Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

UserFaultCheck and dumprep 0 -u [Solved]

Started by Hetion , May 17 2009 07:56 PM

  • This topic is locked This topic is locked

#1
Hetion
Posted 17 May 2009 - 07:56 PM

Hetion

    Member

  • Member
  • PipPip
  • 30 posts
Hello, recently I have begun having problems with my PC, and I believe that this program, UserFaultCheck (which has a target file of dumprep 0 -u) that is in my startup lists may have something to do with it. I have tried deleting it in safe mode, and through regedit, but it always comes back.

The problem that is being caused is basically a crash of Explorer.exe everytime my system starts up. It flickers for a bit, then it crashes, or if it doesn't 'crash' completely, it gets rid of the custom skins I have on my system (via Window Blinds), replacing it with the Classic skin. The classic skin itself is also often glitched however, such as appearing black where it should be grey and such.

Also, it disables my audio drivers, but I have found a temp fix for this, all I have to do is run "services.msc", and 'Start' the Windows Audio (which stops with this problem every time I boot the system).

Here's my stuff:

OTListIt logfile created on: 17/05/2009 6:44:37 PM - Run 5
OTListIt2 by OldTimer - Version 2.0.15.8 Folder = I:\Documents and Settings\David Tan\Desktop\Geeks to Go
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18241)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): I:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = I: | %SystemRoot% = I:\WINDOWS | %ProgramFiles% = I:\Program Files
Drive C: | 312.50 Gb Total Space | 69.05 Gb Free Space | 22.09% Space Free | Partition Type: NTFS
Drive D: | 48.83 Gb Total Space | 48.74 Gb Free Space | 99.82% Space Free | Partition Type: NTFS
Drive E: | 244.14 Gb Total Space | 102.26 Gb Free Space | 41.89% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 153.26 Gb Total Space | 42.15 Gb Free Space | 27.50% Space Free | Partition Type: NTFS
Drive M: | 172.79 Gb Total Space | 170.12 Gb Free Space | 98.46% Space Free | Partition Type: NTFS

Computer Name: DAVID
Current User Name: David Tan
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (All) ==========

