Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

System lag/hiccups


  • This topic is locked This topic is locked
31 replies to this topic

#1 TrendyGuy

TrendyGuy

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:04:20 PM

Posted 15 October 2010 - 09:42 PM

Hello all,

I am having a problem with some system lag or hiccups. If this is not the right forum to post this, I am sorry in advance and please move to the appropriate place. I noticed it while playing Lord of the Rings Online for the first time the other day. Around every 20 seconds or so the game will just completely freeze up for a second or two and then pick up again like nothing happen. I haven't really noticed any difference in normal use but this computer is used for nothing else other than gaming, I barely even look at websites on it. I first tried looking for any background programs running because it is so rhythmic is seemed like some program doing something. I then tried doing a full defrag with O&O, which did not help. I also downloaded a program called Game Booster 2 which closes down any not needed background programs and services, this also did not work.

I really don't know what else to do now other than reinstalling the game, which is what I am going to try when the install files are finished downloading. I ran HijackThis and the log looks a little weird since there are a bunch of missing files which I don't really understand. I don't see how to attach files on this forum so I am putting HijackThis log and my DxDiag in code boxes below.

I appreciate any help and/or advice. Thank you in advance!

CODE
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:26:09 PM, on 10/15/2010
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
C:\Users\Rob\Downloads\lotrohigh.exe
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Rob\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [url=http://go.microsoft.com/fwlink/?LinkId=54896]http://go.microsoft.com/fwlink/?LinkId=54896[/url]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url=http://go.microsoft.com/fwlink/?LinkId=69157]http://go.microsoft.com/fwlink/?LinkId=69157[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url=http://go.microsoft.com/fwlink/?LinkId=69157]http://go.microsoft.com/fwlink/?LinkId=69157[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url=http://go.microsoft.com/fwlink/?LinkId=54896]http://go.microsoft.com/fwlink/?LinkId=54896[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url=http://go.microsoft.com/fwlink/?LinkId=54896]http://go.microsoft.com/fwlink/?LinkId=54896[/url]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url=http://go.microsoft.com/fwlink/?LinkId=69157]http://go.microsoft.com/fwlink/?LinkId=69157[/url]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - [url=http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab]http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab[/url]
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: O&O Defrag (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7494 bytes


CODE
------------------
System Information
------------------
Time of this report: 10/15/2010, 22:25:23
       Machine name: ROB-PC
   Operating System: Windows 7 Ultimate 64-bit (6.1, Build 7600) (7600.win7_gdr.100618-1621)
           Language: English (Regional Setting: English)
System Manufacturer: NVIDIA
       System Model: 122-CK-NF68
               BIOS: Phoenix - AwardBIOS v6.00PG
          Processor: Intel® Core(tm)2 CPU          6600  @ 2.40GHz (2 CPUs), ~3.0GHz
             Memory: 4096MB RAM
Available OS Memory: 4094MB RAM
          Page File: 1315MB used, 6871MB available
        Windows Dir: C:\Windows
    DirectX Version: DirectX 11
DX Setup Parameters: Not found
   User DPI Setting: Using System DPI
System DPI Setting: 96 DPI (100 percent)
    DWM DPI Scaling: Disabled
     DxDiag Version: 6.01.7600.16385 64bit Unicode

------------
DxDiag Notes
------------
      Display Tab 1: No problems found.
        Sound Tab 1: No problems found.
        Sound Tab 2: No problems found.
        Sound Tab 3: No problems found.
          Input Tab: No problems found.

--------------------
DirectX Debug Levels
--------------------
Direct3D:    0/4 (retail)
DirectDraw:  0/4 (retail)
DirectInput: 0/5 (retail)
DirectMusic: 0/5 (retail)
DirectPlay:  0/9 (retail)
DirectSound: 0/5 (retail)
DirectShow:  0/6 (retail)

---------------
Display Devices
---------------
          Card name: NVIDIA GeForce 8800 GTX
       Manufacturer: NVIDIA
          Chip type: GeForce 8800 GTX
           DAC type: Integrated RAMDAC
         Device Key: Enum\PCI\VEN_10DE&DEV_0191&SUBSYS_C8313842&REV_A2
     Display Memory: 2530 MB
   Dedicated Memory: 739 MB
      Shared Memory: 1791 MB
       Current Mode: 1680 x 1050 (32 bit) (59Hz)
       Monitor Name: Generic PnP Monitor
      Monitor Model: VX2025wm
         Monitor Id: VSCE51D
        Native Mode: 1680 x 1050(p) (59.954Hz)
        Output Type: DVI
        Driver Name: nvd3dumx.dll,nvwgf2umx.dll,nvwgf2umx.dll,nvd3dum,nvwgf2um,nvwgf2um
Driver File Version: 8.17.0012.5896 (English)
     Driver Version: 8.17.12.5896
        DDI Version: 10
       Driver Model: WDDM 1.1
  Driver Attributes: Final Retail
   Driver Date/Size: 7/9/2010 18:38:00, 12471400 bytes
        WHQL Logo'd: Yes
    WHQL Date Stamp:
  Device Identifier: {D7B71E3E-42D1-11CF-FA4C-3DE81CC2C535}
          Vendor ID: 0x10DE
          Device ID: 0x0191
          SubSys ID: 0xC8313842
        Revision ID: 0x00A2
Driver Strong Name: oem6.inf:NVIDIA_SetA_Devices.NTamd64.6.1:Section003:8.17.12.5896:pci\ven_10de&dev_0191
     Rank Of Driver: 00E62001
        Video Accel: ModeMPEG2_A ModeMPEG2_C ModeVC1_B ModeWMV9_B ModeVC1_A ModeWMV9_A
   Deinterlace Caps: {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
                     {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch
                     {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
                     {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch
                     {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
                     {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch
                     {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
                     {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch
                     {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
       D3D9 Overlay: Supported
            DXVA-HD: Supported
       DDraw Status: Enabled
         D3D Status: Enabled
         AGP Status: Enabled

-------------
Sound Devices
-------------
            Description: Speakers (High Definition Audio Device)
Default Sound Playback: Yes
Default Voice Playback: No
            Hardware ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0885&SUBSYS_10ECE601&REV_1001
        Manufacturer ID: 1
             Product ID: 65535
                   Type: WDM
            Driver Name: HdAudio.sys
         Driver Version: 6.01.7600.16385 (English)
      Driver Attributes: Final Retail
            WHQL Logo'd: Yes
          Date and Size: 7/13/2009 20:07:00, 350208 bytes
            Other Files:
        Driver Provider: Microsoft
         HW Accel Level: Basic
              Cap Flags: 0xF1F
    Min/Max Sample Rate: 100, 200000
Static/Strm HW Mix Bufs: 1, 0
Static/Strm HW 3D Bufs: 0, 0
              HW Memory: 0
       Voice Management: No
EAX(tm) 2.0 Listen/Src: No, No
   I3DL2(tm) Listen/Src: No, No
Sensaura(tm) ZoomFX(tm): No

            Description: Digital Audio (S/PDIF) (High Definition Audio Device)
Default Sound Playback: No
Default Voice Playback: No
            Hardware ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0885&SUBSYS_10ECE601&REV_1001
        Manufacturer ID: 1
             Product ID: 65535
                   Type: WDM
            Driver Name: HdAudio.sys
         Driver Version: 6.01.7600.16385 (English)
      Driver Attributes: Final Retail
            WHQL Logo'd: Yes
          Date and Size: 7/13/2009 20:07:00, 350208 bytes
            Other Files:
        Driver Provider: Microsoft
         HW Accel Level: Basic
              Cap Flags: 0xF1F
    Min/Max Sample Rate: 100, 200000
Static/Strm HW Mix Bufs: 1, 0
Static/Strm HW 3D Bufs: 0, 0
              HW Memory: 0
       Voice Management: No
EAX(tm) 2.0 Listen/Src: No, No
   I3DL2(tm) Listen/Src: No, No
Sensaura(tm) ZoomFX(tm): No

            Description: Headset Earphone (Plantronics Headset)
Default Sound Playback: No
Default Voice Playback: Yes
            Hardware ID: USB\VID_047F&PID_0CA1&REV_0004&MI_00
        Manufacturer ID: 65535
             Product ID: 65535
                   Type: WDM
            Driver Name: USBAUDIO.sys
         Driver Version: 6.01.7600.16385 (English)
      Driver Attributes: Final Retail
            WHQL Logo'd: Yes
          Date and Size: 7/13/2009 20:06:32, 109568 bytes
            Other Files:
        Driver Provider: Microsoft
         HW Accel Level: Basic
              Cap Flags: 0xF1F
    Min/Max Sample Rate: 100, 200000
Static/Strm HW Mix Bufs: 1, 0
Static/Strm HW 3D Bufs: 0, 0
              HW Memory: 0
       Voice Management: No
EAX(tm) 2.0 Listen/Src: No, No
   I3DL2(tm) Listen/Src: No, No
Sensaura(tm) ZoomFX(tm): No

---------------------
Sound Capture Devices
---------------------
            Description: Microphone (High Definition Audio Device)
  Default Sound Capture: Yes
  Default Voice Capture: No
            Driver Name: HdAudio.sys
         Driver Version: 6.01.7600.16385 (English)
      Driver Attributes: Final Retail
          Date and Size: 7/13/2009 20:07:00, 350208 bytes
              Cap Flags: 0x1
           Format Flags: 0xFFFFF

            Description: Line In (High Definition Audio Device)
  Default Sound Capture: No
  Default Voice Capture: No
            Driver Name: HdAudio.sys
         Driver Version: 6.01.7600.16385 (English)
      Driver Attributes: Final Retail
          Date and Size: 7/13/2009 20:07:00, 350208 bytes
              Cap Flags: 0x1
           Format Flags: 0xFFFFF

            Description: Line In (High Definition Audio Device)
  Default Sound Capture: No
  Default Voice Capture: No
            Driver Name: HdAudio.sys
         Driver Version: 6.01.7600.16385 (English)
      Driver Attributes: Final Retail
          Date and Size: 7/13/2009 20:07:00, 350208 bytes
              Cap Flags: 0x1
           Format Flags: 0xFFFFF

