Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Please Help... new booty here


  • Please log in to reply
19 replies to this topic

#1 absinthe

absinthe

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:50 AM

Posted 17 August 2010 - 12:55 AM


ok I tried to run GMER and it said the system files were in use by annother process, also, I could not click any of the boxes on GMER except i get the following error C:Windows\System32\config\system: the system cannot find the file specified however it did run a scan and the following two items came up on the screen

reg HKEY\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{26FCA3F7-7EE0-A5D2-8F20-766A3309309E}

reg HKEY\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{26FCA3F7-7EE0-A5D2-8F20-766A3309309E}@nahfmmoffhoncpgjchhmljijfmj


DDS (Ver_10-03-17.01) - NTFSX64
Run by Louis at 22:09:26.01 on Mon 08/16/2010
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.8180.5984 [GMT -7:00]

SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7984240545aadb84\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files\Alwil Software\Avast5\afwServ.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7984240545aadb84\AESTSr64.exe
C:\Windows\system32\svchost.exe -k apphost
c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files (x86)\OSD\OSD_Service.exe
C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe
C:\Program Files (x86)\CyberLink\Shared Files\brs.exe
C:\Program Files (x86)\OSD\OSD.exe
c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Alienware\Command Center\AlienSense\FATrayAlert.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Alienware\Command Center\AlienFXHook32Mngr.exe
C:\Program Files\Alienware\Command Center\AlienFXHook64Mngr.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DeviceDisplayObjectProvider.exe
C:\Windows\System32\dinotify.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10h_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Windows\helppane.exe
C:\Program Files (x86)\Opera\Opera.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\System32\msdt.exe
C:\Windows\System32\msdt.exe
C:\Windows\System32\sdiagnhost.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\sdiagnhost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Louis\Documents\Downloads\Programs\dds.EXE
C:\Windows\system32\conhost.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/
uDefault_Page_URL = hxxp://www.alienware.com/
uSearch Bar = hxxp://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60426
mDefault_Page_URL = hxxp://www.yahoo.com
mStart Page = hxxp://www.yahoo.com
uURLSearchHooks: H - No File
BHO: Disabled:{0055C089-8582-441B-A0BF-17B458C2A3A8} - No File
BHO: Disabled:{02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Disabled:{18DF081C-E8AD-4283-A596-FA578C2EBDC3} - No File
BHO: Disabled:{A2F122DA-055F-4df7-8F24-7354DBDBA85B} - No File
BHO: Disabled:{C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - No File
BHO: Disabled:{DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
BHO: Disabled:{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - No File
BHO: IDMIEHlprObj Class: {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files (x86)\internet download manager\IDMIECC.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~2\spybot~1\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files (x86)\microsoft office\office12\GrooveShellExtensions.dll
BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
TB: Search Toolbar: {0c8413c1-fad1-446c-8584-be50576f863e} - c:\program files (x86)\search toolbar\tbcore3.dll
TB: {71576546-354D-41C9-AAE8-31F2EC22BF0D} - No File
TB: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
uRun: [SpybotSD TeaTimer] c:\program files (x86)\spybot - search & destroy\TeaTimer.exe
uRun: [IDMan] c:\program files (x86)\internet download manager\IDMan.exe /onboot
mRun: [FATrayAlert] c:\program files\alienware\command center\aliensense\FATrayMon.exe
mRun: [OSD_LAUNCH] c:\program files (x86)\osd\Launch_OSD.exe
mRun: [StartCCC] "c:\program files (x86)\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [BDRegion] c:\program files (x86)\cyberlink\shared files\brs.exe
mRun: [UCam_Menu] "c:\program files (x86)\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files (x86)\cyberlink\youcam" updatewithcreateonce "software\cyberlink\youcam\2.0"
mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
mRun: [FAStartup]
mRun: [GrooveMonitor] "c:\program files (x86)\microsoft office\office12\GrooveMonitor.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files (x86)\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files (x86)\common files\adobe\arm\1.0\AdobeARM.exe"
mRunOnce: [Launcher] c:\program files (x86)\dell datasafe local backup\components\scheduler\Launcher.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Download all links with IDM - c:\program files (x86)\internet download manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files (x86)\internet download manager\IEGetVL.htm
IE: Download with IDM - c:\program files (x86)\internet download manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~2\micros~3\office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {88EB38EF-4D2C-436D-ABD3-56B232674062}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - c:\program files (x86)\pokerstars.net\PokerStarsUpdate.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~2\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~2\micros~3\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~2\spybot~1\SDHelper.dll
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files (x86)\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~2\common~1\skype\SKYPE4~1.DLL
Notify: FastAccess - c:\program files\alienware\command center\aliensense\FALogNot.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files (x86)\microsoft office\office12\GrooveShellExtensions.dll
LSA: Notification Packages = scecli FAPassSync
BHO-X64: {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
TB-X64: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
TB-X64: {71576546-354D-41C9-AAE8-31F2EC22BF0D} - No File
TB-X64: {0C8413C1-FAD1-446C-8584-BE50576F863E} - No File
TB-X64: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
mRun-x64: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun-x64: [AlienFX Controller] "c:\program files\alienware\command center\AlienwareAlienFXController.exe"
mRun-x64: [(Default)]
mRun-x64: [IAAnotif] c:\program files (x86)\intel\intel matrix storage manager\iaanotif.exe
mRun-x64: [SysTrayApp] c:\program files\idt\wdm\sttray64.exe
mRun-x64: [FreeFallProtection] c:\program files (x86)\stmicroelectronics\accelerometer\FF_Protection.exe
mRunOnce-x64: [DSUpdateLauncher] "c:\program files (x86)\dell datasafe local backup\components\dsupdate\hstart.exe" /noconsole /d="c:\program files (x86)\dell datasafe local backup\components\dsupdate" /runas "c:\program files (x86)\dell datasafe local backup\components\dsupdate\DSUpd.exe"
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
Hosts: 127.0.0.1 www.spywareinfo.com

============= SERVICES / DRIVERS ===============

R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [2010-3-4 12368]
R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [2010-3-4 250448]
R0 stdflt;Disk Filter Driver for Accelerometer;c:\windows\system32\drivers\stdflt.sys [2010-8-1 19504]
R1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [2010-3-4 124496]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2010-3-4 432720]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-3-4 121936]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 59904]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt64.inf_amd64_neutral_7984240545aadb84\AESTSr64.exe [2010-2-5 89600]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-2-5 202752]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-3-4 20048]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-3-4 61008]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-6-29 40384]
R2 avast! Firewall;avast! Firewall;c:\program files\alwil software\avast5\afwServ.exe [2010-6-29 119200]
R2 FAService;FAService;c:\program files\alienware\command center\aliensense\FAService.exe [2009-6-24 2368776]
R2 HappyOSD;HappyOSD;c:\program files (x86)\osd\OSD_Service.exe [2010-2-5 12800]
R2 InstallFilterService;FF Install Filter Service;c:\program files (x86)\stmicroelectronics\accelerometer\InstallFilterService.exe [2010-8-1 59904]
R2 rimspci;rimspci;c:\windows\system32\drivers\rimspe64.sys [2010-2-5 60416]
R2 risdpcie;risdpcie;c:\windows\system32\drivers\risdpe64.sys [2010-2-5 80896]
R2 rixdpcie;rixdpcie;c:\windows\system32\drivers\rixdpe64.sys [2010-2-5 55808]
R2 SftService;SoftThinks Agent Service;c:\program files (x86)\dell datasafe local backup\SftService.exe [2010-2-5 658656]
R3 Acceler;Accelerometer Service;c:\windows\system32\drivers\Acceler.sys [2010-8-1 25136]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-6-29 40384]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-6-29 40384]
R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\drivers\e1k62x64.sys [2010-2-5 273072]
R3 FACAP;facap, FastAccess Video Capture;c:\windows\system32\drivers\facap.sys [2008-9-24 238848]
R3 itecir;ITECIR Infrared Receiver;c:\windows\system32\drivers\itecir.sys [2010-2-24 67616]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-13 17920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);c:\program files (x86)\google\update\GoogleUpdate.exe [2010-3-6 135664]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\spybot - search & destroy\SDWinSec.exe [2010-5-14 1153368]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2010-2-5 35104]
S3 IAMTVE;Driver for Intel® Active Management Technology - KCS;c:\windows\system32\drivers\IAMTVE.sys [2010-2-5 43416]
S3 IAMTXPE;Driver for Intel® Active Management Technology - KCS;c:\windows\system32\drivers\IAMTXPE.sys [2010-2-5 51096]
S3 ioatdma;Intel® QuickData Technology device;c:\windows\system32\drivers\qd260x64.sys [2010-2-5 41096]
S3 ioatdma1;ioatdma1;c:\windows\system32\drivers\qd162x64.sys [2010-2-5 40144]
S3 ioatdma2;Intel® QuickData Technology device ver.2;c:\windows\system32\drivers\qd262x64.sys [2010-2-5 41680]
S3 iSSetup;iSSetup;c:\windows\system32\drivers\iSSetup.sys [2010-2-5 171744]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-3-9 1255736]