PRC - I:\WINDOWS\System32\smss.exe (Microsoft Corporation)
PRC - I:\WINDOWS\system32\csrss.exe (Microsoft Corporation)
PRC - I:\WINDOWS\system32\winlogon.exe (Microsoft Corporation)
PRC - I:\WINDOWS\system32\services.exe (Microsoft Corporation)
PRC - I:\WINDOWS\system32\lsass.exe (Microsoft Corporation)
PRC - I:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe (Webroot Software, Inc. )
PRC - I:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
PRC - I:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
PRC - I:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
PRC - I:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
PRC - I:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
PRC - I:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
PRC - I:\WINDOWS\system32\spoolsv.exe (Microsoft Corporation)
PRC - I:\Program Files\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
PRC - I:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - I:\Program Files\RivaTuner v2.22\RivaTuner.exe ()
PRC - I:\WINDOWS\system32\RUNDLL32.EXE (Microsoft Corporation)
PRC - I:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
PRC - I:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
PRC - I:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
PRC - I:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
PRC - I:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
PRC - I:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - I:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe (Webroot Software, Inc.)
PRC - I:\Program Files\RocketDock\RocketDock.exe ()
PRC - I:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
PRC - C:\program files\steam\steam.exe (Valve Corporation)
PRC - I:\Program Files\Stardock\CursorFX\CursorFX.exe (Stardock Corporation)
PRC - I:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
PRC - I:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE (Logitech, Inc.)
PRC - I:\WINDOWS\SYSTEM32\CTXFISPI.EXE (Creative Technology Ltd)
PRC - I:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe (Logitech Inc.)
PRC - I:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - I:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - I:\WINDOWS\system32\CTsvcCDA.exe (Creative Technology Ltd)
PRC - I:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - I:\Program Files\Mediafour\MacDrive 7\MacDriveService.exe (Mediafour Corporation)
PRC - I:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
PRC - I:\WINDOWS\system32\oodag.exe (O&O Software GmbH)
PRC - I:\WINDOWS\system32\PnkBstrA.exe ()
PRC - I:\WINDOWS\system32\tcpsvcs.exe (Microsoft Corporation)
PRC - I:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe (Webroot Software, Inc. (www.webroot.com))
PRC - I:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe ()
PRC - I:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe ()
PRC - I:\WINDOWS\system32\wbem\unsecapp.exe (Microsoft Corporation)
PRC - I:\WINDOWS\System32\alg.exe (Microsoft Corporation)
PRC - I:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
PRC - I:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - I:\Program Files\Webroot\WebrootSecurity\SSU.EXE (Webroot Software, Inc. (www.webroot.com))
PRC - I:\Documents and Settings\David Tan\Desktop\Geeks to Go\OTListIt2.exe (OldTimer Tools)
PRC - I:\WINDOWS\notepad.exe (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (6to4 [Auto | Stopped]) -- I:\WINDOWS\System32\6to4svc.dll (Microsoft Corporation)
SRV - (Apple Mobile Device [Auto | Running]) -- I:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (Bonjour Service [Auto | Running]) -- I:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Creative Audio Engine Licensing Service [On_Demand | Stopped]) -- I:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (Creative Dolby Digital Live Pack Licensing Service [On_Demand | Stopped]) -- I:\Program Files\Common Files\Creative Labs Shared\Service\DDLLicensing.exe (Creative Labs)
SRV - (Creative Service for CDROM Access [Auto | Running]) -- I:\WINDOWS\system32\CTsvcCDA.exe (Creative Technology Ltd)
SRV - (CTAudSvcService [Auto | Running]) -- I:\Program Files\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- I:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (ForceWare Intelligent Application Manager (IAM) [Auto | Running]) -- I:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe ()
SRV - (helpsvc [Auto | Running]) -- I:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- I:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (idsvc [Unknown | Stopped]) -- I:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (iPod Service [On_Demand | Stopped]) -- I:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (JavaQuickStarterService [Auto | Running]) -- I:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (Lavasoft Ad-Aware Service [Auto | Running]) -- I:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (LBTServ [On_Demand | Stopped]) -- I:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (MacDriveService [Auto | Running]) -- I:\Program Files\Mediafour\MacDrive 7\MacDriveService.exe (Mediafour Corporation)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- I:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (nSvcIp [Auto | Running]) -- I:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe ()
SRV - (NVSvc [Auto | Running]) -- I:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
SRV - (O&O Defrag [Auto | Running]) -- I:\WINDOWS\system32\oodag.exe (O&O Software GmbH)
SRV - (p2pgasvc [On_Demand | Stopped]) -- I:\WINDOWS\system32\p2pgasvc.dll (Microsoft Corporation)
SRV - (PnkBstrA [Auto | Running]) -- I:\WINDOWS\system32\PnkBstrA.exe ()
SRV - (SimpTcp [Auto | Running]) -- I:\WINDOWS\system32\tcpsvcs.exe (Microsoft Corporation)
SRV - (WebrootSpySweeperService [Auto | Running]) -- I:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe (Webroot Software, Inc. (www.webroot.com))
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- I:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
SRV - (WRConsumerService [Auto | Running]) -- I:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe (Webroot Software, Inc. )