            Description: Digital Audio (S/PDIF) (High Definition Audio Device)
  Default Sound Capture: No
  Default Voice Capture: No
            Driver Name: HdAudio.sys
         Driver Version: 6.01.7600.16385 (English)
      Driver Attributes: Final Retail
          Date and Size: 7/13/2009 20:07:00, 350208 bytes
              Cap Flags: 0x1
           Format Flags: 0xFFFFF

            Description: Headset Microphone (Plantronics Headset)
  Default Sound Capture: No
  Default Voice Capture: Yes
            Driver Name: USBAUDIO.sys
         Driver Version: 6.01.7600.16385 (English)
      Driver Attributes: Final Retail
          Date and Size: 7/13/2009 20:06:32, 109568 bytes
              Cap Flags: 0x1
           Format Flags: 0xFFFFF

            Description: Microphone (High Definition Audio Device)
  Default Sound Capture: No
  Default Voice Capture: No
            Driver Name: HdAudio.sys
         Driver Version: 6.01.7600.16385 (English)
      Driver Attributes: Final Retail
          Date and Size: 7/13/2009 20:07:00, 350208 bytes
              Cap Flags: 0x1
           Format Flags: 0xFFFFF

-------------------
DirectInput Devices
-------------------
      Device Name: Mouse
         Attached: 1
    Controller ID: n/a
Vendor/Product ID: n/a
        FF Driver: n/a

      Device Name: Keyboard
         Attached: 1
    Controller ID: n/a
Vendor/Product ID: n/a
        FF Driver: n/a

      Device Name: WingMan Extreme Digital 3D
         Attached: 1
    Controller ID: 0x0
Vendor/Product ID: 0x046D, 0xC212
        FF Driver: n/a

      Device Name: Logitech Illuminated Keyboard
         Attached: 1
    Controller ID: 0x0
Vendor/Product ID: 0x046D, 0xC318
        FF Driver: n/a

      Device Name: Logitech Illuminated Keyboard
         Attached: 1
    Controller ID: 0x0
Vendor/Product ID: 0x046D, 0xC318
        FF Driver: n/a

      Device Name: Plantronics Headset
         Attached: 1
    Controller ID: 0x0
Vendor/Product ID: 0x047F, 0x0CA1
        FF Driver: n/a

Poll w/ Interrupt: No

-----------
USB Devices
-----------
+ USB Root Hub
| Vendor/Product ID: 0x10DE, 0x036C
| Matching Device ID: usb\root_hub
| Service: usbhub
| Driver: usbhub.sys, 10/24/2009 00:28:24, 343040 bytes
| Driver: usbd.sys, 7/13/2009 20:06:23, 7936 bytes
|
+-+ USB Input Device
| | Vendor/Product ID: 0x046D, 0xC01E
| | Location: Port_#0005.Hub_#0001
| | Matching Device ID: generic_hid_device
| | Service: HidUsb
| | Driver: hidusb.sys, 7/13/2009 20:06:22, 30208 bytes
| | Driver: hidclass.sys, 7/13/2009 20:06:21, 76288 bytes
| | Driver: hidparse.sys, 7/13/2009 20:06:17, 32896 bytes
| |
| +-+ HID-compliant mouse
| | | Vendor/Product ID: 0x046D, 0xC01E
| | | Matching Device ID: hid_device_system_mouse
| | | Service: mouhid
| | | Driver: mouhid.sys, 7/13/2009 20:00:20, 31232 bytes
| | | Driver: mouclass.sys, 7/13/2009 21:48:27, 49216 bytes
| |
+-+ USB Input Device
| | Vendor/Product ID: 0x046D, 0xC212
| | Location: Port_#0004.Hub_#0001
| | Matching Device ID: generic_hid_device
| | Service: HidUsb
| | OEMData: 03 00 08 10 07 00 00 00
| | Driver: hidusb.sys, 7/13/2009 20:06:22, 30208 bytes
| | Driver: hidclass.sys, 7/13/2009 20:06:21, 76288 bytes
| | Driver: hidparse.sys, 7/13/2009 20:06:17, 32896 bytes
| |
| +-+ HID-compliant game controller
| | | Vendor/Product ID: 0x046D, 0xC212
| | | Matching Device ID: hid_device_system_game
| | | OEMData: 03 00 08 10 07 00 00 00

----------------
Gameport Devices
----------------

------------
PS/2 Devices
------------
+ HID Keyboard Device
| Vendor/Product ID: 0x046D, 0xC318
| Matching Device ID: hid_device_system_keyboard
| Service: kbdhid
| Driver: kbdhid.sys, 7/13/2009 20:00:20, 33280 bytes
| Driver: kbdclass.sys, 7/13/2009 21:48:04, 50768 bytes
|
+ Terminal Server Keyboard Driver
| Matching Device ID: root\rdp_kbd
| Upper Filters: kbdclass
| Service: TermDD
| Driver: i8042prt.sys, 7/13/2009 19:19:57, 105472 bytes
| Driver: kbdclass.sys, 7/13/2009 21:48:04, 50768 bytes
|
+ Terminal Server Mouse Driver
| Matching Device ID: root\rdp_mou
| Upper Filters: mouclass
| Service: TermDD
| Driver: termdd.sys, 7/13/2009 21:45:55, 62544 bytes
| Driver: sermouse.sys, 7/13/2009 20:00:20, 26624 bytes
| Driver: mouclass.sys, 7/13/2009 21:48:27, 49216 bytes

------------------------
Disk & DVD/CD-ROM Drives
------------------------
      Drive: C:
Free Space: 155.4 GB
Total Space: 276.2 GB
File System: NTFS
      Model: NVIDIA  STRIPE   279.47G

      Drive: G:
Free Space: 5.8 GB
Total Space: 10.0 GB
File System: NTFS
      Model: NVIDIA  STRIPE   279.47G

      Drive: F:
      Model: CLEPURI O56ZGT6 SCSI CdRom Device
     Driver: c:\windows\system32\drivers\cdrom.sys, 6.01.7600.16385 (English), 7/13/2009 19:19:54, 147456 bytes

      Drive: D:
      Model: SONY DVD-ROM DDU1615 ATA Device
     Driver: c:\windows\system32\drivers\cdrom.sys, 6.01.7600.16385 (English), 7/13/2009 19:19:54, 147456 bytes

      Drive: E:
      Model: TSSTcorp CD/DVDW SH-S182D ATA Device
     Driver: c:\windows\system32\drivers\cdrom.sys, 6.01.7600.16385 (English), 7/13/2009 19:19:54, 147456 bytes

--------------
System Devices
--------------
     Name: PCI standard RAM Controller
Device ID: PCI\VEN_10DE&DEV_03BC&SUBSYS_C55E10DE&REV_A1\3&2411E6FE&1&11
   Driver: n/a

     Name: PCI standard RAM Controller
Device ID: PCI\VEN_10DE&DEV_03B1&SUBSYS_C55E10DE&REV_A1\3&2411E6FE&1&0C
   Driver: n/a

     Name: PCI standard RAM Controller
Device ID: PCI\VEN_10DE&DEV_03A9&SUBSYS_C55E10DE&REV_A1\3&2411E6FE&1&03
   Driver: n/a

     Name: High Definition Audio Controller
Device ID: PCI\VEN_10DE&DEV_0371&SUBSYS_C55E10DE&REV_A2\3&2411E6FE&1&79
   Driver: C:\Windows\system32\DRIVERS\hdaudbus.sys, 6.01.7600.16385 (English), 7/13/2009 20:06:13, 122368 bytes

