserted into the computer. 3. Check and repair the file system by
running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click
OK. At the command prompt, type CHKDSK /F, and then press ENTER. 4. If the problem
persists, restore the file from a backup copy. 5. Determine whether other files
on the same disk can be opened. If not, the disk might be damaged. If it is a hard
disk, contact your administrator or computer hardware vendor for further assistance.
Additional
Data Error value: C0000185 Disk type: 0
Error - 8/13/2010 3:57:11 PM | Computer Name = Wolfe-PC | Source = Application Error | ID = 1000
Description = Faulting application name: onaccess.exe, version: 3.0.0.86, time stamp:
0x4c3e4dd6 Faulting module name: onaccess_fw.dll_unloaded, version: 0.0.0.0, time
stamp: 0x4c3e4da0 Exception code: 0xc0000005 Fault offset: 0x022becc4 Faulting process
id: 0xbbc Faulting application start time: 0x01cb3b219eae23e4 Faulting application
path: C:\Program Files (x86)\StopSign\OnAccess\onaccess.exe Faulting module path:
onaccess_fw.dll Report Id: f5b8ed9c-a714-11df-9f6b-705ab6d9668f
[ System Events ]
Error - 8/12/2010 5:18:53 AM | Computer Name = Wolfe-PC | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort0.
Error - 8/12/2010 5:18:53 AM | Computer Name = Wolfe-PC | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort0.
Error - 8/12/2010 5:18:53 AM | Computer Name = Wolfe-PC | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort0.
Error - 8/12/2010 5:18:53 AM | Computer Name = Wolfe-PC | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort0.
Error - 8/12/2010 5:18:53 AM | Computer Name = Wolfe-PC | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort0.
Error - 8/12/2010 5:19:31 AM | Computer Name = Wolfe-PC | Source = volsnap | ID = 393230
Description = The shadow copies of volume C: were aborted because of an IO failure
on volume C:.
Error - 8/12/2010 5:27:22 AM | Computer Name = Wolfe-PC | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort0.
Error - 8/12/2010 5:27:22 AM | Computer Name = Wolfe-PC | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort0.
Error - 8/12/2010 5:27:22 AM | Computer Name = Wolfe-PC | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort0.
Error - 8/12/2010 2:05:57 PM | Computer Name = Wolfe-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 11:04:34 AM on ?8/?12/?2010 was unexpected.
< End of report >
This topic is locked
Back to top