========== Driver Services (SafeList) ==========

DRV - (AsIO [System | Running]) -- I:\WINDOWS\system32\drivers\AsIO.sys ()
DRV - (avipbb [System | Running]) -- I:\WINDOWS\system32\DRIVERS\avipbb.sys (Avira GmbH)
DRV - (CT20XUT [On_Demand | Stopped]) -- I:\WINDOWS\system32\drivers\CT20XUT.SYS (Creative Technology Ltd.)
DRV - (CT20XUT.SYS [On_Demand | Running]) -- I:\WINDOWS\System32\drivers\CT20XUT.SYS (Creative Technology Ltd.)
DRV - (ctac32k [On_Demand | Stopped]) -- I:\WINDOWS\system32\drivers\ctac32k.sys (Creative Technology Ltd)
DRV - (ctaud2k [On_Demand | Running]) -- I:\WINDOWS\system32\drivers\ctaud2k.sys (Creative Technology Ltd)
DRV - (CTEXFIFX [On_Demand | Stopped]) -- I:\WINDOWS\system32\drivers\CTEXFIFX.SYS (Creative Technology Ltd.)
DRV - (CTEXFIFX.SYS [On_Demand | Running]) -- I:\WINDOWS\System32\drivers\CTEXFIFX.SYS (Creative Technology Ltd.)
DRV - (CTHWIUT [On_Demand | Stopped]) -- I:\WINDOWS\system32\drivers\CTHWIUT.SYS (Creative Technology Ltd.)
DRV - (CTHWIUT.SYS [On_Demand | Running]) -- I:\WINDOWS\System32\drivers\CTHWIUT.SYS (Creative Technology Ltd.)
DRV - (ctprxy2k [On_Demand | Running]) -- I:\WINDOWS\system32\drivers\ctprxy2k.sys (Creative Technology Ltd)
DRV - (ctsfm2k [On_Demand | Running]) -- I:\WINDOWS\system32\drivers\ctsfm2k.sys (Creative Technology Ltd)
DRV - (emupia [On_Demand | Running]) -- I:\WINDOWS\system32\drivers\emupia2k.sys (Creative Technology Ltd)
DRV - (ENTECH [On_Demand | Stopped]) -- I:\WINDOWS\system32\DRIVERS\ENTECH.sys (EnTech Taiwan)
DRV - (GEARAspiWDM [On_Demand | Running]) -- I:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (ha20x22k [On_Demand | Running]) -- I:\WINDOWS\system32\drivers\ha20x22k.sys (Creative Technology Ltd)
DRV - (ha20x2k [On_Demand | Stopped]) -- I:\WINDOWS\system32\drivers\ha20x2k.sys (Creative Technology Ltd)
DRV - (HDAudBus [On_Demand | Stopped]) -- I:\WINDOWS\system32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)
DRV - (IntcAzAudAddService [On_Demand | Stopped]) -- I:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (L8042Kbd [On_Demand | Stopped]) -- I:\WINDOWS\system32\DRIVERS\L8042Kbd.sys (Logitech, Inc.)
DRV - (L8042mou [On_Demand | Stopped]) -- I:\WINDOWS\system32\DRIVERS\L8042mou.Sys (Logitech, Inc.)
DRV - (Lbd [Boot | Running]) -- I:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (LHidFilt [On_Demand | Running]) -- I:\WINDOWS\system32\DRIVERS\LHidFilt.Sys (Logitech, Inc.)
DRV - (LMouFilt [On_Demand | Running]) -- I:\WINDOWS\system32\DRIVERS\LMouFilt.Sys (Logitech, Inc.)
DRV - (LMouKE [On_Demand | Stopped]) -- I:\WINDOWS\system32\DRIVERS\LMouKE.Sys (Logitech, Inc.)
DRV - (MDFSYSNT [Boot | Running]) -- I:\WINDOWS\System32\drivers\MDFSYSNT.SYS (Mediafour Corporation)
DRV - (MDPMGRNT [Boot | Running]) -- I:\WINDOWS\System32\drivers\MDPMGRNT.SYS (Mediafour Corporation)
DRV - (MTsensor [On_Demand | Running]) -- I:\WINDOWS\system32\DRIVERS\ASACPI.sys ()