     Name: NVIDIA GeForce 8800 GTX
Device ID: PCI\VEN_10DE&DEV_0191&SUBSYS_C8313842&REV_A2\4&6BB9499&0&0018
   Driver: C:\Program Files\NVIDIA Corporation\Drs\dbInstaller.exe, 8.17.0012.5896 (English), 7/9/2010 18:38:00, 189032 bytes
   Driver: C:\Program Files\NVIDIA Corporation\Drs\nvdrsdb.bin, 7/9/2010 18:38:00, 261268 bytes
   Driver: C:\Windows\System32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_e3981c6eee5931b7\NvCplSetupEng.exe, 14.00.0000.0162 (English), 7/9/2010 18:38:00, 23969016 bytes
   Driver: C:\Windows\system32\DRIVERS\nvBridge.kmd, 8.17.0012.5896 (English), 7/9/2010 18:38:00, 11240 bytes
   Driver: C:\Windows\system32\DRIVERS\nvlddmkm.sys, 8.17.0012.5896 (English), 7/9/2010 18:38:00, 13187176 bytes
   Driver: C:\Windows\system32\OpenCL.dll, 1.00.0000.0000 (English), 7/9/2010 18:38:00, 65128 bytes
   Driver: C:\Windows\system32\dpinst.exe, 2.00.0001.0000 (English), 11/11/2009 09:22:30, 845736 bytes
   Driver: C:\Windows\system32\nvapi64.dll, 8.17.0012.5896 (English), 7/9/2010 18:38:00, 2037864 bytes
   Driver: C:\Windows\system32\nvcompiler.dll, 6.14.0012.5896 (English), 7/9/2010 18:38:00, 14513768 bytes
   Driver: C:\Windows\system32\nvcuda.dll, 8.17.0012.5896 (English), 7/9/2010 18:38:00, 6116968 bytes
   Driver: C:\Windows\system32\nvcuvenc.dll, 6.14.0012.5896 (English), 7/9/2010 18:38:00, 2761832 bytes
   Driver: C:\Windows\system32\nvcuvid.dll, 8.17.0012.5896 (English), 7/9/2010 18:38:00, 3089512 bytes
   Driver: C:\Windows\system32\nvd3dumx.dll, 8.17.0012.5896 (English), 7/9/2010 18:38:00, 12471400 bytes
   Driver: C:\Windows\system32\nvdecodemft.dll, 8.17.0012.5896 (English), 7/9/2010 18:38:00, 382568 bytes
   Driver: C:\Windows\system32\nvinfo.pb, 7/9/2010 18:38:00, 12264 bytes
   Driver: C:\Windows\system32\nvoglv64.dll, 8.17.0012.5896 (English), 7/9/2010 18:38:00, 19114088 bytes
   Driver: C:\Windows\system32\nvwgf2umx.dll, 8.17.0012.5896 (English), 7/9/2010 18:38:00, 7002216 bytes
   Driver: C:\Windows\SysWow64\OpenCL.dll, 1.00.0000.0000 (English), 7/9/2010 18:38:00, 56936 bytes
   Driver: C:\Windows\SysWow64\nvapi.dll, 8.17.0012.5896 (English), 7/9/2010 18:38:00, 1625192 bytes
   Driver: C:\Windows\SysWow64\nvcompiler.dll, 6.14.0012.5896 (English), 7/9/2010 18:38:00, 10267240 bytes
   Driver: C:\Windows\SysWow64\nvcuda.dll, 8.17.0012.5896 (English), 7/9/2010 18:38:00, 4553832 bytes
   Driver: C:\Windows\SysWow64\nvcuvenc.dll, 6.14.0012.5896 (English), 7/9/2010 18:38:00, 2506344 bytes
   Driver: C:\Windows\SysWow64\nvcuvid.dll, 8.17.0012.5896 (English), 7/9/2010 18:38:00, 2892904 bytes
   Driver: C:\Windows\SysWow64\nvd3dum.dll, 8.17.0012.5896 (English), 7/9/2010 18:38:00, 9818728 bytes
   Driver: C:\Windows\SysWow64\nvdecodemft.dll, 8.17.0012.5896 (English), 7/9/2010 18:38:00, 314984 bytes
   Driver: C:\Windows\SysWow64\nvoglv32.dll, 8.17.0012.5896 (English), 7/9/2010 18:38:00, 14092904 bytes
   Driver: C:\Windows\SysWow64\nvwgf2um.dll, 8.17.0012.5896 (English), 7/9/2010 18:38:00, 5107816 bytes
   Driver: C:\Program Files\NVIDIA Corporation\Uninstall\nvdisp.nvu, 7/9/2010 18:38:00, 24011 bytes
   Driver: C:\Program Files\NVIDIA Corporation\Uninstall\nvudisp.exe, 1.10.0062.0040 (English), 7/9/2010 18:38:00, 660072 bytes
   Driver: C:\Windows\system32\nvcod.dll, 1.09.0022.0107 (English), 7/9/2010 18:38:00, 260712 bytes
   Driver: C:\Windows\system32\nvcod1922.dll, 1.09.0022.0107 (English), 7/9/2010 18:38:00, 260712 bytes

     Name: PCI standard RAM Controller
Device ID: PCI\VEN_10DE&DEV_03BA&SUBSYS_C55E10DE&REV_A1\3&2411E6FE&1&12
   Driver: n/a

     Name: PCI standard RAM Controller
Device ID: PCI\VEN_10DE&DEV_03B0&SUBSYS_C55E10DE&REV_A1\3&2411E6FE&1&0B
   Driver: n/a

     Name: PCI standard RAM Controller
Device ID: PCI\VEN_10DE&DEV_03A8&SUBSYS_C55E10DE&REV_A2\3&2411E6FE&1&05
   Driver: n/a

     Name: PCI standard PCI-to-PCI bridge
Device ID: PCI\VEN_10DE&DEV_0370&SUBSYS_CB8410DE&REV_A2\3&2411E6FE&1&78
   Driver: C:\Windows\system32\DRIVERS\pci.sys, 6.01.7600.16385 (English), 7/13/2009 21:45:45, 183872 bytes

     Name: Texas Instruments 1394 OHCI Compliant Host Controller
Device ID: PCI\VEN_104C&DEV_8023&SUBSYS_C55E10DE&REV_00\4&36AC3632&0&3878
   Driver: C:\Windows\system32\DRIVERS\1394ohci.sys, 6.01.7600.16385 (English), 7/13/2009 20:07:13, 227840 bytes

     Name: PCI Express standard Root Port
Device ID: PCI\VEN_10DE&DEV_03B7&SUBSYS_0C5510DE&REV_A1\3&2411E6FE&1&18
   Driver: C:\Windows\system32\DRIVERS\pci.sys, 6.01.7600.16385 (English), 7/13/2009 21:45:45, 183872 bytes

     Name: PCI standard RAM Controller
Device ID: PCI\VEN_10DE&DEV_03AF&SUBSYS_C55E10DE&REV_A1\3&2411E6FE&1&0A
   Driver: n/a

     Name: PCI standard host CPU bridge
Device ID: PCI\VEN_10DE&DEV_03A1&SUBSYS_C55E10DE&REV_A2\3&2411E6FE&1&00
   Driver: n/a

     Name: Standard Dual Channel PCI IDE Controller
Device ID: PCI\VEN_10DE&DEV_036E&SUBSYS_C55E10DE&REV_A1\3&2411E6FE&1&68
   Driver: C:\Windows\system32\DRIVERS\pciide.sys, 6.01.7600.16385 (English), 7/13/2009 21:45:45, 12352 bytes
   Driver: C:\Windows\system32\DRIVERS\pciidex.sys, 6.01.7600.16385 (English), 7/13/2009 21:45:46, 48720 bytes
   Driver: C:\Windows\system32\DRIVERS\atapi.sys, 6.01.7600.16385 (English), 7/13/2009 21:52:21, 24128 bytes
   Driver: C:\Windows\system32\DRIVERS\ataport.sys, 6.01.7600.16385 (English), 7/13/2009 21:52:21, 155728 bytes

     Name: PCI standard RAM Controller
Device ID: PCI\VEN_10DE&DEV_03B6&SUBSYS_C55E10DE&REV_A1\3&2411E6FE&1&10
   Driver: n/a

     Name: PCI standard RAM Controller
Device ID: PCI\VEN_10DE&DEV_03AE&SUBSYS_C55E10DE&REV_A1\3&2411E6FE&1&09
   Driver: n/a

     Name: NVIDIA nForce Serial ATA Controller
Device ID: PCI\VEN_10DE&DEV_037F&SUBSYS_C55E10DE&REV_A2\3&2411E6FE&1&72
   Driver: C:\Windows\system32\DRIVERS\nvstor64.sys, 11.01.0000.0033 (English), 8/4/2009 16:45:54, 241696 bytes
   Driver: C:\Windows\system32\nvraidco.dll, 11.01.0000.0033 (English), 8/4/2009 16:45:56, 402976 bytes
   Driver: C:\Windows\system32\nvraiins.dll, 11.01.0000.0033 (English), 8/4/2009 16:45:56, 402976 bytes
   Driver: C:\Windows\system32\NvRCoDa.dll, 11.01.0000.0033 (Danish), 8/4/2009 16:45:58, 18464 bytes
   Driver: C:\Windows\system32\NvRCoDe.dll, 11.01.0000.0033 (German), 8/4/2009 16:45:58, 18976 bytes
   Driver: C:\Windows\system32\NvRCoEng.dll, 11.01.0000.0033 (English), 8/4/2009 16:46:00, 17952 bytes
   Driver: C:\Windows\system32\NvRCoENU.dll, 11.01.0000.0033 (English), 8/4/2009 16:46:00, 17952 bytes
   Driver: C:\Windows\system32\NvRCoEs.dll, 11.01.0000.0033 (Spanish), 8/4/2009 16:46:00, 18976 bytes
   Driver: C:\Windows\system32\NvRCoEsm.dll, 11.01.0000.0033 (Spanish), 8/4/2009 16:46:02, 18976 bytes
   Driver: C:\Windows\system32\NvRCoFi.dll, 11.01.0000.0033 (Finnish), 8/4/2009 16:46:02, 18464 bytes
   Driver: C:\Windows\system32\NvRCoFr.dll, 11.01.0000.0033 (French), 8/4/2009 16:46:04, 18976 bytes
   Driver: C:\Windows\system32\NvRCoIt.dll, 11.01.0000.0033 (Italian), 8/4/2009 16:46:04, 18976 bytes
   Driver: C:\Windows\system32\NvRCoJa.dll, 11.01.0000.0033 (Japanese), 8/4/2009 16:46:06, 16416 bytes
   Driver: C:\Windows\system32\NvRCoKo.dll, 11.01.0000.0033 (Korean), 8/4/2009 16:46:06, 16416 bytes
   Driver: C:\Windows\system32\NvRCoNl.dll, 11.01.0000.0033 (Dutch), 8/4/2009 16:46:08, 18464 bytes
   Driver: C:\Windows\system32\NvRCoNo.dll, 11.01.0000.0033 (Norwegian (Bokmål)), 8/4/2009 16:46:08, 18464 bytes
   Driver: C:\Windows\system32\NvRCoPtb.dll, 11.01.0000.0033 (Portuguese), 8/4/2009 16:46:10, 18976 bytes
   Driver: C:\Windows\system32\NvRCoRu.dll, 11.01.0000.0033 (Russian), 8/4/2009 16:46:10, 18464 bytes
   Driver: C:\Windows\system32\NvRCoSv.dll, 11.01.0000.0033 (Swedish), 8/4/2009 16:46:12, 18464 bytes
   Driver: C:\Windows\system32\NvRCoZhc.dll, 11.01.0000.0033 (Chinese (Simplified)), 8/4/2009 16:46:12, 15904 bytes
   Driver: C:\Windows\system32\NvRCoZht.dll, 11.01.0000.0033 (Chinese (Traditional)), 8/4/2009 16:46:12, 15904 bytes