=============== Created Last 30 ================

2010-08-14 22:19:31 65536 --sha-w- c:\users\louis\ntuser.dat{9b101e6d-a739-11df-bf08-dd9c59c1d039}.TM.blf
2010-08-14 22:19:31 524288 --sha-w- c:\users\louis\ntuser.dat{9b101e6d-a739-11df-bf08-dd9c59c1d039}.TMContainer00000000000000000002.regtrans-ms
2010-08-14 22:19:31 524288 --sha-w- c:\users\louis\ntuser.dat{9b101e6d-a739-11df-bf08-dd9c59c1d039}.TMContainer00000000000000000001.regtrans-ms
2010-08-12 21:01:03 0 d-----w- C:\f65f9eaac4f7676a32352ca572d94f
2010-08-12 17:18:58 82944 ----a-w- c:\windows\syswow64\iccvid.dll
2010-08-12 17:12:30 463360 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-12 17:12:30 404992 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-08-12 17:12:30 162304 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-08-12 17:12:26 340992 ----a-w- c:\windows\system32\schannel.dll
2010-08-12 17:12:26 224256 ----a-w- c:\windows\syswow64\schannel.dll
2010-08-12 17:09:20 52224 ----a-w- c:\windows\system32\rtutils.dll
2010-08-12 17:09:20 37376 ----a-w- c:\windows\syswow64\rtutils.dll
2010-08-12 17:09:19 3122688 ----a-w- c:\windows\system32\win32k.sys
2010-08-12 17:09:12 1877504 ----a-w- c:\windows\system32\msxml3.dll
2010-08-12 17:09:12 1233920 ----a-w- c:\windows\syswow64\msxml3.dll
2010-08-11 18:55:18 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2010-08-10 18:39:13 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2010-08-10 18:39:13 444952 ----a-w- c:\windows\syswow64\wrap_oal.dll
2010-08-10 18:39:13 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2010-08-10 18:39:13 109080 ----a-w- c:\windows\syswow64\OpenAL32.dll
2010-08-10 18:39:13 0 d-----w- c:\program files (x86)\OpenAL
2010-08-10 18:39:05 0 d-----w- c:\program files (x86)\OpenAL 1.1 SDK
2010-08-09 04:32:42 0 d-----w- c:\program files (x86)\uTorrent
2010-08-07 11:35:09 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2010-08-05 06:28:00 0 d-----w- c:\windows\PCHEALTH
2010-08-05 06:22:42 0 d-----w- c:\program files\Microsoft Office
2010-08-05 06:22:25 0 d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2010-08-05 06:21:32 0 d-----w- c:\programdata\Microsoft Help
2010-08-05 06:17:37 0 d-----w- c:\users\louis\Tracing
2010-08-05 06:16:39 0 d-----w- c:\program files (x86)\Microsoft Office Communicator
2010-08-04 01:17:42 632 --sha-r- c:\users\louis\ntuser.pol
2010-08-02 21:31:16 12867584 ----a-w- c:\windows\syswow64\shell32.dll
2010-08-02 18:43:38 0 d-----w- c:\users\louis\appdata\roaming\IDM
2010-08-02 18:43:21 0 d-----w- c:\program files (x86)\Internet Download Manager
2010-08-02 06:09:22 25136 ----a-w- c:\windows\system32\drivers\Acceler.sys
2010-08-02 06:09:22 19504 ----a-w- c:\windows\system32\drivers\stdflt.sys
2010-08-02 06:09:21 0 d-----w- c:\program files (x86)\STMicroelectronics
2010-08-01 08:59:40 0 d-----w- c:\program files (x86)\PokerStars.NET
2010-08-01 07:33:40 0 d-----w- c:\programdata\NOS
2010-08-01 07:28:19 65536 --sha-w- c:\users\louis\ntuser.dat{f5c2b1e9-9d3b-11df-84ff-eb09854cbe82}.TM.blf
2010-08-01 07:28:19 524288 --sha-w- c:\users\louis\ntuser.dat{f5c2b1e9-9d3b-11df-84ff-eb09854cbe82}.TMContainer00000000000000000002.regtrans-ms
2010-08-01 07:28:19 524288 --sha-w- c:\users\louis\ntuser.dat{f5c2b1e9-9d3b-11df-84ff-eb09854cbe82}.TMContainer00000000000000000001.regtrans-ms
2010-07-30 05:45:18 0 d-----w- c:\windows\pss
2010-07-30 05:39:28 65536 --sha-w- c:\users\louis\ntuser.dat{89ecca70-9b93-11df-b658-d023ec2fbc35}.TM.blf
2010-07-30 05:39:28 524288 --sha-w- c:\users\louis\ntuser.dat{89ecca70-9b93-11df-b658-d023ec2fbc35}.TMContainer00000000000000000002.regtrans-ms
2010-07-30 05:39:28 524288 --sha-w- c:\users\louis\ntuser.dat{89ecca70-9b93-11df-b658-d023ec2fbc35}.TMContainer00000000000000000001.regtrans-ms
2010-07-29 23:02:13 0 d-----w- c:\programdata\ATI
2010-07-29 23:01:14 0 d-----w- c:\program files\ATI Technologies
2010-07-29 22:20:10 0 d-----w- C:\ATI
2010-07-20 23:40:11 0 d-----w- C:\video output
2010-07-20 22:29:07 0 d-----w- c:\program files (x86)\Opell Software
2010-07-20 09:47:14 0 d-----w- c:\program files (x86)\Speccy
2010-07-20 09:36:30 0 d-----w- c:\windows\$regcmp$