DRV - (nm [On_Demand | Stopped]) -- I:\WINDOWS\system32\DRIVERS\NMnt.sys (Microsoft Corporation)
DRV - (nv [On_Demand | Running]) -- I:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (NVENETFD [On_Demand | Running]) -- I:\WINDOWS\system32\DRIVERS\NVENETFD.sys (NVIDIA Corporation)
DRV - (nvgts [Boot | Running]) -- I:\WINDOWS\system32\DRIVERS\nvgts.sys (NVIDIA Corporation)
DRV - (nvnetbus [On_Demand | Running]) -- I:\WINDOWS\system32\DRIVERS\nvnetbus.sys (NVIDIA Corporation)
DRV - (ossrv [On_Demand | Running]) -- I:\WINDOWS\system32\drivers\ctoss2k.sys (Creative Technology Ltd.)
DRV - (PQNTDrv [System | Running]) -- I:\WINDOWS\System32\drivers\PQNTDRV.sys (PowerQuest Corporation)
DRV - (Ptilink [On_Demand | Running]) -- I:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (RivaTuner32 [On_Demand | Running]) -- I:\Program Files\RivaTuner v2.22\RivaTuner32.sys ()
DRV - (RVIEG01 [Auto | Running]) -- I:\Program Files\Roland\Virtual Sound Canvas DXi\RVIEg01.sys (Roland)
DRV - (RVIEGVST [Auto | Running]) -- I:\Program Files\Roland\Virtual Sound Canvas VST\RVIEg01VST.sys (Roland)
DRV - (Secdrv [On_Demand | Stopped]) -- I:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (sptd [Boot | Running]) -- I:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (ssfs0bbc [Boot | Running]) -- I:\WINDOWS\system32\DRIVERS\ssfs0bbc.sys (Webroot Software, Inc. (www.webroot.com))
DRV - (sshrmd [Boot | Running]) -- I:\WINDOWS\system32\DRIVERS\sshrmd.sys (Webroot Software, Inc. (www.webroot.com))
DRV - (ssidrv [Boot | Running]) -- I:\WINDOWS\system32\DRIVERS\ssidrv.sys (Webroot Software, Inc. (www.webroot.com))
DRV - (ssmdrv [System | Running]) -- I:\WINDOWS\system32\DRIVERS\ssmdrv.sys (Avira GmbH)
DRV - (Tcpip6 [System | Running]) -- I:\WINDOWS\system32\DRIVERS\tcpip6.sys (Microsoft Corporation)
DRV - (USBAAPL [On_Demand | Stopped]) -- I:\WINDOWS\System32\Drivers\usbaapl.sys (Apple, Inc.)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = I:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = I:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...p...&ar=msnhome
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://en-US.start2....en-US:official"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.0.2
FF - prefs.js..extensions.enabledItems: [email protected]:0.9.5.2
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.4.1
FF - prefs.js..extensions.enabledItems: {c36177c0-224a-11da-8cd6-0800200c9a99}:3.0.4
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: I:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2008/12/24 02:20:16 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: I:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/01/25 21:25:35 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Components: I:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/05/17 12:45:28 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Plugins: I:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/05/17 12:45:28 | 00,000,000 | ---D | M]