     Name: Standard Enhanced PCI to USB Host Controller
Device ID: PCI\VEN_10DE&DEV_036D&SUBSYS_C55E10DE&REV_A2\3&2411E6FE&1&59
   Driver: C:\Windows\system32\drivers\usbehci.sys, 6.01.7600.16445 (English), 10/24/2009 00:27:33, 51712 bytes
   Driver: C:\Windows\system32\drivers\usbport.sys, 6.01.7600.16385 (English), 7/13/2009 20:06:31, 324608 bytes
   Driver: C:\Windows\system32\drivers\usbhub.sys, 6.01.7600.16445 (English), 10/24/2009 00:28:24, 343040 bytes

     Name: PCI standard RAM Controller
Device ID: PCI\VEN_10DE&DEV_03B5&SUBSYS_C55E10DE&REV_A1\3&2411E6FE&1&06
   Driver: n/a

     Name: PCI standard RAM Controller
Device ID: PCI\VEN_10DE&DEV_03AD&SUBSYS_C55E10DE&REV_A1\3&2411E6FE&1&08
   Driver: n/a

     Name: NVIDIA nForce Serial ATA Controller
Device ID: PCI\VEN_10DE&DEV_037F&SUBSYS_C55E10DE&REV_A2\3&2411E6FE&1&71
   Driver: C:\Windows\system32\DRIVERS\nvstor64.sys, 11.01.0000.0033 (English), 8/4/2009 16:45:54, 241696 bytes
   Driver: C:\Windows\system32\nvraidco.dll, 11.01.0000.0033 (English), 8/4/2009 16:45:56, 402976 bytes
   Driver: C:\Windows\system32\nvraiins.dll, 11.01.0000.0033 (English), 8/4/2009 16:45:56, 402976 bytes
   Driver: C:\Windows\system32\NvRCoDa.dll, 11.01.0000.0033 (Danish), 8/4/2009 16:45:58, 18464 bytes
   Driver: C:\Windows\system32\NvRCoDe.dll, 11.01.0000.0033 (German), 8/4/2009 16:45:58, 18976 bytes
   Driver: C:\Windows\system32\NvRCoEng.dll, 11.01.0000.0033 (English), 8/4/2009 16:46:00, 17952 bytes
   Driver: C:\Windows\system32\NvRCoENU.dll, 11.01.0000.0033 (English), 8/4/2009 16:46:00, 17952 bytes
   Driver: C:\Windows\system32\NvRCoEs.dll, 11.01.0000.0033 (Spanish), 8/4/2009 16:46:00, 18976 bytes
   Driver: C:\Windows\system32\NvRCoEsm.dll, 11.01.0000.0033 (Spanish), 8/4/2009 16:46:02, 18976 bytes
   Driver: C:\Windows\system32\NvRCoFi.dll, 11.01.0000.0033 (Finnish), 8/4/2009 16:46:02, 18464 bytes
   Driver: C:\Windows\system32\NvRCoFr.dll, 11.01.0000.0033 (French), 8/4/2009 16:46:04, 18976 bytes
   Driver: C:\Windows\system32\NvRCoIt.dll, 11.01.0000.0033 (Italian), 8/4/2009 16:46:04, 18976 bytes
   Driver: C:\Windows\system32\NvRCoJa.dll, 11.01.0000.0033 (Japanese), 8/4/2009 16:46:06, 16416 bytes
   Driver: C:\Windows\system32\NvRCoKo.dll, 11.01.0000.0033 (Korean), 8/4/2009 16:46:06, 16416 bytes
   Driver: C:\Windows\system32\NvRCoNl.dll, 11.01.0000.0033 (Dutch), 8/4/2009 16:46:08, 18464 bytes
   Driver: C:\Windows\system32\NvRCoNo.dll, 11.01.0000.0033 (Norwegian (Bokmål)), 8/4/2009 16:46:08, 18464 bytes
   Driver: C:\Windows\system32\NvRCoPtb.dll, 11.01.0000.0033 (Portuguese), 8/4/2009 16:46:10, 18976 bytes
   Driver: C:\Windows\system32\NvRCoRu.dll, 11.01.0000.0033 (Russian), 8/4/2009 16:46:10, 18464 bytes
   Driver: C:\Windows\system32\NvRCoSv.dll, 11.01.0000.0033 (Swedish), 8/4/2009 16:46:12, 18464 bytes
   Driver: C:\Windows\system32\NvRCoZhc.dll, 11.01.0000.0033 (Chinese (Simplified)), 8/4/2009 16:46:12, 15904 bytes
   Driver: C:\Windows\system32\NvRCoZht.dll, 11.01.0000.0033 (Chinese (Traditional)), 8/4/2009 16:46:12, 15904 bytes

     Name: Standard OpenHCD USB Host Controller
Device ID: PCI\VEN_10DE&DEV_036C&SUBSYS_C55E10DE&REV_A1\3&2411E6FE&1&58
   Driver: C:\Windows\system32\drivers\usbohci.sys, 6.01.7600.16385 (English), 7/13/2009 20:06:30, 25600 bytes
   Driver: C:\Windows\system32\drivers\usbport.sys, 6.01.7600.16385 (English), 7/13/2009 20:06:31, 324608 bytes
   Driver: C:\Windows\system32\drivers\usbhub.sys, 6.01.7600.16445 (English), 10/24/2009 00:28:24, 343040 bytes

     Name: PCI standard RAM Controller
Device ID: PCI\VEN_10DE&DEV_03B4&SUBSYS_C55E10DE&REV_A1\3&2411E6FE&1&07
   Driver: n/a

     Name: PCI standard RAM Controller
Device ID: PCI\VEN_10DE&DEV_03AC&SUBSYS_C55E10DE&REV_A1\3&2411E6FE&1&01
   Driver: n/a

     Name: NVIDIA nForce Serial ATA Controller
Device ID: PCI\VEN_10DE&DEV_037F&SUBSYS_C55E10DE&REV_A2\3&2411E6FE&1&70
   Driver: C:\Windows\system32\DRIVERS\nvstor64.sys, 11.01.0000.0033 (English), 8/4/2009 16:45:54, 241696 bytes
   Driver: C:\Windows\system32\nvraidco.dll, 11.01.0000.0033 (English), 8/4/2009 16:45:56, 402976 bytes
   Driver: C:\Windows\system32\nvraiins.dll, 11.01.0000.0033 (English), 8/4/2009 16:45:56, 402976 bytes
   Driver: C:\Windows\system32\NvRCoDa.dll, 11.01.0000.0033 (Danish), 8/4/2009 16:45:58, 18464 bytes
   Driver: C:\Windows\system32\NvRCoDe.dll, 11.01.0000.0033 (German), 8/4/2009 16:45:58, 18976 bytes
   Driver: C:\Windows\system32\NvRCoEng.dll, 11.01.0000.0033 (English), 8/4/2009 16:46:00, 17952 bytes
   Driver: C:\Windows\system32\NvRCoENU.dll, 11.01.0000.0033 (English), 8/4/2009 16:46:00, 17952 bytes
   Driver: C:\Windows\system32\NvRCoEs.dll, 11.01.0000.0033 (Spanish), 8/4/2009 16:46:00, 18976 bytes
   Driver: C:\Windows\system32\NvRCoEsm.dll, 11.01.0000.0033 (Spanish), 8/4/2009 16:46:02, 18976 bytes
   Driver: C:\Windows\system32\NvRCoFi.dll, 11.01.0000.0033 (Finnish), 8/4/2009 16:46:02, 18464 bytes
   Driver: C:\Windows\system32\NvRCoFr.dll, 11.01.0000.0033 (French), 8/4/2009 16:46:04, 18976 bytes
   Driver: C:\Windows\system32\NvRCoIt.dll, 11.01.0000.0033 (Italian), 8/4/2009 16:46:04, 18976 bytes
   Driver: C:\Windows\system32\NvRCoJa.dll, 11.01.0000.0033 (Japanese), 8/4/2009 16:46:06, 16416 bytes
   Driver: C:\Windows\system32\NvRCoKo.dll, 11.01.0000.0033 (Korean), 8/4/2009 16:46:06, 16416 bytes
   Driver: C:\Windows\system32\NvRCoNl.dll, 11.01.0000.0033 (Dutch), 8/4/2009 16:46:08, 18464 bytes
   Driver: C:\Windows\system32\NvRCoNo.dll, 11.01.0000.0033 (Norwegian (Bokmål)), 8/4/2009 16:46:08, 18464 bytes
   Driver: C:\Windows\system32\NvRCoPtb.dll, 11.01.0000.0033 (Portuguese), 8/4/2009 16:46:10, 18976 bytes
   Driver: C:\Windows\system32\NvRCoRu.dll, 11.01.0000.0033 (Russian), 8/4/2009 16:46:10, 18464 bytes
   Driver: C:\Windows\system32\NvRCoSv.dll, 11.01.0000.0033 (Swedish), 8/4/2009 16:46:12, 18464 bytes
   Driver: C:\Windows\system32\NvRCoZhc.dll, 11.01.0000.0033 (Chinese (Simplified)), 8/4/2009 16:46:12, 15904 bytes
   Driver: C:\Windows\system32\NvRCoZht.dll, 11.01.0000.0033 (Chinese (Traditional)), 8/4/2009 16:46:12, 15904 bytes

     Name: PCI standard RAM Controller
Device ID: PCI\VEN_10DE&DEV_0369&SUBSYS_C55E10DE&REV_A1\3&2411E6FE&1&48
   Driver: n/a

     Name: PCI standard RAM Controller
Device ID: PCI\VEN_10DE&DEV_03B3&SUBSYS_C55E10DE&REV_A1\3&2411E6FE&1&0E
   Driver: n/a

     Name: PCI standard RAM Controller
Device ID: PCI\VEN_10DE&DEV_03AB&SUBSYS_C55E10DE&REV_A1\3&2411E6FE&1&04
   Driver: n/a

     Name: NVIDIA nForce 10/100/1000 Mbps Ethernet #2
Device ID: PCI\VEN_10DE&DEV_0373&SUBSYS_C55E10DE&REV_A2\3&2411E6FE&1&90
   Driver: n/a

     Name: NVIDIA nForce PCI System Management
Device ID: PCI\VEN_10DE&DEV_0368&SUBSYS_C55E10DE&REV_A2\3&2411E6FE&1&51
   Driver: n/a