==================== Find3M ====================

2010-08-01 02:33:38 423656 ----a-w- c:\windows\syswow64\deployJava1.dll
2010-07-13 19:48:18 669184 ----a-w- c:\windows\syswow64\pbsvc.exe
2010-07-04 03:43:36 66872 ----a-w- c:\windows\syswow64\PnkBstrA.exe
2010-06-30 07:13:46 1192960 ----a-w- c:\windows\system32\wininet.dll
2010-06-30 06:25:31 978432 ----a-w- c:\windows\syswow64\wininet.dll
2010-06-30 06:25:18 1226240 ----a-w- c:\windows\syswow64\urlmon.dll
2010-06-30 06:22:45 606208 ----a-w- c:\windows\syswow64\mstime.dll
2010-06-30 06:22:34 5971456 ----a-w- c:\windows\syswow64\mshtml.dll
2010-06-30 06:22:33 64512 ----a-w- c:\windows\syswow64\msfeedsbs.dll
2010-06-30 06:21:57 48128 ----a-w- c:\windows\syswow64\jsproxy.dll
2010-06-30 06:21:47 185856 ----a-w- c:\windows\syswow64\iepeers.dll
2010-06-30 06:21:47 176640 ----a-w- c:\windows\syswow64\ieui.dll
2010-06-30 06:21:46 10985472 ----a-w- c:\windows\syswow64\ieframe.dll
2010-06-30 06:21:44 381440 ----a-w- c:\windows\syswow64\iedkcs32.dll
2010-06-30 06:19:16 12800 ----a-w- c:\windows\syswow64\msfeedssync.exe
2010-06-28 20:57:33 38848 ----a-w- c:\windows\avastSS.scr
2010-06-28 20:57:12 165032 ----a-w- c:\windows\syswow64\aswBoot.exe
2010-06-28 20:40:01 124496 ----a-w- c:\windows\system32\drivers\aswFW.sys
2010-06-28 20:39:49 432720 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2010-06-28 20:39:23 250448 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2010-06-28 20:33:00 61008 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-06-19 07:05:01 5507968 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-06-19 06:33:29 3955080 ----a-w- c:\windows\syswow64\ntkrnlpa.exe
2010-06-19 06:33:29 3899784 ----a-w- c:\windows\syswow64\ntoskrnl.exe
2010-06-19 01:16:15 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_xusb21_01009.Wdf
2010-06-18 22:43:00 178800 ----a-w- c:\windows\syswow64\CmdLineExt_x64.dll
2010-05-27 07:24:13 34304 ----a-w- c:\windows\syswow64\atmlib.dll
2010-05-27 06:34:09 46080 ----a-w- c:\windows\system32\atmlib.dll
2010-05-27 04:11:32 366080 ----a-w- c:\windows\system32\atmfd.dll
2010-05-27 03:49:37 293888 ----a-w- c:\windows\syswow64\atmfd.dll
2010-05-21 21:14:28 270208 ------w- c:\windows\system32\MpSigStub.exe
2010-05-19 19:48:12 144384 ----a-w- c:\windows\system32\cdd.dll
2009-07-14 05:37:38 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2009-07-14 05:37:38 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2009-07-14 05:37:38 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2009-07-14 05:37:38 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2009-07-14 04:54:24 174 --sha-w- c:\program files\desktop.ini
2009-07-14 04:54:24 174 --sha-w- c:\program files (x86)\desktop.ini
2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-06-10 20:44:08 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
2010-04-24 02:59:21 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\feeds cache\index.dat
2010-04-24 02:59:21 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010042320100424\index.dat
2010-04-24 02:59:21 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\roaming\microsoft\windows\privacie\index.dat
2010-04-24 02:57:59 32768 --sha-w- c:\windows\syswow64\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010042320100424\index.dat
2010-04-24 09:28:41 32768 --sha-w- c:\windows\syswow64\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010042420100425\index.dat
2009-07-14 01:39:53 398848 --sha-w- c:\windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f696639a2\WinMail.exe
2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

============= FINISH: 22:10:04.07 ===============


Please Help me I am totally lost and confused here I do not really know my way around a computer and am flying blind here any help would be totally appreciated even if it is just to offer guidance or suggestions as to what to read thank you all for offering your time and your guidance


Absinthe-

Attached Files



BC AdBot (Login to Remove)

 


#2 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:02:50 AM

Posted 24 August 2010 - 07:03 AM

Hello absinthe

Welcome to BleepingComputer smile.gif

What problems are you having?
==========================
  • Download OTL to your desktop.
  • Double click on OTL to run it.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Standard Registry box change it to All.
  • Under Custom scan's and fixes section paste in the below in bold

    netsvcs
    %SYSTEMDRIVE%\*.*
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\drivers\*.sys /90
    %systemroot%\system32\Spool\prtprocs\w32x86\*.dll

  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image

#3 absinthe

absinthe
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:50 AM

Posted 24 August 2010 - 06:31 PM

First off Let me say thank you to all the people that even took the time to look at my post. Truly I am grateful that You took the time to see what was going on with my problems. And thank you KAYDAH for taking the time to help me thumbup.gif


Let’s see my computer completely freezes sometimes, won’t even allow the taskmanager to run- complete lockup. There is an unknown device on my system that needs to be updated, as told by the system diagnostic. I am connected to a broadband modem (clearwire) and my computer does not always recognize my internet connection. Saying no network access, I try and disable my wireless adapter and it keeps getting turned back on. I try to disallow network discovery (don’t want my computer connecting to or viewing other computers_) and it does not let me. I have to manually re plug in my internet modem cable, then take it out then plug it in again etc.. and when I try and run a scan Kaspersky Internet Security in safemode it only makes it to a certain percentage and then stops. My dvd drive locks up when burning, and sometimes it doesn’t even want to eject the disk, I have to restart Windows and wait for it to reboot then eject the disk. Recently my computer was restored to a earlier date, (total crash of windows) so I did a restore. And my computer would not even load windows for two days. Then it just started up two days later. I am very confused *scratches Head; looks up toward heaven exclaims “Windows why have you forsaken me"* deadhorse.gif :


OTL . txt
OTL logfile created on: 8/24/2010 4:15:55 PM - Run 2
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Louis\Documents\Downloads\Programs
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

8.00 Gb Total Physical Memory | 6.00 Gb Available Physical Memory | 78.00% Memory free
16.00 Gb Paging File | 14.00 Gb Available in Paging File | 87.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.07 Gb Total Space | 353.05 Gb Free Space | 78.27% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LOUIS-PC
Current User Name: Louis
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\Louis\My Documents\Downloads\Programs\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files (x86)\Opera\opera.exe (Opera Software)
PRC - C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
PRC - C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (Tonec Inc.)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe ()
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe (SoftThinks)
PRC - C:\Program Files (x86)\OSD\OSD.exe ()
PRC - C:\Program Files (x86)\OSD\OSD_Service.exe ()
PRC - C:\Program Files\Alienware\Command Center\AlienFXHook32Mngr.exe (Alienware)
PRC - C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe (Alienware Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe ()
PRC - C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe (Sensible Vision )
PRC - C:\Program Files\Alienware\Command Center\AlienSense\FATrayAlert.exe (Sensible Vision )
PRC - C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe (Sensible Vision )
PRC - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Program Files (x86)\CyberLink\Shared Files\brs.exe (cyberlink)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)