[2009/05/17 12:45:34 | 00,000,000 | ---D | M] -- I:\Documents and Settings\David Tan\Application Data\mozilla\Extensions
[2008/12/24 02:30:08 | 00,000,000 | ---D | M] -- I:\Documents and Settings\David Tan\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/05/17 18:21:22 | 00,000,000 | ---D | M] -- I:\Documents and Settings\David Tan\Application Data\mozilla\Firefox\Profiles\upfm47nn.default\extensions
[2009/05/17 16:15:43 | 00,000,000 | ---D | M] -- I:\Documents and Settings\David Tan\Application Data\mozilla\Firefox\Profiles\upfm47nn.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/01/17 05:10:17 | 00,000,000 | ---D | M] -- I:\Documents and Settings\David Tan\Application Data\mozilla\Firefox\Profiles\upfm47nn.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(2)
[2009/02/05 17:41:25 | 00,000,000 | ---D | M] -- I:\Documents and Settings\David Tan\Application Data\mozilla\Firefox\Profiles\upfm47nn.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(3)
[2008/12/24 03:13:24 | 00,000,000 | ---D | M] -- I:\Documents and Settings\David Tan\Application Data\mozilla\Firefox\Profiles\upfm47nn.default\extensions\{c36177c0-224a-11da-8cd6-0800200c9a99}
[2009/04/15 23:36:58 | 00,000,000 | ---D | M] -- I:\Documents and Settings\David Tan\Application Data\mozilla\Firefox\Profiles\upfm47nn.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/05/11 16:21:55 | 00,000,000 | ---D | M] -- I:\Documents and Settings\David Tan\Application Data\mozilla\Firefox\Profiles\upfm47nn.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2009/03/25 22:05:11 | 00,000,000 | ---D | M] -- I:\Documents and Settings\David Tan\Application Data\mozilla\Firefox\Profiles\upfm47nn.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}(2)
[2009/05/11 16:21:55 | 00,000,000 | ---D | M] -- I:\Documents and Settings\David Tan\Application Data\mozilla\Firefox\Profiles\upfm47nn.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}(3)
[2009/01/09 20:37:41 | 00,000,000 | ---D | M] -- I:\Documents and Settings\David Tan\Application Data\mozilla\Firefox\Profiles\upfm47nn.default\extensions\[email protected]
[2009/05/17 18:20:54 | 00,000,000 | ---D | M] -- I:\Program Files\mozilla firefox\extensions
[2009/05/13 21:09:26 | 00,000,000 | ---D | M] -- I:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/05/17 18:14:44 | 00,000,000 | ---D | M] -- I:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/03/26 12:11:21 | 00,023,032 | ---- | M] (Mozilla Foundation) -- I:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/03/26 12:11:22 | 00,134,648 | ---- | M] (Mozilla Foundation) -- I:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/05/13 21:09:21 | 00,001,394 | ---- | M] () -- I:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/05/13 21:09:21 | 00,002,193 | ---- | M] () -- I:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/05/13 21:09:21 | 00,001,534 | ---- | M] () -- I:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/05/13 21:09:21 | 00,002,343 | ---- | M] () -- I:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/05/13 21:09:21 | 00,001,706 | ---- | M] () -- I:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/05/13 21:09:21 | 00,001,178 | ---- | M] () -- I:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/05/13 21:09:21 | 00,000,792 | ---- | M] () -- I:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (27 bytes) - I:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - I:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - Reg Error: Key error. File not found
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - I:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Ad-Watch] "I:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe" (Lavasoft)
O4 - HKLM..\Run: [IMJPMIG8.1] "I:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 (Microsoft Corporation)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] "I:\WINDOWS\KHALMNPR.EXE" (Logitech, Inc.)
O4 - HKLM..\Run: [Launch LCDMon] "I:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" (Logitech Inc.)
O4 - HKLM..\Run: [Launch LGDCore] "I:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE (Logitech Inc.)
O4 - HKLM..\Run: [Launch LgDevAgt] "I:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe" (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] "I:\WINDOWS\system32\RUNDLL32.EXE" I:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] "I:\WINDOWS\system32\RUNDLL32.EXE" I:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] "I:\WINDOWS\system32\nwiz.exe" /install ()
O4 - HKLM..\Run: [RivaTuner] "I:\Program Files\RivaTuner v2.22\RivaTuner.exe" /T ()
O4 - HKLM..\Run: [RivaTunerStartupDaemon] "I:\Program Files\RivaTuner v2.22\RivaTuner.exe" /S ()
O4 - HKLM..\Run: [SpySweeper] "I:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe" /startintray (Webroot Software, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "I:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [UpdReg] "I:\WINDOWS\UpdReg.EXE" (Creative Technology Ltd.)
O4 - HKLM..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u File not found
O4 - HKLM..\Run: [VolPanel] "I:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r (Creative Technology Ltd)
O4 - HKCU..\Run: [CursorFX] "I:\Program Files\Stardock\CursorFX\CursorFX.exe" (Stardock Corporation)
O4 - HKCU..\Run: [RocketDock] "I:\Program Files\RocketDock\RocketDock.exe" ()
O4 - HKCU..\Run: [Steam] "c:\program files\steam\steam.exe" -silent (Valve Corporation)
O4 - Startup: I:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = I:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Reg Error: Value error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - I:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: internet ([]about in Internet)
O15 - HKCU\..Trusted Domains: 26 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://www.creative....15106/CTPID.cab (Creative Software AutoUpdate Support Package)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - I:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - I:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - I:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - I:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - I:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - I:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - I:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - I:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - I:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - I:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - I:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (I:\WINDOWS\system32\logonuiX.exe) - I:\WINDOWS\system32\logonuiX.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - i:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - i:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
O20 - Winlogon\Notify\WBSrv: DllName - I:\Program Files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll - I:\Program Files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll (Stardock Corporation)
O21 - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - I:\Program Files\Stardock\Object Desktop\IconPackager\iprepair.dll (Stardock.net, Inc)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - Reg Error: Key error. File not found
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - I:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - * [2009/05/17 18:42:33 | 00,000,000 | ---D | M]
O34 - HKLM BootExecute: (oodbs) - I:\WINDOWS\System32\oodbs.exe (O&O Software GmbH)
O34 - HKLM BootExecute: (lsdelete) - I:\WINDOWS\System32\lsdelete.exe ()