     Name: PCI standard RAM Controller
Device ID: PCI\VEN_10DE&DEV_03B2&SUBSYS_C55E10DE&REV_A1\3&2411E6FE&1&0D
   Driver: n/a

     Name: PCI standard RAM Controller
Device ID: PCI\VEN_10DE&DEV_03AA&SUBSYS_C55E10DE&REV_A1\3&2411E6FE&1&02
   Driver: n/a

     Name: NVIDIA nForce 10/100/1000 Mbps Ethernet
Device ID: PCI\VEN_10DE&DEV_0373&SUBSYS_C55E10DE&REV_A2\3&2411E6FE&1&88
   Driver: n/a

     Name: PCI standard ISA bridge
Device ID: PCI\VEN_10DE&DEV_0360&SUBSYS_C55E10DE&REV_A2\3&2411E6FE&1&50
   Driver: C:\Windows\system32\DRIVERS\msisadrv.sys, 6.01.7600.16385 (English), 7/13/2009 21:48:27, 15424 bytes

------------------
DirectShow Filters
------------------

DirectShow Filters:
WMAudio Decoder DMO,0x00800800,1,1,WMADMOD.DLL,6.01.7600.16385
WMAPro over S/PDIF DMO,0x00600800,1,1,WMADMOD.DLL,6.01.7600.16385
WMSpeech Decoder DMO,0x00600800,1,1,WMSPDMOD.DLL,6.01.7600.16385
MP3 Decoder DMO,0x00600800,1,1,mp3dmod.dll,6.01.7600.16385
Mpeg4s Decoder DMO,0x00800001,1,1,mp4sdecd.dll,6.01.7600.16385
WMV Screen decoder DMO,0x00600800,1,1,wmvsdecd.dll,6.01.7600.16385
WMVideo Decoder DMO,0x00800001,1,1,wmvdecod.dll,6.01.7600.16385
Mpeg43 Decoder DMO,0x00800001,1,1,mp43decd.dll,6.01.7600.16385
Mpeg4 Decoder DMO,0x00800001,1,1,mpg4decd.dll,6.01.7600.16385
DV Muxer,0x00400000,0,0,qdv.dll,6.06.7600.16385
Color Space Converter,0x00400001,1,1,quartz.dll,6.06.7600.16490
WM ASF Reader,0x00400000,0,0,qasf.dll,12.00.7600.16385
Screen Capture filter,0x00200000,0,1,wmpsrcwp.dll,12.00.7600.16385
AVI Splitter,0x00600000,1,1,quartz.dll,6.06.7600.16490
VGA 16 Color Ditherer,0x00400000,1,1,quartz.dll,6.06.7600.16490
SBE2MediaTypeProfile,0x00200000,0,0,sbe.dll,6.06.7600.16385
Microsoft DTV-DVD Video Decoder,0x005fffff,2,4,msmpeg2vdec.dll,6.01.7140.0000
AC3 Parser Filter,0x00600000,1,1,mpg2splt.ax,6.06.7600.16590
StreamBufferSink,0x00200000,0,0,sbe.dll,6.06.7600.16385
Microsoft TV Captions Decoder,0x00200001,1,0,MSTVCapn.dll,6.01.7600.16385
MJPEG Decompressor,0x00600000,1,1,quartz.dll,6.06.7600.16490
CBVA DMO wrapper filter,0x00200000,1,1,cbva.dll,6.01.7600.16385
MPEG-I Stream Splitter,0x00600000,1,2,quartz.dll,6.06.7600.16490
SAMI (CC) Parser,0x00400000,1,1,quartz.dll,6.06.7600.16490
VBI Codec,0x00600000,1,4,VBICodec.ax,6.06.7600.16385
MPEG-2 Splitter,0x005fffff,1,0,mpg2splt.ax,6.06.7600.16590
Closed Captions Analysis Filter,0x00200000,2,5,cca.dll,6.06.7600.16385
SBE2FileScan,0x00200000,0,0,sbe.dll,6.06.7600.16385
Microsoft MPEG-2 Video Encoder,0x00200000,1,1,msmpeg2enc.dll,6.01.7600.16385
Internal Script Command Renderer,0x00800001,1,0,quartz.dll,6.06.7600.16490
MPEG Audio Decoder,0x03680001,1,1,quartz.dll,6.06.7600.16490
DV Splitter,0x00600000,1,2,qdv.dll,6.06.7600.16385
Video Mixing Renderer 9,0x00200000,1,0,quartz.dll,6.06.7600.16490
Microsoft MPEG-2 Encoder,0x00200000,2,1,msmpeg2enc.dll,6.01.7600.16385
ACM Wrapper,0x00600000,1,1,quartz.dll,6.06.7600.16490
Video Renderer,0x00800001,1,0,quartz.dll,6.06.7600.16490
MPEG-2 Video Stream Analyzer,0x00200000,0,0,sbe.dll,6.06.7600.16385
Line 21 Decoder,0x00600000,1,1,,
Video Port Manager,0x00600000,2,1,quartz.dll,6.06.7600.16490
Video Renderer,0x00400000,1,0,quartz.dll,6.06.7600.16490
VPS Decoder,0x00200000,0,0,WSTPager.ax,6.06.7600.16385
WM ASF Writer,0x00400000,0,0,qasf.dll,12.00.7600.16385
VBI Surface Allocator,0x00600000,1,1,vbisurf.ax,6.01.7600.16385
File writer,0x00200000,1,0,qcap.dll,6.06.7600.16385
iTV Data Sink,0x00600000,1,0,itvdata.dll,6.06.7600.16385
iTV Data Capture filter,0x00600000,1,1,itvdata.dll,6.06.7600.16385
DVD Navigator,0x00200000,0,3,qdvd.dll,6.06.7600.16385
Microsoft TV Subtitles Decoder,0x00200001,1,0,MSTVCapn.dll,6.01.7600.16385
Overlay Mixer2,0x00200000,1,1,,
RDP DShow Redirection Filter,0xffffffff,1,0,DShowRdpFilter.dll,
Microsoft MPEG-2 Audio Encoder,0x00200000,1,1,msmpeg2enc.dll,6.01.7600.16385
WST Pager,0x00200000,1,1,WSTPager.ax,6.06.7600.16385
MPEG-2 Demultiplexer,0x00600000,1,1,mpg2splt.ax,6.06.7600.16590
DV Video Decoder,0x00800000,1,1,qdv.dll,6.06.7600.16385
SampleGrabber,0x00200000,1,1,qedit.dll,6.06.7600.16385
Null Renderer,0x00200000,1,0,qedit.dll,6.06.7600.16385
MPEG-2 Sections and Tables,0x005fffff,1,0,Mpeg2Data.ax,6.06.7600.16385
Microsoft AC3 Encoder,0x00200000,1,1,msac3enc.dll,6.01.7600.16385
StreamBufferSource,0x00200000,0,0,sbe.dll,6.06.7600.16385
Smart Tee,0x00200000,1,2,qcap.dll,6.06.7600.16385
Overlay Mixer,0x00200000,0,0,,
AVI Decompressor,0x00600000,1,1,quartz.dll,6.06.7600.16490
NetBridge,0x00200000,2,0,netbridge.dll,6.01.7600.16385
AVI/WAV File Source,0x00400000,0,2,quartz.dll,6.06.7600.16490
Wave Parser,0x00400000,1,1,quartz.dll,6.06.7600.16490
MIDI Parser,0x00400000,1,1,quartz.dll,6.06.7600.16490
Multi-file Parser,0x00400000,1,1,quartz.dll,6.06.7600.16490
File stream renderer,0x00400000,1,1,quartz.dll,6.06.7600.16490
Microsoft DTV-DVD Audio Decoder,0x005fffff,1,1,msmpeg2adec.dll,6.01.7140.0000
StreamBufferSink2,0x00200000,0,0,sbe.dll,6.06.7600.16385
AVI Mux,0x00200000,1,0,qcap.dll,6.06.7600.16385
Line 21 Decoder 2,0x00600002,1,1,quartz.dll,6.06.7600.16490
File Source (Async.),0x00400000,0,1,quartz.dll,6.06.7600.16490
File Source (URL),0x00400000,0,1,quartz.dll,6.06.7600.16490
Media Center Extender Encryption Filter,0x00200000,2,2,Mcx2Filter.dll,6.01.7600.16385
AudioRecorder WAV Dest,0x00200000,0,0,WavDest.dll,
AudioRecorder Wave Form,0x00200000,0,0,WavDest.dll,
SoundRecorder Null Renderer,0x00200000,0,0,WavDest.dll,
Infinite Pin Tee Filter,0x00200000,1,1,qcap.dll,6.06.7600.16385
Enhanced Video Renderer,0x00200000,1,0,evr.dll,6.01.7600.16385
BDA MPEG2 Transport Information Filter,0x00200000,2,0,psisrndr.ax,6.06.7600.16385
MPEG Video Decoder,0x40000001,1,1,quartz.dll,6.06.7600.16490

WDM Streaming Tee/Splitter Devices:
Tee/Sink-to-Sink Converter,0x00200000,1,1,ksproxy.ax,6.01.7600.16385

Video Compressors:
WMVideo8 Encoder DMO,0x00600800,1,1,wmvxencd.dll,6.01.7600.16385
WMVideo9 Encoder DMO,0x00600800,1,1,wmvencod.dll,6.01.7600.16385
MSScreen 9 encoder DMO,0x00600800,1,1,wmvsencd.dll,6.01.7600.16385
DV Video Encoder,0x00200000,0,0,qdv.dll,6.06.7600.16385
MJPEG Compressor,0x00200000,0,0,quartz.dll,6.06.7600.16490