========== Modules (SafeList) ==========

MOD - C:\Users\Louis\My Documents\Downloads\Programs\OTL.exe (OldTimer Tools)
MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7984240545aadb84\stacsv64.exe (IDT, Inc.)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (btwdins) -- c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (WAS) -- C:\Windows\SysNative\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV:64bit: - (AppHostSvc) -- C:\Windows\SysNative\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV:64bit: - (FAService) -- C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe (Sensible Vision )
SRV:64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7984240545aadb84\AESTSr64.exe (Andrea Electronics Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
SRV - (clr_optimization_v4.0.30319_64) -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks)
SRV - (HappyOSD) -- C:\Program Files (x86)\OSD\OSD_Service.exe ()
SRV - (InstallFilterService) -- C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe ()
SRV - (IAANTMON) Intel® -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (Microsoft Office Groove Audit Service) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab)
DRV:64bit: - (kl2) -- C:\Windows\SysNative\drivers\kl2.sys (Kaspersky Lab ZAO)
DRV:64bit: - (KL1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV:64bit: - (AnyDVD) -- C:\Windows\SysNative\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV:64bit: - (itecir) -- C:\Windows\SysNative\drivers\itecir.sys (ITE Tech. Inc. )
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (Acceler) -- C:\Windows\SysNative\drivers\Acceler.sys (ST Microelectronics)
DRV:64bit: - (stdflt) -- C:\Windows\SysNative\drivers\stdflt.sys (ST Microelectronics)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (e1kexpress) Intel® -- C:\Windows\SysNative\drivers\e1k62x64.sys (Intel Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (rixdpcie) -- C:\Windows\SysNative\drivers\rixdpe64.sys (REDC)
DRV:64bit: - (rimspci) -- C:\Windows\SysNative\drivers\rimspe64.sys (REDC)
DRV:64bit: - (risdpcie) -- C:\Windows\SysNative\drivers\risdpe64.sys (REDC)
DRV:64bit: - (iSSetup) -- C:\Windows\SysNative\drivers\iSSetup.sys (Intel Corporation)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (rimmptsk) -- C:\Windows\SysNative\drivers\rimmpx64.sys (REDC)
DRV:64bit: - (rismxdp) -- C:\Windows\SysNative\drivers\rixdpx64.sys (REDC)
DRV:64bit: - (rimsptsk) -- C:\Windows\SysNative\drivers\rimspx64.sys (REDC)
DRV:64bit: - (ioatdma2) Intel® -- C:\Windows\SysNative\drivers\qd262x64.sys (Intel Corporation)
DRV:64bit: - (ioatdma1) -- C:\Windows\SysNative\drivers\qd162x64.sys (Intel Corporation)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (FACAP) -- C:\Windows\SysNative\drivers\facap.sys (Sensible Vision )
DRV:64bit: - (ioatdma) Intel® -- C:\Windows\SysNative\drivers\qd260x64.sys (Intel Corporation)
DRV:64bit: - (IAMTVE) Driver for Intel® -- C:\Windows\SysNative\drivers\IAMTVE.sys (Intel Corporation)
DRV:64bit: - (IAMTXPE) Driver for Intel® -- C:\Windows\SysNative\drivers\IAMTXPE.sys (Intel Corporation)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (AnyDVD) -- C:\Windows\SysWOW64\drivers\AnyDVD.sys (SlySoft, Inc.)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alienware.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://support.alienware.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\THBExt [2010/08/24 15:03:31 | 000,000,000 | ---D | M]

[2010/07/21 13:10:05 | 000,000,000 | ---D | M] -- C:\Users\Louis\AppData\Roaming\Mozilla\Extensions
[2010/02/18 21:19:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Louis\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010/07/21 13:10:05 | 000,000,000 | ---D | M] -- C:\Users\Louis\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org

O1 HOSTS File: ([2010/08/16 16:58:39 | 000,416,811 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.123fporn.info
O1 - Hosts: 14384 more lines...
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (no name) - Disabled:{0055C089-8582-441B-A0BF-17B458C2A3A8} - File not found
O2 - BHO: (no name) - Disabled:{02478D38-C3F9-4efb-9B51-7695ECA05670} - File not found
O2 - BHO: (no name) - Disabled:{18DF081C-E8AD-4283-A596-FA578C2EBDC3} - No CLSID value found.
O2 - BHO: (no name) - Disabled:{A2F122DA-055F-4df7-8F24-7354DBDBA85B} - No CLSID value found.
O2 - BHO: (no name) - Disabled:{C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - No CLSID value found.
O2 - BHO: (no name) - Disabled:{DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O2 - BHO: (no name) - Disabled:{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Search Toolbar) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - C:\Program Files (x86)\Search Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Search Toolbar) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - C:\Program Files (x86)\Search Toolbar\tbcore3.dll ()
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [AlienFX Controller] C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe (Alienware Corporation)
O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe ()
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [BDRegion] c:\Program Files (x86)\CyberLink\Shared Files\brs.exe (cyberlink)
O4 - HKLM..\Run: [FAStartup] File not found
O4 - HKLM..\Run: [FATrayAlert] C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe (Sensible Vision )
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [OSD_LAUNCH] c:\Program Files (x86)\OSD\Launch_OSD.exe (HH)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UCam_Menu] c:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SmartRAM] C:\Program Files (x86)\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe (IObit)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4:64bit: - HKLM..\RunOnce: [DSUpdateLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe (Dell)
O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe (Softthinks)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - Reg Error: Value error. File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Value error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 74.60.108.5 64.13.115.12
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\kloehk.dll (Kaspersky Lab ZAO)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\sbhook64.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\mzvkbd3.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\sbhook.dll (Kaspersky Lab ZAO)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\klogon: DllName - Reg Error: Key error. - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O20 - Winlogon\Notify\FastAccess: DllName - C:\Program Files\Alienware\Command Center\AlienSense\FALogNot.dll - C:\Program Files\Alienware\Command Center\AlienSense\FALogNot.dll ()
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\TSpkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\TSpkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\StarCraft (Windows).exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