========== Files/Folders - Created Within 30 Days ==========

[4 I:\Documents and Settings\All Users\Application Data\*.tmp files]
[2009/05/17 18:29:51 | 00,000,000 | ---D | C] -- I:\Rooter$
[2009/05/17 18:29:46 | 00,267,612 | ---- | C] () -- I:\Documents and Settings\David Tan\Desktop\Rooter.exe
[2009/05/17 18:29:04 | 00,000,632 | ---- | C] () -- I:\Documents and Settings\David Tan\Desktop\NTREGOPT.lnk
[2009/05/17 18:28:53 | 00,791,393 | ---- | C] (Lars Hederer ) -- I:\Documents and Settings\David Tan\Desktop\erunt_setup.exe
[2009/05/17 18:27:28 | 00,000,000 | ---D | C] -- I:\Documents and Settings\David Tan\Desktop\Geeks to Go
[2009/05/17 18:25:10 | 00,000,000 | -HSD | C] -- I:\RECYCLER
[2009/05/17 18:14:56 | 00,000,210 | ---- | C] () -- I:\Boot.bak
[2009/05/17 18:14:55 | 00,260,272 | ---- | C] () -- I:\cmldr
[2009/05/17 18:14:54 | 00,000,000 | RHSD | C] -- I:\cmdcons
[2009/05/17 18:13:42 | 16,283,032 | ---- | C] () -- I:\Documents and Settings\David Tan\Desktop\jre-6u13-windows-i586-p.exe
[2009/05/17 18:11:05 | 00,244,338 | ---- | C] () -- I:\Documents and Settings\David Tan\Desktop\JavaRa.def
[2009/05/17 18:10:50 | 00,212,480 | ---- | C] (SteelWerX) -- I:\WINDOWS\SWXCACLS.exe
[2009/05/17 18:10:50 | 00,161,792 | ---- | C] (SteelWerX) -- I:\WINDOWS\SWREG.exe
[2009/05/17 18:10:50 | 00,136,704 | ---- | C] (SteelWerX) -- I:\WINDOWS\SWSC.exe
[2009/05/17 18:10:50 | 00,117,248 | ---- | C] () -- I:\WINDOWS\vFind.exe
[2009/05/17 18:10:50 | 00,098,816 | ---- | C] () -- I:\WINDOWS\sed.exe
[2009/05/17 18:10:50 | 00,080,412 | ---- | C] () -- I:\WINDOWS\grep.exe
[2009/05/17 18:10:50 | 00,068,096 | ---- | C] () -- I:\WINDOWS\zip.exe
[2009/05/17 18:10:50 | 00,031,232 | ---- | C] (NirSoft) -- I:\WINDOWS\NIRCMD.exe
[2009/05/17 18:10:45 | 00,389,120 | ---- | C] (Microsoft Corporation) -- I:\WINDOWS\System32\CF13026.exe
[2009/05/17 18:10:45 | 00,000,000 | ---D | C] -- I:\WINDOWS\ERDNT
[2009/05/17 18:10:45 | 00,000,000 | ---D | C] -- I:\ComboFix
[2009/05/17 18:10:41 | 00,000,000 | ---D | C] -- I:\Qoobox
[2009/05/17 18:09:55 | 00,000,000 | ---D | C] -- I:\Program Files\Spybot - Search & Destroy
[2009/05/17 18:09:55 | 00,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2009/05/17 18:09:40 | 00,151,552 | ---- | C] (The RaProducts Team: Paul McLain and Fred de Vries) -- I:\Documents and Settings\David Tan\Desktop\JavaRa.exe
[2009/05/17 18:09:34 | 00,069,512 | ---- | C] () -- I:\Documents and Settings\David Tan\Desktop\JavaRa.zip
[2009/05/17 18:05:44 | 16,409,960 | ---- | C] (Safer Networking Limited ) -- I:\Documents and Settings\David Tan\Desktop\spybotsd162.exe
[2009/05/17 17:11:32 | 01,684,528 | ---- | C] (Uniblue Systems ) -- I:\Documents and Settings\David Tan\Desktop\registrybooster(2).exe
[2009/05/17 16:45:51 | 00,015,688 | ---- | C] () -- I:\WINDOWS\System32\lsdelete.exe
[2009/05/17 16:40:10 | 00,000,472 | ---- | C] () -- I:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/05/17 16:40:06 | 00,064,160 | ---- | C] (Lavasoft AB) -- I:\WINDOWS\System32\drivers\Lbd.sys
[2009/05/17 16:37:12 | 00,000,000 | -H-D | C] -- I:\Documents and Settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
[2009/05/17 16:37:11 | 00,000,888 | ---- | C] () -- I:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2009/05/17 16:37:09 | 00,000,000 | ---D | C] -- I:\Program Files\Lavasoft
[2009/05/17 16:24:30 | 00,000,000 | ---D | C] -- I:\Documents and Settings\David Tan\Application Data\Uniblue
[2009/05/17 16:24:17 | 00,000,000 | ---D | C] -- I:\Program Files\Uniblue
[2009/05/17 16:24:12 | 00,000,000 | -H-D | C] -- I:\Documents and Settings\All Users\Application Data\{92E7A367-8E12-4830-AA70-29C32E331A81}
[2009/05/17 16:23:57 | 01,678,320 | ---- | C] (Uniblue Systems ) -- I:\Documents and Settings\David Tan\Desktop\registrybooster.exe