Audio Compressors:
WM Speech Encoder DMO,0x00600800,1,1,WMSPDMOE.DLL,6.01.7600.16385
WMAudio Encoder DMO,0x00600800,1,1,WMADMOE.DLL,6.01.7600.16385
IMA ADPCM,0x00200000,1,1,quartz.dll,6.06.7600.16490
PCM,0x00200000,1,1,quartz.dll,6.06.7600.16490
Microsoft ADPCM,0x00200000,1,1,quartz.dll,6.06.7600.16490
GSM 6.10,0x00200000,1,1,quartz.dll,6.06.7600.16490
CCITT A-Law,0x00200000,1,1,quartz.dll,6.06.7600.16490
CCITT u-Law,0x00200000,1,1,quartz.dll,6.06.7600.16490
MPEG Layer-3,0x00200000,1,1,quartz.dll,6.06.7600.16490

Audio Capture Sources:
Microphone (High Definition Aud,0x00200000,0,0,qcap.dll,6.06.7600.16385
Digital Audio (S/PDIF) (High De,0x00200000,0,0,qcap.dll,6.06.7600.16385
Headset Microphone (Plantronics,0x00200000,0,0,qcap.dll,6.06.7600.16385
Line In (High Definition Audio ,0x00200000,0,0,qcap.dll,6.06.7600.16385

PBDA CP Filters:
PBDA DTFilter,0x00600000,1,1,CPFilters.dll,6.06.7600.16590
PBDA ETFilter,0x00200000,0,0,CPFilters.dll,6.06.7600.16590
PBDA PTFilter,0x00200000,0,0,CPFilters.dll,6.06.7600.16590

Midi Renderers:
Default MidiOut Device,0x00800000,1,0,quartz.dll,6.06.7600.16490
Microsoft GS Wavetable Synth,0x00200000,1,0,quartz.dll,6.06.7600.16490

WDM Streaming Capture Devices:
HD Audio Mixed capture,0x00200000,1,1,ksproxy.ax,6.01.7600.16385
HD Audio Digital in,0x00200000,1,1,ksproxy.ax,6.01.7600.16385
Plantronics Headset,0x00200000,2,2,ksproxy.ax,6.01.7600.16385

WDM Streaming Rendering Devices:
HD Audio Headphone/Speakers,0x00200000,1,1,ksproxy.ax,6.01.7600.16385
HD Audio SPDIF out,0x00200000,1,1,ksproxy.ax,6.01.7600.16385
Plantronics Headset,0x00200000,2,2,ksproxy.ax,6.01.7600.16385

BDA Network Providers:
Microsoft ATSC Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7600.16385
Microsoft DVBC Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7600.16385
Microsoft DVBS Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7600.16385
Microsoft DVBT Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7600.16385
Microsoft Network Provider,0x00200000,0,1,MSNP.ax,6.06.7600.16590

Multi-Instance Capable VBI Codecs:
VBI Codec,0x00600000,1,4,VBICodec.ax,6.06.7600.16385

BDA Transport Information Renderers:
BDA MPEG2 Transport Information Filter,0x00600000,2,0,psisrndr.ax,6.06.7600.16385
MPEG-2 Sections and Tables,0x00600000,1,0,Mpeg2Data.ax,6.06.7600.16385

BDA CP/CA Filters:
Decrypt/Tag,0x00600000,1,1,EncDec.dll,6.06.7600.16385
Encrypt/Tag,0x00200000,0,0,EncDec.dll,6.06.7600.16385
PTFilter,0x00200000,0,0,EncDec.dll,6.06.7600.16385
XDS Codec,0x00200000,0,0,EncDec.dll,6.06.7600.16385

WDM Streaming Communication Transforms:
Tee/Sink-to-Sink Converter,0x00200000,1,1,ksproxy.ax,6.01.7600.16385

Audio Renderers:
Speakers (High Definition Audio,0x00200000,1,0,quartz.dll,6.06.7600.16490
Default DirectSound Device,0x00800000,1,0,quartz.dll,6.06.7600.16490
Default WaveOut Device,0x00200000,1,0,quartz.dll,6.06.7600.16490
Digital Audio (S/PDIF) (High De,0x00200000,1,0,quartz.dll,6.06.7600.16490
DirectSound: Digital Audio (S/PDIF) (High Definition Audio Device),0x00200000,1,0,quartz.dll,6.06.7600.16490
DirectSound: Headset Earphone (Plantronics Headset),0x00200000,1,0,quartz.dll,6.06.7600.16490
DirectSound: Speakers (High Definition Audio Device),0x00200000,1,0,quartz.dll,6.06.7600.16490
Headset Earphone (Plantronics H,0x00200000,1,0,quartz.dll,6.06.7600.16490

---------------
EVR Power Information
---------------
Current Setting: {5C67A112-A4C9-483F-B4A7-1D473BECAFDC} (Quality)
  Quality Flags: 2576
    Enabled:
    Force throttling
    Allow half deinterlace
    Allow scaling
    Decode Power Usage: 100
  Balanced Flags: 1424
    Enabled:
    Force throttling
    Allow batching
    Force half deinterlace
    Force scaling
    Decode Power Usage: 50
  PowerFlags: 1424
    Enabled:
    Force throttling
    Allow batching
    Force half deinterlace
    Force scaling
    Decode Power Usage: 0

Edited by Blade Zephon, 16 October 2010 - 04:49 AM.
Moved to log forum and fixed formatting. ~BZ


BC AdBot (Login to Remove)

 


#2 TrendyGuy

TrendyGuy
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:04:20 PM

Posted 16 October 2010 - 02:15 PM

I got a suggestion from someone that my paging file may have needed to be defragged. So I switched it to a different volume, defragged, but it didn't do any good.



Please note: you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a MRT Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the MRT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the MRT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the MRT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRT Team member is already assisting you and not open the thread to respond.

While we understand your frustration at having to wait, please note that Bleeping Computer deals with several hundred requests for assistance such as yours on a daily basis. As a result, our backlog is quite large as are other comparable sites that help others with malware issues. Although our MRT Team members work on hundreds of requests each day, they are all volunteers who work logs when they can and are able to do so. No one is paid by Bleeping Computer for their assistance to our members.

Further, our malware removal staff is comprised of team members with various levels of skill and expertise to deal with thousands of malware variants, some more complex than others. Although we try to take DDS/HJT logs in order (starting with the oldest), it is often the skill level of the particular helper and sometimes the operating system that dictates which logs get selected first. Some infections are more complicated than others and require a higher skill level to remove. Without that skill level attempted removal could result in disastrous results. In other instances, the helper may not be familiar with the operating system that you are using, since they use another. In either case, neither of us want someone to assist you who is not familiar with your issue and attempt to fix it.

Please be patient. It may take several days to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.

Orange Blossom fruits_cherry.gif

Edited by Orange Blossom, 16 October 2010 - 05:39 PM.


#3 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,820 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:20 PM

Posted 26 October 2010 - 11:36 AM

Hello ,
And :welcome: to the Bleeping Computer Malware Removal Forum
. My name is Elise and I'll be glad to help you with your computer problems.


I will be working on your malware issues, this may or may not solve other issues you may have with your machine.

Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.
  • The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen.
  • Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic.
  • The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.
  • Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.
You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.
-----------------------------------------------------------

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

If you have already posted a log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Quick Scan button.
  • Two reports will open, copy and paste them in a reply here:
    • OTListIt.txt <-- Will be opened
    • Extra.txt <-- Will be minimized

Please download Rootkit Unhooker and save it to your Desktop
  • Double-click on RKUnhookerLE to run it
  • Click the Report tab, then click Scan
  • Check Drivers, Stealth and uncheck the rest
  • Click OK
  • Wait until it's finished and then go to File > Save Report
  • Save the report to your Desktop
Copy the entire contents of the report and paste it in a reply here.

Note - you may get this warning it is ok, just ignore: "Rootkit Unhooker has detected a parasite inside itself!
It is recommended to remove parasite, okay?"


-------------------------------------------------------------
In the meantime please, do NOT install any new programs or update anything unless told to do so while we are fixing your problem

If you still need help, please include the following in your next reply
  • A detailed description of your problems
  • A new OTL log (don't forget extra.txt)
  • RKU log

Thanks and again sorry for the delay.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#4 TrendyGuy

TrendyGuy
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:04:20 PM

Posted 27 October 2010 - 09:16 PM

I could not get Rootkit Unhooker to run on the system. I get the error "Error loading driver, NTSTATUS code: 0xC000036B". But the rest of the logs are below. Thanks for the help!




OTL logfile created on: 10/27/2010 10:05:19 PM - Run 1
OTL by OldTimer - Version 3.2.17.1 Folder = C:\Users\Rob\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 77.00% Memory free
8.00 Gb Paging File | 7.00 Gb Available in Paging File | 88.00% Paging File free
Paging file location(s): g:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 269.70 Gb Total Space | 140.34 Gb Free Space | 52.03% Space Free | Partition Type: NTFS
Drive G: | 9.76 Gb Total Space | 5.69 Gb Free Space | 58.27% Space Free | Partition Type: NTFS

Computer Name: ROB-PC | User Name: Rob | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/10/27 22:04:54 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Rob\Downloads\OTL.exe
PRC - [2010/10/12 02:37:00 | 000,974,904 | ---- | M] (Google Inc.) -- C:\Users\Rob\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2010/10/08 01:03:46 | 000,369,256 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2009/04/23 09:51:38 | 000,691,656 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe


========== Modules (SafeList) ==========

MOD - [2010/10/27 22:04:54 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Rob\Downloads\OTL.exe
MOD - [2010/08/21 01:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/08/24 22:58:46 | 003,013,448 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\Program Files\OO Software\Defrag\oodag.exe -- (OODefragAgent)
SRV:64bit: - [2010/04/26 19:04:26 | 001,038,088 | ---- | M] (Acresso Software Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2010/10/08 01:03:46 | 000,369,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/07/21 18:09:34 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/04/26 19:03:28 | 000,655,624 | ---- | M] (Acresso Software Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/08/15 05:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/09/07 16:08:55 | 000,155,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009/11/11 15:47:18 | 000,348,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2009/10/10 23:47:27 | 000,871,408 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009/07/13 21:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 21:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/02/06 03:00:00 | 000,054,480 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV - [2010/10/15 18:02:56 | 000,021,712 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS -- (DrvAgent64)
DRV - [2008/08/14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-592426344-2057482586-2944740404-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKU\S-1-5-21-592426344-2057482586-2944740404-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-592426344-2057482586-2944740404-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2E 37 E8 BF 13 64 CB 01 [binary data]
IE - HKU\S-1-5-21-592426344-2057482586-2944740404-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {F8CC37C3-CBEB-4A00-8CBF-26A88693F0C5}:2.2010.10.11
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/09/29 11:32:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/09/29 11:32:44 | 000,000,000 | ---D | M]