========== Files/Folders - Created Within 30 Days ==========

[2010/08/24 15:03:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010/08/24 15:03:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2010/08/24 15:03:00 | 000,563,288 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2010/08/24 15:01:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2010/08/24 04:08:01 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2010/08/22 20:01:37 | 000,000,000 | ---D | C] -- C:\Users\Louis\Desktop\GodMode.{ED7BA470-8E54-465E-825C-99712043E01C}
[2010/08/18 01:43:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2010/08/16 23:13:37 | 000,000,000 | ---D | C] -- C:\Users\Louis\Desktop\mIRC
[2010/08/16 23:13:37 | 000,000,000 | ---D | C] -- C:\Users\Louis\AppData\Roaming\mIRC
[2010/08/16 22:15:57 | 000,000,000 | ---D | C] -- C:\Users\Louis\Desktop\gmer
[2010/08/12 14:01:03 | 000,000,000 | ---D | C] -- C:\f65f9eaac4f7676a32352ca572d94f
[2010/08/12 10:18:58 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2010/08/12 10:10:30 | 005,507,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010/08/12 10:10:29 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2010/08/12 10:10:29 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2010/08/12 10:10:05 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010/08/12 10:10:05 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010/08/12 10:10:04 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010/08/12 10:10:04 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010/08/12 10:10:04 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010/08/12 10:10:04 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010/08/12 10:09:20 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2010/08/12 10:09:20 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[2010/08/10 11:39:13 | 000,466,456 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2010/08/10 11:39:13 | 000,444,952 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2010/08/10 11:39:13 | 000,122,904 | ---- | C] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2010/08/10 11:39:13 | 000,109,080 | ---- | C] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2010/08/10 11:39:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2010/08/10 11:39:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL 1.1 SDK
[2010/08/08 21:32:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2010/08/07 03:04:48 | 000,000,000 | ---D | C] -- C:\Users\Louis\AppData\Roaming\vlc
[2010/08/04 23:29:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2010/08/04 23:28:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2010/08/04 23:28:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2010/08/04 23:28:00 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010/08/04 23:28:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2010/08/04 23:22:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010/08/04 23:22:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2010/08/04 23:21:40 | 000,000,000 | ---D | C] -- C:\Users\Louis\AppData\Local\Microsoft Help
[2010/08/04 23:21:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2010/08/04 23:21:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010/08/04 23:21:00 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010/08/04 23:17:37 | 000,000,000 | ---D | C] -- C:\Users\Louis\Tracing
[2010/08/04 23:16:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office Communicator
[2010/08/04 14:26:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2010/08/02 11:43:38 | 000,000,000 | ---D | C] -- C:\Users\Louis\AppData\Roaming\IDM
[2010/08/02 11:43:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Internet Download Manager
[2010/08/01 23:09:22 | 000,025,136 | ---- | C] (ST Microelectronics) -- C:\Windows\SysNative\drivers\Acceler.sys
[2010/08/01 23:09:22 | 000,019,504 | ---- | C] (ST Microelectronics) -- C:\Windows\SysNative\drivers\stdflt.sys
[2010/08/01 23:09:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\STMicroelectronics
[2010/08/01 01:59:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PokerStars.NET
[2010/08/01 00:37:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2010/08/01 00:37:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2010/08/01 00:33:58 | 000,000,000 | ---D | C] -- C:\Users\Louis\AppData\Local\NOS
[2010/08/01 00:33:40 | 000,000,000 | ---D | C] -- C:\ProgramData\NOS
[2010/07/31 20:43:42 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/07/29 22:45:18 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010/07/29 16:02:13 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010/07/29 16:01:14 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2010/07/29 15:20:10 | 000,000,000 | ---D | C] -- C:\ATI
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/08/24 16:16:47 | 008,650,752 | ---- | M] () -- C:\Users\Louis\ntuser.dat
[2010/08/24 16:15:50 | 000,149,773 | ---- | M] () -- C:\Windows\SysNative\drivers\klin.dat
[2010/08/24 16:15:50 | 000,106,765 | ---- | M] () -- C:\Windows\SysNative\drivers\klick.dat
[2010/08/24 16:08:04 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/08/24 16:08:04 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/08/24 16:00:56 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/08/24 16:00:50 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/08/24 16:00:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/08/24 16:00:33 | 2138,423,295 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/24 15:39:34 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/08/24 15:03:00 | 000,563,288 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2010/08/24 14:57:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/08/24 14:29:27 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2010/08/24 03:56:59 | 001,564,672 | ---- | M] () -- C:\Users\Louis\Documents\Tasks.accdb
[2010/08/24 03:56:19 | 000,579,994 | ---- | M] () -- C:\Users\Louis\Documents\Tasks.accdt
[2010/08/24 03:08:52 | 000,001,223 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare.lnk
[2010/08/23 00:43:23 | 000,002,016 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/08/18 18:00:54 | 000,009,974 | ---- | M] () -- C:\Users\Louis\Documents\Steroids.docx
[2010/08/16 23:13:37 | 000,000,629 | ---- | M] () -- C:\Users\Public\Desktop\mIRC.lnk
[2010/08/16 23:11:46 | 848,460,332 | ---- | M] () -- C:\Users\Louis\Desktop\The Expendables TS XViD - IMAGiNE.avi
[2010/08/16 16:58:39 | 000,416,811 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2010/08/15 22:08:09 | 000,752,588 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/08/15 22:08:09 | 000,632,946 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/08/15 22:08:09 | 000,110,548 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/08/14 15:22:15 | 000,524,288 | -HS- | M] () -- C:\Users\Louis\ntuser.dat{9b101e6d-a739-11df-bf08-dd9c59c1d039}.TMContainer00000000000000000002.regtrans-ms
[2010/08/14 15:22:15 | 000,524,288 | -HS- | M] () -- C:\Users\Louis\ntuser.dat{9b101e6d-a739-11df-bf08-dd9c59c1d039}.TMContainer00000000000000000001.regtrans-ms
[2010/08/14 15:22:15 | 000,065,536 | -HS- | M] () -- C:\Users\Louis\ntuser.dat{9b101e6d-a739-11df-bf08-dd9c59c1d039}.TM.blf
[2010/08/13 17:36:13 | 000,007,608 | ---- | M] () -- C:\Users\Louis\AppData\Local\Resmon.ResmonCfg
[2010/08/12 14:20:23 | 000,446,216 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/08/11 11:55:18 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010/08/10 11:39:13 | 000,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2010/08/10 11:39:13 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2010/08/10 11:39:13 | 000,122,904 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2010/08/10 11:39:13 | 000,109,080 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2010/08/10 10:11:42 | 000,010,012 | ---- | M] () -- C:\Users\Louis\Documents\advantage.docx