[2009/05/17 16:16:16 | 37,452,296 | ---- | C] (Lavasoft ) -- I:\Documents and Settings\David Tan\Desktop\Ad-AwareAE.exe
[2009/05/17 15:51:16 | 00,000,000 | ---D | C] -- I:\Documents and Settings\David Tan\Application Data\True Sword
[2009/05/17 15:50:12 | 00,356,352 | ---- | C] (eSellerate Inc.) -- I:\WINDOWS\eSellerateEngine.dll
[2009/05/17 15:50:12 | 00,081,920 | ---- | C] (eSellerate Inc.) -- I:\WINDOWS\eSellerateControl350.dll
[2009/05/17 15:50:12 | 00,001,619 | ---- | C] () -- I:\Documents and Settings\David Tan\Desktop\True Sword.lnk
[2009/05/17 15:50:11 | 00,000,000 | ---D | C] -- I:\Program Files\True Sword 5
[2009/05/17 15:46:51 | 08,667,730 | ---- | C] (Security Stronghold ) -- I:\Documents and Settings\David Tan\Desktop\TrueSword5.exe
[2009/05/17 12:45:26 | 00,000,000 | ---D | C] -- I:\Program Files\Common Files\Adobe AIR
[2009/05/17 12:45:24 | 00,000,000 | ---D | C] -- I:\Program Files\Adobe Media Player
[2009/05/17 12:44:46 | 00,000,000 | ---D | C] -- I:\Program Files\DVDVideoSoft
[2009/05/16 16:12:38 | 00,000,000 | ---D | C] -- I:\Program Files\Vogster Entertainment(2)
[2009/05/16 15:26:32 | 33,347,9936 | ---- | C] () -- I:\Documents and Settings\David Tan\Desktop\Sid_Meier's_Pirates_USA.iso
[2009/05/16 12:45:29 | 00,000,000 | ---D | C] -- I:\Program Files\Unlocker
[2009/05/16 12:07:44 | 08,388,608 | ---- | C] () -- I:\Documents and Settings\David Tan\Desktop\N+.nds
[2009/05/15 22:18:32 | 00,131,072 | ---- | C] () -- I:\Documents and Settings\David Tan\Desktop\TI85ROM.BIN
[2009/05/15 21:19:51 | 00,000,000 | ---D | C] -- I:\Documents and Settings\David Tan\Desktop\CycloDS
[2009/05/15 00:47:10 | 00,000,000 | ---D | C] -- I:\Program Files\Adobe Media Player(2)
[2009/05/15 00:46:52 | 00,000,000 | ---D | C] -- I:\Program Files\Common Files\Adobe AIR(2)
[2009/05/13 20:48:02 | 00,000,000 | ---D | C] -- I:\Documents and Settings\David Tan\My Documents\dvd
[2009/05/13 16:00:18 | 00,000,000 | ---D | C] -- I:\Program Files\DVD Flick
[2009/05/13 15:34:03 | 00,000,000 | ---D | C] -- I:\Documents and Settings\David Tan\Desktop\WiiBrew
[2009/05/13 05:03:00 | 40,032,48051 | ---- | C] () -- I:\Documents and Settings\David Tan\Desktop\Final Fantasy VII Advent Children.mp4
[2009/05/13 01:46:32 | 00,000,000 | ---D | C] -- I:\Program Files\Red Kawa
[2009/05/13 00:31:40 | 03,959,509 | ---- | C] () -- I:\Documents and Settings\David Tan\Desktop\2.flv
[2009/05/13 00:28:12 | 16,451,525 | ---- | C] () -- I:\Documents and Settings\David Tan\Desktop\get_video12.flv
[2009/05/13 00:27:17 | 07,533,497 | ---- | C] () -- I:\Documents and Settings\David Tan\Desktop\hot_pocket.flv
[2009/05/13 00:16:37 | 00,022,338 | ---- | C] () -- I:\Documents and Settings\David Tan\Desktop\Final.Fantasy.VII.Advent.Children.Complete.2009.720p.Bluray.DTS.PROPER.x264-EPiK.zip
[2009/05/13 00:10:47 | 00,000,000 | ---D | C] -- I:\Documents and Settings\David Tan\Application Data\Broad Intelligence
[2009/05/13 00:10:37 | 00,000,000 | ---D | C] -- I:\Program Files\MediaCoder
[2009/05/12 23:30:34 | 00,005,348 | ---- | C] () -- I:\Documents and Settings\David Tan\Desktop\wiiUR-1.0.zip
[2009/05/12 23:05:54 | 00,000,000 | ---D | C] -- I:\Documents and Settings\David Tan\Desktop\Stuff
[2009/05/12 19:07:54 | 00,000,000 | ---D | C] -- I:\Documents and Settings\David Tan\My Documents\SolidDVDBurner
[2009/05/12 19:06:58 | 00,000,000 | ---D | C] -- I:\Documents and Settings\David Tan\Application Data\DVD Flick
[2009/05/12 19:06:49 | 00,081,920 | ---- | C] (Marco Bellinaso) -- I:\WINDOWS\System32\mbmouse.ocx
[2009/05/12 19:06:49 | 00,036,864 | ---- | C] (Robdogg Inc.) -- I:\WINDOWS\System32\trayicon.ocx
[2009/05/12 19:06:48 | 00,000,000 | ---D | C] -- I:\Program Files\MKV to DVD Converter