[2009/10/10 19:19:10 | 000,000,000 | ---D | M] -- C:\Users\Rob\AppData\Roaming\Mozilla\Extensions
[2010/10/17 19:38:45 | 000,000,000 | ---D | M] -- C:\Users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\kyxn4x4o.default\extensions
[2010/09/10 11:28:16 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\kyxn4x4o.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/10/15 18:13:47 | 000,000,000 | ---D | M] (DriverAgent Plugin for Firefox and Opera) -- C:\Users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\kyxn4x4o.default\extensions\{F8CC37C3-CBEB-4A00-8CBF-26A88693F0C5}
[2010/10/12 20:34:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/10/12 20:34:40 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/06/12 20:58:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/09/26 17:46:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2010/04/26 18:28:51 | 000,000,858 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O3 - HKU\S-1-5-21-592426344-2057482586-2944740404-1001\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [NVRaidService] C:\Windows\SysNative\nvraidservice.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe (O&O Software GmbH)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-592426344-2057482586-2944740404-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{e0a45a33-b618-11de-b3c3-00044b01d43d}\Shell - "" = AutoRun
O33 - MountPoints2\{e0a45a33-b618-11de-b3c3-00044b01d43d}\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (OODBS) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/10/19 19:05:47 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2010/10/19 19:05:47 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2010/10/15 22:00:51 | 000,000,000 | ---D | C] -- C:\Users\Rob\Desktop\LOTRO High Res Installer Files
[2010/10/15 22:00:42 | 000,000,000 | ---D | C] -- C:\Users\Rob\AppData\Local\PMB Files
[2010/10/15 22:00:42 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2010/10/15 22:00:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2010/10/15 18:45:44 | 000,000,000 | ---D | C] -- C:\Users\Rob\AppData\Roaming\IObit
[2010/10/15 18:45:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2010/10/15 18:02:56 | 000,021,712 | ---- | C] (Phoenix Technologies) -- C:\Windows\SysWow64\drivers\DrvAgent64.SYS
[2010/10/15 18:02:56 | 000,000,000 | ---D | C] -- C:\Users\Rob\AppData\Local\eSupport.com
[2010/10/13 22:56:54 | 000,000,000 | ---D | C] -- C:\Users\Rob\AppData\Local\José_Luis_Orihuela_Conde
[2010/10/13 22:56:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LOTRO DefragSuite
[2010/10/13 13:57:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\oodag
[2010/10/13 11:01:40 | 000,000,000 | ---D | C] -- C:\Users\Rob\AppData\Local\O&O
[2010/10/13 11:00:17 | 000,000,000 | ---D | C] -- C:\Program Files\OO Software
[2010/10/13 10:59:48 | 000,000,000 | ---D | C] -- C:\Users\Rob\AppData\Local\Downloaded Installations
[2010/10/13 10:58:54 | 000,000,000 | ---D | C] -- C:\Users\Rob\Documents\O&O Defrag Professional 14.0.145 (32 & 64 bit) WITH KEY
[2010/10/13 10:39:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010/10/13 10:39:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2010/10/12 22:50:36 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010/10/12 20:34:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2010/10/04 18:31:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/10/27 22:03:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/10/27 22:03:14 | 3220,078,592 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/27 22:03:13 | 000,017,864 | ---- | M] () -- C:\Windows\SysNative\oodbs.lor
[2010/10/24 20:16:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-592426344-2057482586-2944740404-1001UA.job
[2010/10/24 19:02:53 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-592426344-2057482586-2944740404-1001Core.job
[2010/10/23 10:06:38 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/10/23 10:06:38 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/10/23 10:05:44 | 000,739,790 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/10/23 10:05:44 | 000,632,708 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/10/23 10:05:44 | 000,110,342 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/10/19 20:50:54 | 000,007,612 | ---- | M] () -- C:\Users\Rob\AppData\Local\Resmon.ResmonCfg
[2010/10/15 18:45:44 | 000,001,094 | ---- | M] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2010/10/15 18:45:44 | 000,001,082 | ---- | M] () -- C:\Users\Public\Desktop\Game Booster 2.lnk
[2010/10/15 18:02:57 | 000,001,095 | ---- | M] () -- C:\Users\Rob\Desktop\Find Drivers with DriverAgent.lnk
[2010/10/15 18:02:56 | 000,021,712 | ---- | M] (Phoenix Technologies) -- C:\Windows\SysWow64\drivers\DrvAgent64.SYS
[2010/10/14 20:19:15 | 003,825,624 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/10/13 11:00:19 | 000,001,995 | ---- | M] () -- C:\Users\Public\Desktop\O&O Defrag.lnk
[2010/10/13 10:39:14 | 000,001,258 | ---- | M] () -- C:\Users\Rob\Desktop\Spybot - Search & Destroy.lnk
[2010/10/08 04:47:00 | 000,067,176 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2010/10/08 04:47:00 | 000,057,960 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2010/10/08 04:47:00 | 000,007,261 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/10/18 18:11:01 | 000,000,900 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-592426344-2057482586-2944740404-1001UA.job
[2010/10/18 18:11:00 | 000,000,848 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-592426344-2057482586-2944740404-1001Core.job
[2010/10/15 18:45:44 | 000,001,094 | ---- | C] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2010/10/15 18:45:44 | 000,001,082 | ---- | C] () -- C:\Users\Public\Desktop\Game Booster 2.lnk
[2010/10/15 18:10:12 | 000,000,538 | ---- | C] () -- C:\Windows\SysNative\RegRaidSedona.bat
[2010/10/15 18:10:11 | 000,007,052 | ---- | C] () -- C:\Windows\SysNative\nvide.nvu
[2010/10/15 18:09:16 | 000,009,548 | ---- | C] () -- C:\Windows\SysNative\drivers\nvphy.bin
[2010/10/15 18:02:57 | 000,001,095 | ---- | C] () -- C:\Users\Rob\Desktop\Find Drivers with DriverAgent.lnk
[2010/10/14 20:18:36 | 000,017,864 | ---- | C] () -- C:\Windows\SysNative\oodbs.lor
[2010/10/13 11:00:19 | 000,001,995 | ---- | C] () -- C:\Users\Public\Desktop\O&O Defrag.lnk
[2010/10/13 10:39:14 | 000,001,258 | ---- | C] () -- C:\Users\Rob\Desktop\Spybot - Search & Destroy.lnk
[2010/10/13 08:28:45 | 000,007,612 | ---- | C] () -- C:\Users\Rob\AppData\Local\Resmon.ResmonCfg
[2010/03/30 18:10:56 | 000,000,151 | ---- | C] () -- C:\Windows\Sierra.ini
[2010/02/01 19:36:59 | 000,071,769 | ---- | C] () -- C:\Users\Rob\AppData\Roaming\icarus-dxdiag.xml
[2009/10/23 15:05:53 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/10/12 10:55:12 | 000,000,091 | ---- | C] () -- C:\Users\Rob\AppData\Local\fusioncache.dat
[2009/10/12 10:17:09 | 000,749,726 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

========== LOP Check ==========

[2010/09/06 13:08:35 | 000,000,000 | ---D | M] -- C:\Users\Rob\AppData\Roaming\.minecraft
[2009/10/11 00:00:13 | 000,000,000 | ---D | M] -- C:\Users\Rob\AppData\Roaming\DAEMON Tools Lite
[2009/10/21 18:06:49 | 000,000,000 | ---D | M] -- C:\Users\Rob\AppData\Roaming\FOG Downloader
[2010/10/15 18:45:44 | 000,000,000 | ---D | M] -- C:\Users\Rob\AppData\Roaming\IObit
[2009/11/05 19:45:30 | 000,000,000 | ---D | M] -- C:\Users\Rob\AppData\Roaming\OpenOffice.org
[2009/10/14 09:43:24 | 000,000,000 | ---D | M] -- C:\Users\Rob\AppData\Roaming\SystemRequirementsLab
[2010/08/07 21:39:38 | 000,000,000 | ---D | M] -- C:\Users\Rob\AppData\Roaming\Turbine
[2010/03/28 12:32:15 | 000,000,000 | ---D | M] -- C:\Users\Rob\AppData\Roaming\uTorrent
[2010/10/13 08:14:59 | 000,032,630 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 60 bytes -> C:\Users\Rob\Documents\Robert Sporing.doc:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\Users\Rob\Documents\lis741final.doc:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\Users\Rob\Documents\libraryfuture.docx:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\Users\Rob\Documents\libraryfuture.doc:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\Users\Rob\Documents\director interview.docx:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\Users\Rob\Documents\755 bib9.doc:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\Users\Rob\Documents\755 bib11.doc:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\Users\Rob\Documents\755 bib10.doc:AFP_AfpInfo
@Alternate Data Stream - 42 bytes -> C:\Users\Rob\Documents\thesis_proposal.docx:com.apple.quarantine
@Alternate Data Stream - 286 bytes -> C:\Users\Rob\Documents\Robert Sporing.doc:AFP_Resource
@Alternate Data Stream - 286 bytes -> C:\Users\Rob\Documents\lis741final.doc:AFP_Resource
@Alternate Data Stream - 286 bytes -> C:\Users\Rob\Documents\libraryfuture.doc:AFP_Resource
@Alternate Data Stream - 286 bytes -> C:\Users\Rob\Documents\755 bib9.doc:AFP_Resource
@Alternate Data Stream - 286 bytes -> C:\Users\Rob\Documents\755 bib8.doc:AFP_Resource
@Alternate Data Stream - 286 bytes -> C:\Users\Rob\Documents\755 bib11.doc:AFP_Resource
@Alternate Data Stream - 286 bytes -> C:\Users\Rob\Documents\755 bib10.doc:AFP_Resource