[2010/08/09 19:57:19 | 000,171,122 | ---- | M] () -- C:\Users\Louis\Documents\CIS 9123.docx
[2010/08/08 21:32:42 | 000,000,945 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010/08/08 16:04:06 | 000,415,769 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20100816-165839.backup
[2010/08/07 04:38:15 | 000,050,869 | ---- | M] () -- C:\Users\Louis\Documents\7.1-7.3 Homework.docx
[2010/08/07 04:35:09 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010/08/07 03:04:43 | 000,001,068 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010/08/05 23:48:51 | 000,002,625 | ---- | M] () -- C:\Users\Louis\Desktop\Microsoft Office Access 2007.lnk
[2010/08/05 11:49:31 | 000,117,688 | ---- | M] () -- C:\Users\Louis\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/08/04 23:52:25 | 000,000,478 | ---- | M] () -- C:\Windows\win.ini
[2010/08/04 23:17:32 | 000,002,607 | ---- | M] () -- C:\Users\Louis\Desktop\Microsoft Office Communicator 2007.lnk
[2010/08/04 14:26:47 | 000,000,859 | ---- | M] () -- C:\Users\Louis\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2010/08/04 14:26:47 | 000,000,835 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2010/08/03 21:04:46 | 000,000,632 | RHS- | M] () -- C:\Users\Louis\ntuser.pol
[2010/08/01 01:59:49 | 000,001,119 | ---- | M] () -- C:\Users\Louis\Application Data\Microsoft\Internet Explorer\Quick Launch\PokerStars.net.lnk
[2010/08/01 01:59:49 | 000,001,095 | ---- | M] () -- C:\Users\Public\Desktop\PokerStars.net.lnk
[2010/08/01 00:40:42 | 000,524,288 | -HS- | M] () -- C:\Users\Louis\ntuser.dat{f5c2b1e9-9d3b-11df-84ff-eb09854cbe82}.TMContainer00000000000000000002.regtrans-ms
[2010/08/01 00:40:42 | 000,524,288 | -HS- | M] () -- C:\Users\Louis\ntuser.dat{f5c2b1e9-9d3b-11df-84ff-eb09854cbe82}.TMContainer00000000000000000001.regtrans-ms
[2010/08/01 00:40:42 | 000,065,536 | -HS- | M] () -- C:\Users\Louis\ntuser.dat{f5c2b1e9-9d3b-11df-84ff-eb09854cbe82}.TM.blf
[2010/07/31 20:16:24 | 000,001,266 | ---- | M] () -- C:\Users\Louis\Desktop\Revo Uninstaller.lnk
[2010/07/31 19:33:38 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2010/07/31 10:41:54 | 000,000,221 | ---- | M] () -- C:\Users\Louis\Desktop\Race Driver GRID.url
[2010/07/29 22:41:09 | 000,524,288 | -HS- | M] () -- C:\Users\Louis\ntuser.dat{89ecca70-9b93-11df-b658-d023ec2fbc35}.TMContainer00000000000000000002.regtrans-ms
[2010/07/29 22:41:09 | 000,524,288 | -HS- | M] () -- C:\Users\Louis\ntuser.dat{89ecca70-9b93-11df-b658-d023ec2fbc35}.TMContainer00000000000000000001.regtrans-ms
[2010/07/29 22:41:09 | 000,065,536 | -HS- | M] () -- C:\Users\Louis\ntuser.dat{89ecca70-9b93-11df-b658-d023ec2fbc35}.TM.blf
[2010/07/28 23:30:34 | 000,082,944 | ---- | M] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2010/07/28 10:26:58 | 000,415,769 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20100808-160406.backup
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/08/24 15:04:17 | 000,149,773 | ---- | C] () -- C:\Windows\SysNative\drivers\klin.dat
[2010/08/24 15:04:17 | 000,106,765 | ---- | C] () -- C:\Windows\SysNative\drivers\klick.dat
[2010/08/24 03:56:19 | 000,579,994 | ---- | C] () -- C:\Users\Louis\Documents\Tasks.accdt
[2010/08/24 03:56:16 | 001,564,672 | ---- | C] () -- C:\Users\Louis\Documents\Tasks.accdb
[2010/08/24 03:08:52 | 000,001,223 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare.lnk
[2010/08/21 10:31:26 | 848,460,332 | ---- | C] () -- C:\Users\Louis\Desktop\The Expendables TS XViD - IMAGiNE.avi
[2010/08/18 18:00:53 | 000,009,974 | ---- | C] () -- C:\Users\Louis\Documents\Steroids.docx
[2010/08/16 23:13:37 | 000,000,629 | ---- | C] () -- C:\Users\Public\Desktop\mIRC.lnk
[2010/08/14 15:19:31 | 000,524,288 | -HS- | C] () -- C:\Users\Louis\ntuser.dat{9b101e6d-a739-11df-bf08-dd9c59c1d039}.TMContainer00000000000000000002.regtrans-ms
[2010/08/14 15:19:31 | 000,524,288 | -HS- | C] () -- C:\Users\Louis\ntuser.dat{9b101e6d-a739-11df-bf08-dd9c59c1d039}.TMContainer00000000000000000001.regtrans-ms
[2010/08/14 15:19:31 | 000,065,536 | -HS- | C] () -- C:\Users\Louis\ntuser.dat{9b101e6d-a739-11df-bf08-dd9c59c1d039}.TM.blf
[2010/08/11 11:55:18 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010/08/10 10:11:42 | 000,010,012 | ---- | C] () -- C:\Users\Louis\Documents\advantage.docx
[2010/08/09 19:59:17 | 000,002,016 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/08/09 16:57:54 | 000,171,122 | ---- | C] () -- C:\Users\Louis\Documents\CIS 9123.docx
[2010/08/08 21:32:42 | 000,000,945 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010/08/07 04:35:09 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010/08/07 03:04:43 | 000,001,068 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010/08/06 01:14:04 | 000,050,869 | ---- | C] () -- C:\Users\Louis\Documents\7.1-7.3 Homework.docx
[2010/08/04 23:32:53 | 000,002,625 | ---- | C] () -- C:\Users\Louis\Desktop\Microsoft Office Access 2007.lnk
[2010/08/04 23:17:32 | 000,002,607 | ---- | C] () -- C:\Users\Louis\Desktop\Microsoft Office Communicator 2007.lnk
[2010/08/04 14:26:47 | 000,000,859 | ---- | C] () -- C:\Users\Louis\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2010/08/04 14:26:47 | 000,000,835 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2010/08/03 18:17:42 | 000,000,632 | RHS- | C] () -- C:\Users\Louis\ntuser.pol
[2010/08/01 01:59:49 | 000,001,119 | ---- | C] () -- C:\Users\Louis\Application Data\Microsoft\Internet Explorer\Quick Launch\PokerStars.net.lnk
[2010/08/01 01:59:49 | 000,001,095 | ---- | C] () -- C:\Users\Public\Desktop\PokerStars.net.lnk
[2010/08/01 00:28:19 | 000,524,288 | -HS- | C] () -- C:\Users\Louis\ntuser.dat{f5c2b1e9-9d3b-11df-84ff-eb09854cbe82}.TMContainer00000000000000000002.regtrans-ms
[2010/08/01 00:28:19 | 000,524,288 | -HS- | C] () -- C:\Users\Louis\ntuser.dat{f5c2b1e9-9d3b-11df-84ff-eb09854cbe82}.TMContainer00000000000000000001.regtrans-ms
[2010/08/01 00:28:19 | 000,065,536 | -HS- | C] () -- C:\Users\Louis\ntuser.dat{f5c2b1e9-9d3b-11df-84ff-eb09854cbe82}.TM.blf
[2010/07/31 20:16:24 | 000,001,266 | ---- | C] () -- C:\Users\Louis\Desktop\Revo Uninstaller.lnk
[2010/07/31 10:41:54 | 000,000,221 | ---- | C] () -- C:\Users\Louis\Desktop\Race Driver GRID.url
[2010/07/29 22:39:28 | 000,524,288 | -HS- | C] () -- C:\Users\Louis\ntuser.dat{89ecca70-9b93-11df-b658-d023ec2fbc35}.TMContainer00000000000000000002.regtrans-ms
[2010/07/29 22:39:28 | 000,524,288 | -HS- | C] () -- C:\Users\Louis\ntuser.dat{89ecca70-9b93-11df-b658-d023ec2fbc35}.TMContainer00000000000000000001.regtrans-ms
[2010/07/29 22:39:28 | 000,065,536 | -HS- | C] () -- C:\Users\Louis\ntuser.dat{89ecca70-9b93-11df-b658-d023ec2fbc35}.TM.blf
[2010/07/12 08:45:52 | 000,000,080 | RHS- | C] () -- C:\Windows\SysWow64\63A3DFB94E.dll
[2010/07/03 20:45:59 | 000,000,093 | ---- | C] () -- C:\Users\Louis\AppData\Local\fusioncache.dat
[2010/07/03 20:44:39 | 000,757,430 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/06/13 17:21:59 | 000,000,000 | ---- | C] () -- C:\Windows\iplayer.INI
[2010/04/20 16:50:45 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010/04/02 15:50:46 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/03/22 22:04:55 | 000,034,816 | ---- | C] () -- C:\Users\Louis\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/10 11:21:19 | 000,007,608 | ---- | C] () -- C:\Users\Louis\AppData\Local\Resmon.ResmonCfg
[2009/11/10 11:45:18 | 000,097,584 | ---- | C] () -- C:\Windows\SysWow64\CCBiosSupportAPI.dll
[2009/07/13 16:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 14:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/24 16:32:33 | 000,089,352 | ---- | C] () -- C:\Windows\SysWow64\FAIEExtension.dll
[2009/06/24 16:31:45 | 000,059,144 | ---- | C] () -- C:\Windows\SysWow64\FAib.dll
[2009/06/24 16:30:58 | 000,234,760 | ---- | C] () -- C:\Windows\SysWow64\FACrashRpt.dll
[2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll

========== LOP Check ==========

[2010/04/26 22:25:22 | 000,000,000 | ---D | M] -- C:\Users\Louis\AppData\Roaming\.dvdcss
[2010/04/06 21:22:52 | 000,000,000 | ---D | M] -- C:\Users\Louis\AppData\Roaming\Auslogics
[2010/05/05 21:12:42 | 000,000,000 | ---D | M] -- C:\Users\Louis\AppData\Roaming\Azureus
[2010/08/16 16:41:21 | 000,000,000 | ---D | M] -- C:\Users\Louis\AppData\Roaming\Bioshock
[2010/05/31 21:53:02 | 000,000,000 | ---D | M] -- C:\Users\Louis\AppData\Roaming\BitZipper
[2010/04/24 03:22:00 | 000,000,000 | ---D | M] -- C:\Users\Louis\AppData\Roaming\DAEMON Tools Lite
[2010/08/24 15:02:24 | 000,000,000 | ---D | M] -- C:\Users\Louis\AppData\Roaming\DMCache
[2010/07/14 16:09:53 | 000,000,000 | ---D | M] -- C:\Users\Louis\AppData\Roaming\DVDVideoSoftIEHelpers
[2010/06/15 12:45:29 | 000,000,000 | ---D | M] -- C:\Users\Louis\AppData\Roaming\EBookSys
[2010/04/09 19:47:27 | 000,000,000 | ---D | M] -- C:\Users\Louis\AppData\Roaming\enchant
[2010/04/24 02:37:11 | 000,000,000 | ---D | M] -- C:\Users\Louis\AppData\Roaming\EurekaLog
[2010/02/16 14:27:10 | 000,000,000 | ---D | M] -- C:\Users\Louis\AppData\Roaming\FrostWire
[2010/02/16 16:09:19 | 000,000,000 | ---D | M] -- C:\Users\Louis\AppData\Roaming\GrabPro
[2010/07/31 21:41:44 | 000,000,000 | ---D | M] -- C:\Users\Louis\AppData\Roaming\HandBrake
[2010/03/12 18:37:24 | 000,000,000 | ---D | M] -- C:\Users\Louis\AppData\Roaming\ICQ
[2010/08/24 16:01:38 | 000,000,000 | ---D | M] -- C:\Users\Louis\AppData\Roaming\IDM
[2010/07/20 00:45:40 | 000,000,000 | ---D | M] -- C:\Users\Louis\AppData\Roaming\inkscape
[2010/04/06 19:45:25 | 000,000,000 | ---D | M] -- C:\Users\Louis\AppData\Roaming\IObit
[2010/06/18 17:02:04 | 000,000,000 | ---D | M] -- C:\Users\Louis\AppData\Roaming\Leadertech
[2010/06/10 13:44:18 | 000,000,000 | ---D | M] -- C:\Users\Louis\AppData\Roaming\OpenOffice.org
[2010/08/04 14:26:54 | 000,000,000 | ---D | M] -- C:\Users\Louis\AppData\Roaming\Opera
[2010/02/18 17:26:26 | 000,000,000 | ---D | M] -- C:\Users\Louis\AppData\Roaming\Orbit
[2010/02/24 19:26:58 | 000,000,000 | ---D | M] -- C:\Users\Louis\AppData\Roaming\Participatory Culture Foundation
[2010/04/25 19:22:54 | 000,000,000 | ---D | M] -- C:\Users\Louis\AppData\Roaming\Pavtube
[2010/02/27 21:31:32 | 000,000,000 | ---D | M] -- C:\Users\Louis\AppData\Roaming\PCF-VLC
[2010/06/17 20:23:09 | 000,000,000 | ---D | M] -- C:\Users\Louis\AppData\Roaming\PrimoPDF
[2010/04/23 20:52:01 | 000,000,000 | ---D | M] -- C:\Users\Louis\AppData\Roaming\Transparent
[2010/06/28 10:55:23 | 000,000,000 | ---D | M] -- C:\Users\Louis\AppData\Roaming\Ubisoft
[2010/08/24 15:43:35 | 000,000,000 | ---D | M] -- C:\Users\Louis\AppData\Roaming\uTorrent
[2010/04/26 22:40:56 | 000,032,628 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2010/04/02 23:31:11 | 000,000,892 | R--- | M] () -- C:\aaw7boot.log
[2010/08/24 16:00:33 | 2138,423,295 | -HS- | M] () -- C:\hiberfil.sys
[2010/02/05 19:13:30 | 000,003,173 | RH-- | M] () -- C:\mfg.sdr
[2010/08/24 16:00:47 | 4282,888,191 | -HS- | M] () -- C:\pagefile.sys
[2010/08/24 04:08:48 | 000,135,554 | ---- | M] () -- C:\TDSSKiller.2.4.1.2_24.08.2010_04.05.05_log.txt
[2010/08/24 14:24:11 | 000,068,236 | ---- | M] () -- C:\TDSSKiller.2.4.1.2_24.08.2010_14.23.36_log.txt

< %systemroot%\system32\*.dll /lockedfiles >
[2009/07/13 18:15:50 | 001,386,496 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\msvbvm60.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\drivers\*.sys /90 >

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >

========== Alternate Data Streams ==========

@Alternate Data Stream - 182 bytes -> C:\ProgramData\Temp:8E3D07DE
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:D1B5B4F1
< End of report >

OTL Extras

OTL Extras logfile created on: 8/24/2010 4:22:11 PM - Run 2
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Louis\Documents\Downloads\Programs
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

8.00 Gb Total Physical Memory | 6.00 Gb Available Physical Memory | 77.00% Memory free
16.00 Gb Paging File | 14.00 Gb Available in Paging File | 87.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.07 Gb Total Space | 352.75 Gb Free Space | 78.20% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LOUIS-PC
Current User Name: Louis
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
http [open] -- "C:\Program Files (x86)\Opera\opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{23170F69-40C1-2702-0913-000001000000}" = 7-Zip 9.13 (x64 edition)
"{3159717A-8387-426C-96C4-D7B92EDA819A}" = Command Center
"{555E63EF-4EB5-43E5-BEEF-9E2CD7BCEFA2}" = Intel® Network Connections 14.4.1.0
"{70C636AA-EAC7-A832-8E77-98C89F2C3E1D}" = ccc-utility64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"DW WLAN Card" = DW WLAN Card
"Free Registry Defrag_is1" = Free Registry Defrag
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"PROSetDX" = Intel® Network Connections 14.4.1.0
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{19C90528-C383-8FA6-850A-62723FE1C839}" = Catalyst Control Center Graphics Full New
"{1BA86F1D-6C98-802C-DFC8-2340524451D5}" = CCC Help German
"{1C10D0D6-AF1A-48B8-9BF7-52A2BB014E0C}" = OpenAL 1.1 Core PC SDK (ver 3.05)
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1D3D33B3-3977-0088-0670-97318C2DA1E2}" = CCC Help Chinese Traditional
"{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool Help
"{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help
"{29FD9913-D778-587F-EF33-E07C36E13FA3}" = CCC Help Russian
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{368ba326-73ad-4351-84ed-3c0a7a52cc53}" = Nero Rescue Agent
"{36D5085C-ECC1-5465-9500-CCBB9945F185}" = CCC Help Spanish
"{3A499781-4087-302D-6666-4DA3052F8FBF}" = CCC Help Chinese Standard
"{3A672642-4962-6DE2-ECDC-C62A6C4249E7}" = CCC Help Korean
"{4A83263B-AF6E-935E-5820-8CE59367FF1F}" = CCC Help English
"{5035CEE3-5541-0AE6-D4B0-EE0539509991}" = Catalyst Control Center Graphics Full Existing
"{51420B24-8485-E6D5-D0D6-D509804C6563}" = CCC Help Japanese
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{575706E4-4E01-7FE1-12CB-B5DF23CD3556}" = Catalyst Control Center Graphics Previews Common
"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress
"{5A907E98-A0CB-79A3-2E82-53D3D6CAB849}" = Catalyst Control Center Localization All
"{5BA463E1-06EC-56C8-21EB-6CC36C542F35}" = CCC Help Norwegian
"{62ac81f6-bdd3-4110-9d36-3e9eaab40999}" = Nero CoverDesigner
"{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"{69533745-1E2D-4C98-8B4A-B7643EF9E1A2}" = Catalyst Control Center - Branding
"{7622213E-CA10-807A-0910-195B1D630441}" = CCC Help Portuguese
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{77D6CF9E-4A05-9C49-5C17-5F59554B2341}" = ccc-core-static
"{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights
"{83202942-84b3-4c50-8622-b8c0aa2d2885}" = Nero Express Help
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{87434D51-51DB-4109-B68F-A829ECDCF380}" = Accelerometer
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISER_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISER_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90BC5F99-9172-43B1-805F-77BCC800CAB7}" = Opera 10.60
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9A52D2DA-3B86-3A7A-E23B-0A76E169D3F1}" = CCC Help Dutch
"{9E1B11AE-9D96-F43E-21F7-77D281E1ED60}" = CCC Help Swedish
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A942EFAE-E1BF-1E89-65FA-D14B04903816}" = CCC Help Finnish
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.4
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed Help
"{CDD09C51-45F7-94D8-6CFC-2BCA0AC3D636}" = Catalyst Control Center Core Implementation
"{ce96f5a5-584d-4f8f-aa3e-9baed413db72}" = Nero CoverDesigner Help
"{D0097E78-F6D1-D375-1735-9614CBD00118}" = Catalyst Control Center Graphics Previews Vista
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
"{DEE3C2EC-46D7-C3A3-4D1F-37D30B369855}" = CCC Help Italian
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E50B2091-FBE1-B906-6762-C11CBB622DF9}" = CCC Help Danish
"{E5BA0430-919F-46DD-B656-0796F8A5ADFF}" = Microsoft Office Communicator 2007
"{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed Help
"{e74ff87d-288c-410e-a9f3-f46f23afe7ef}" = Nero 9 Essentials
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{F443ABFC-AEE6-EA31-B1F2-78431549C43E}" = Catalyst Control Center InstallProxy
"{f6bdd7c5-89ed-4569-9318-469aa9732572}" = Nero BurnRights Help
"{FA68526E-2769-C0A2-260A-D77EB7505003}" = CCC Help French
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"{FFE0BC2D-54F6-4BEF-202B-F471D893DD9E}" = Catalyst Control Center Graphics Light
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"AoA DVD Copy_is1" = AoA DVD Copy
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"CCleaner" = CCleaner
"ENTERPRISER" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1C10D0D6-AF1A-48B8-9BF7-52A2BB014E0C}" = OpenAL 1.1 Core PC SDK (ver 3.05)
"InstallShield_{3159717A-8387-426C-96C4-D7B92EDA819A}" = Command Center
"InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"Internet Download Manager" = Internet Download Manager
"mIRC" = mIRC
"OpenAL" = OpenAL
"PokerStars.net" = PokerStars.net
"Revo Uninstaller" = Revo Uninstaller 1.89
"Speccy" = Speccy
"Steam App 11450" = Overlord
"Steam App 12750" = GRID
"Steam App 15100" = Assassin's Creed
"Steam App 17300" = Crysis
"Steam App 17330" = Crysis Warhead
"Steam App 17340" = Crysis Wars
"Steam App 7670" = BioShock
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.2
"WordWeb" = WordWeb