< End of report >


OTL Extras logfile created on: 10/27/2010 10:05:19 PM - Run 1
OTL by OldTimer - Version 3.2.17.1 Folder = C:\Users\Rob\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 77.00% Memory free
8.00 Gb Paging File | 7.00 Gb Available in Paging File | 88.00% Paging File free
Paging file location(s): g:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 269.70 Gb Total Space | 140.34 Gb Free Space | 52.03% Space Free | Partition Type: NTFS
Drive G: | 9.76 Gb Total Space | 5.69 Gb Free Space | 58.27% Space Free | Partition Type: NTFS

Computer Name: ROB-PC | User Name: Rob | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-592426344-2057482586-2944740404-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\Rob\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{8027B1DD-D875-4315-8FE9-B2CFDD1BB8F1}" = O&O Defrag Professional
"{84BC87D4-0480-4E10-B15D-1E7886D55180}" = iTunes
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{9EFC40E3-5F31-4F75-8445-286273F74D8E}" = Apple Mobile Device Support
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 260.89
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 260.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 260.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.1.9.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B37A99DD-88E2-4ED0-80B4-1E054AB354BF}" = Adobe InDesign CS4 Icon Handler x64
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{DAE239CE-EB9D-4EB3-B0D4-528D6BAA48FD}" = Bonjour
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"DriverAgent.exe" = DriverAgent by eSupport.com
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
"WinRAR archiver" = WinRAR archiver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{121EF407-C22A-43A3-BA61-DA735312EEC4}" = GridClicker
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab
"{2168245A-B5AD-40D8-A641-48E3E070B5B6}" = Adobe Flash CS4 STI-en
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java™ 6 Update 21
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A6829EF-0791-4FDD-9382-C690DD0821B9}" = Adobe Flash Player 10 ActiveX
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{4723f199-fa64-4233-8e6e-9fccc95a18ee}" = Python 2.6.5
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4
"{793D1D88-6141-43DE-BE58-59BCE31B4090}" = Adobe Flash CS4 Extension - Flash Lite STI en
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E44AC72F-4170-48E1-9B3A-06D4A211EA67}" = LOTRO DefragSuite
"{E6B87DC4-2B3D-4483-ADFF-E483BF718991}" = OpenOffice.org 3.1
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"12bbe590-c890-11d9-9669-0800200c9a66_is1" = The Lord of the Rings Online™ - Mines of Moria™ - Live
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_b2d6abde968e6f277ddbfd501383e02" = Adobe Creative Suite 4 Master Collection
"Cisco Connect" = Cisco Connect
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Digital Editions" = Adobe Digital Editions
"ESET Online Scanner" = ESET Online Scanner v3
"Game Booster 2 Beta1.1_is1" = Game Booster 2
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.5.13)" = Mozilla Firefox (3.5.13)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Star Trek Online" = Star Trek Online
"StarCraft II" = StarCraft II
"Steam App 400" = Portal
"Steam App 440" = Team Fortress 2
"Steam App 49400" = Magic: The Gathering - Duels of the Planeswalkers
"Steam App 630" = Alien Swarm
"Tribes 2" = Tribes 2
"uTorrent" = µTorrent

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-592426344-2057482586-2944740404-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"pycrypto-py2.6" = Python 2.6 pycrypto-2.1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/20/2010 6:41:50 PM | Computer Name = Rob-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 10/22/2010 7:02:08 PM | Computer Name = Rob-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 10/22/2010 7:14:12 PM | Computer Name = Rob-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 10/22/2010 7:14:12 PM | Computer Name = Rob-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 10/22/2010 8:07:00 PM | Computer Name = Rob-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 10/23/2010 9:59:33 AM | Computer Name = Rob-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 10/23/2010 5:10:52 PM | Computer Name = Rob-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 10/24/2010 11:16:52 AM | Computer Name = Rob-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 10/24/2010 6:57:18 PM | Computer Name = Rob-PC | Source = Application Hang | ID = 1002
Description = The program lotroclient.exe version 3.2.4.8005 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: f04 Start
Time: 01cb73ceb539f666 Termination Time: 182 Application Path: C:\Program Files (x86)\Turbine\The
Lord of the Rings Online\lotroclient.exe Report Id:

Error - 10/27/2010 10:03:30 PM | Computer Name = Rob-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

[ System Events ]
Error - 10/22/2010 7:45:18 PM | Computer Name = Rob-PC | Source = DCOM | ID = 10016
Description =

Error - 10/22/2010 7:55:18 PM | Computer Name = Rob-PC | Source = DCOM | ID = 10016
Description =

Error - 10/22/2010 8:05:18 PM | Computer Name = Rob-PC | Source = DCOM | ID = 10016
Description =

Error - 10/22/2010 8:15:18 PM | Computer Name = Rob-PC | Source = DCOM | ID = 10016
Description =

Error - 10/22/2010 8:25:18 PM | Computer Name = Rob-PC | Source = DCOM | ID = 10016
Description =

Error - 10/22/2010 8:35:18 PM | Computer Name = Rob-PC | Source = DCOM | ID = 10016
Description =

Error - 10/23/2010 10:01:05 AM | Computer Name = Rob-PC | Source = DCOM | ID = 10016
Description =

Error - 10/23/2010 1:07:27 PM | Computer Name = Rob-PC | Source = Microsoft-Windows-HAL | ID = 12
Description = The platform firmware has corrupted memory across the previous system
power transition. Please check for updated firmware for your system.

Error - 10/24/2010 8:33:38 PM | Computer Name = Rob-PC | Source = bowser | ID = 8003
Description =

Error - 10/27/2010 10:04:23 PM | Computer Name = Rob-PC | Source = DCOM | ID = 10016
Description =


< End of report >

#5 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,820 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:20 PM

Posted 28 October 2010 - 03:21 AM

Hello again,

MALWAREBYTES ANTIMALWARE
-------------------------------------------
Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2

MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Full Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#6 TrendyGuy

TrendyGuy
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:04:20 PM

Posted 28 October 2010 - 08:02 PM

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4980

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

10/28/2010 8:59:40 PM
mbam-log-2010-10-28 (20-59-40).txt

Scan type: Full scan (A:\|C:\|D:\|E:\|F:\|G:\|)
Objects scanned: 339065
Time elapsed: 20 minute(s), 26 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#7 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,820 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:20 PM

Posted 29 October 2010 - 07:51 AM

I don't think your problems are caused by malware, but lets first rule that out altogether.

UPDATE JAVA
------------------
Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 6 and save it to your desktop.
  • Look for "JDK 6 Update 22 (JDK or JRE)".
  • Click the "Download JRE" button to the right.
  • Select your Platform: "Windows".
  • Select your Language: "Multi-language".
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • Click Continue and the page will refresh.
  • Under Required Files, check the box for Windows Offline Installation, click the link below it and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u21-windows-i586.exe to install the newest version.
  • If using Windows Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
-- Starting with Java 6u10, the uninstaller incorporated in each new release uses Enhanced Auto update to automatically remove the previous version when updating to a later update release. It will not remove older versions, so they will need to be removed manually.
-- Java is updated frequently. If you want to be automatically notified of future updates, just turn on the Java Automatic Update feature and you will not have to remember to update when Java releases a new version.


Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click Ok and reboot your computer.


ESET ONLINE SCANNER
----------------------------
I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Check Posted Image
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    Note - when ESET doesn't find any threats, no report will be created.
  • Push the Posted Image button.
  • Push Posted Image

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#8 TrendyGuy

TrendyGuy
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:04:20 PM

Posted 29 October 2010 - 11:05 PM

I just ran the ESET online scanner and it found 0 infected files. I can't output a log because it isn't giving me the option of doing so. After the scanner finished the only option it is giving me is to "Uninstall application on close".

#9 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,820 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:20 PM

Posted 30 October 2010 - 05:02 AM

No signs of malware here. Did you try to reinstall the game yet?

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#10 TrendyGuy

TrendyGuy
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:04:20 PM

Posted 31 October 2010 - 05:50 PM

No, I haven't tried that yet. Is there a program that tests hardware? I am thinking that maybe one of my hard drives is going and they maybe the problem. Do you know of a program that might test that?

#11 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,820 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:20 PM

Posted 01 November 2010 - 03:01 AM

I'd start with testing your RAM (based on the event viewer errors).

See here for a tutorial.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#12 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,820 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:20 PM

Posted 06 November 2010 - 05:48 AM

Hi, are you still there?

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#13 TrendyGuy

TrendyGuy
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:04:20 PM

Posted 06 November 2010 - 09:18 PM

Hi, are you still there?


Yes, I am. I just haven't had a chance to do the memtest yet. I am going to do it tomorrow and post back my results.

#14 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,820 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:20 PM

Posted 07 November 2010 - 03:35 AM

Okay, please keep me posted. :)

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#15 TrendyGuy

TrendyGuy
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:04:20 PM

Posted 08 November 2010 - 10:54 PM

So I got a new problem. I went to turn my computer on yesterday and it wouldn't work at all. I just kept getting blue screens and it would restart by itself. I would then get a screen telling me windows couldn't start and to run a troubleshooter which would also crash. One time it got stuck on the blue screen and I copied down what was on it, I put the error below. After two hours the computer finally started and I put memtest on a floppy and tried to run it. It will not run off the floppy it starts loading then hits an error. I am going to try burning it on a CD tomorrow at work and then try running it again. I will post back when I do that.

I really appreciate your help and hopefully we can figure out my problem!

Technical information:
***STOP: 0x0000007E (0xFFFFFFFFC0000005, 0xFFFFF880010F5251, 0xFFFFF8800298D998, 0xFFFFF8800298D1F0)
***ACPI.sys - Address FFFFF880010F5251 base at FFFFF880010CF000, DateStamp 4a5bc106




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users