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f031ef6ac137efc5" = Dell Driver Download Manager

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

Sorry if I was supposed to add those as zip files. I can do that if you wish

#4 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:02:50 AM

Posted 25 August 2010 - 06:18 AM

You are welcome smile.gif

With all of those problems that you describe could be some hardware failing but I am not sure about this yet without further testing.
I would like to start with a hard drive test.
You will need to know the manufacturer's name of the hard drive you have installed.
To get that go to Start then Computer then right click on the C:\drive and choose properties.
Then click on the hardware tab.

Then you can write down what you see there under Disk Drives and post that info here for me to see then I will be able to help you further.
Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image

#5 absinthe

absinthe
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:50 AM

Posted 25 August 2010 - 11:09 AM

Hey Kayduh, thank you for your help the drive is a ST9500420AS Disk Drives That is what it said under the hardware tab, once again Thank you.

#6 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:02:50 AM

Posted 25 August 2010 - 12:48 PM

Hi visit this webpage and download Seatools for Windows.
http://www.seagate.com/ww/v/index.jsp?loca...000dd04090aRCRD
Click on the download now and accept the agreement then download the seatools install it and then run the extended test.
Let me know thew results.
Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image

#7 absinthe

absinthe
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:50 AM

Posted 25 August 2010 - 11:00 PM

Ok there was no extended test, so I ran all the basic tests, all of them passed, then I tried to click the advanced tab and was unable to do the advanced test it said unavailable. Sorry if I misunderstood your instructions and thank you for helping me

#8 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:02:50 AM

Posted 26 August 2010 - 06:34 AM

No that is fine they change the program periodically.
If it passed then that is good.

Let's do a memory test then please.
Do you have a floppy drive? (probably not)
This test requires some removable media to make a bootable diskette but if you have a flash drive then that should work as well.
Do you have a flash drive that you could use as well?
If so go here > http://www.memtest86.com/download.html and download the version of Memtest that says it can run on 4+ gigs of memory.
It will be version 3.4a then plug in the flash drive and follow the directions in the read me file that is included in the .zip for creation of the bootable disk.
Run that test and let me know if there are any red mark that show up.
Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image

#9 absinthe

absinthe
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:50 AM

Posted 26 August 2010 - 10:59 AM

unfortunately I do not have a flash drive. Sorry lame i know, is there any alternatives? unsure.gif

#10 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:02:50 AM

Posted 26 August 2010 - 01:38 PM

You can try to do it with a cd don't know if it will work or not.
Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image

#11 absinthe

absinthe
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:50 AM

Posted 26 August 2010 - 02:47 PM

ok will have to wait until I get paid, Will Buy one on the 1st seeing as I have some bills due now, will have to wait. Then will run the test thank you for your help, is there anything else that I can do, in the mean time, or are we blocked until then? Thank you again

Edited by absinthe, 26 August 2010 - 02:48 PM.


#12 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:02:50 AM

Posted 27 August 2010 - 06:06 AM

Ok well I wouldn't worry with it until then.
It is only a test to check the memory to rule it out.
Do you have any bluescreen's or anything like that?

What is the driver name that keeps wanting to install?
Or device name rather?

Does Kaspersky run fine in normal mode?
Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image

#13 absinthe

absinthe
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:50 AM

Posted 27 August 2010 - 06:00 PM

No bluescreen (thank god), but the device driver looks like this (snip.png attachment) I have no Idea why fastcap video, keeps needing to be fixed, Every time I turn around It says that it needs to be fixed mad.gif. But I think that When I downloaded crysis summer pack from Steam, (Crysis, Crysis warhead, crysis wars). Crysis would not run on my machine at all. In fact it still does not run. I downloaded the patches for the game but alas all was to no avail. Warhead works, I think that the patch was a video driver, seeing as the video directx would not load.

And what is normal mode for kaspersky?? I do not know how to change the modes. Sry,

Thank you Kahdah

P.S. Sry it took so long to get back to you work was hectic today and I had to pull the starter in my car.

Attached Files

  • Attached File  Snip.PNG   118.78KB   5 downloads


#14 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:02:50 AM

Posted 27 August 2010 - 06:17 PM

Ok no worries.

I meant in normal mode Windows as you said earlier that it will lock up in Safe Mode (Kaspersky)
Ok do the following please so I can correctly identify the driver.

Go to the the Windows 7 start button then type in devmgmt.msc click on it when it appears.
Then look down for any different marks.
It may say unknown devices click on the arrow beside it and tell me what it says.

Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image

#15 absinthe

absinthe
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:50 AM

Posted 28 August 2010 - 01:13 AM

Here is what I saw... What should I do, i think that it is already disabled, should I uninstall and see what happens??? or is there a way to figure out what It is???

Attached Files






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users