[2009/05/12 19:04:37 | 06,037,564 | ---- | C] (MKV-TO-DVD, Inc. ) -- I:\Documents and Settings\David Tan\Desktop\MKV2DVDSetup.exe
[2009/05/12 19:02:27 | 00,000,913 | ---- | C] () -- I:\Documents and Settings\David Tan\Desktop\DVDVideoSoft Free Studio.lnk
[2009/05/12 19:02:27 | 00,000,000 | ---D | C] -- I:\Documents and Settings\David Tan\My Documents\DVDVideoSoft
[2009/05/12 19:02:18 | 00,000,000 | ---D | C] -- I:\Program Files\Common Files\DVDVideoSoft
[2009/05/12 18:59:12 | 09,929,811 | ---- | C] (DVDVideoSoft Limited. ) -- I:\Documents and Settings\David Tan\Desktop\FreeVideoToDVDConverter.exe
[2009/05/12 18:39:24 | 00,000,000 | ---D | C] -- I:\Documents and Settings\David Tan\Desktop\Avi2dvd_temp
[2009/05/12 18:27:05 | 26,317,90036 | ---- | C] () -- I:\Documents and Settings\David Tan\Desktop\Final Fantasy VII Advent Children.mkv
[2009/05/12 18:24:28 | 00,000,000 | ---D | C] -- I:\Program Files\AviSynth 2.5
[2009/05/12 18:20:32 | 00,000,000 | ---D | C] -- I:\Program Files\Avi2Dvd
[2009/05/12 18:14:46 | 38,191,05233 | ---- | C] () -- I:\Documents and Settings\David Tan\Desktop\Beta_download.zip
[2009/05/12 18:09:07 | 33,564,911 | ---- | C] () -- I:\Documents and Settings\David Tan\Desktop\Avi2Dvd_Setup_05.exe
[2009/05/12 17:46:59 | 00,000,000 | ---D | C] -- I:\Documents and Settings\David Tan\Desktop\Final Fantasy Tactics The War Of The Lions (U) [idgamez.co.uk]
[2009/05/12 02:11:17 | 00,528,788 | ---- | C] () -- I:\Documents and Settings\David Tan\Desktop\duke3ds.rar
[2009/05/12 01:54:16 | 23,015,455 | ---- | C] () -- I:\Documents and Settings\David Tan\Desktop\Wiibrew.zip
[2009/05/12 01:37:59 | 00,000,000 | ---D | C] -- I:\Documents and Settings\David Tan\Application Data\Astroburn
[2009/05/12 01:37:29 | 00,000,000 | ---D | C] -- I:\Program Files\Astroburn Toolbar
[2009/05/12 01:37:28 | 00,000,000 | ---D | C] -- I:\Program Files\Astroburn
[2009/05/12 01:34:49 | 05,636,840 | ---- | C] (Disk Software Ltd) -- I:\Documents and Settings\David Tan\Desktop\Astroburn1.0.91.exe
[2009/05/12 01:16:43 | 00,000,000 | ---D | C] -- I:\Documents and Settings\David Tan\Desktop\WiiEmus
[2009/05/12 01:15:00 | 03,314,123 | ---- | C] () -- I:\Documents and Settings\David Tan\Desktop\WiiEmus.rar
[2009/05/12 00:41:28 | 00,000,000 | ---D | C] -- I:\Documents and Settings\David Tan\My Documents\Any Video Converter
[2009/05/12 00:40:40 | 00,000,000 | ---D | C] -- I:\Documents and Settings\David Tan\Application Data\Any Video Converter
[2009/05/12 00:40:39 | 00,000,000 | ---D | C] -- I:\Program Files\Any Video Converter
[2009/05/12 00:38:17 | 15,490,280 | ---- | C] (Any-Video-Converter.com ) -- I:\Documents and Settings\David Tan\Desktop\avc-free.exe
[2009/05/11 22:17:16 | 02,652,452 | ---- | C] ( ) -- I:\Documents and Settings\David Tan\Desktop\ROM CHECK FAIL Setup.exe
[2009/05/11 18:35:21 | 00,000,004 | ---- | C] () -- I:\WINDOWSRegDefrag.dat
[2009/05/11 16:35:43 | 30,075,904 | ---- | C] () -- I:\Documents and Settings\David Tan\Desktop\avira_antivir_personal_en.exe
[2009/05/09 18:02:33 | 00,000,000 | ---D | C] -- I:\Program Files\PSP Brew
[2009/05/09 17:37:15 | 00,000,000 | ---D | C] -- I:\Program Files\PBP Unpacker
[2009/05/08 23:01:35 | 01,691,922 | ---- | C] () -- I:\Documents and Settings\David Tan\Desktop\12 12 Au Privave No 1 p24.mp3
[2009/05/03 23:22:40 | 00,116,551 | ---- | C] () -- I:\Documents and Settings\David Tan\Desktop\16898_PowerMgr0.2.3.zip
[2009/05/03 23:21:02 | 01,279,488 | ---- | C] (UMDGEN.COM) -- I:\Documents and Settings\David Tan\Desktop\UMDGen.exe
[2009/05/03 23:18:57 | 01,132,306 | ---- | C] () -- I:\Documents and Settings\David Tan\Desktop\UMDGen_v4.00.rar
[2009/05/03 21:16:28 | 00,001,673 | ---- | C] () -- I:\Documents and Settings\David Tan\Desktop\MapleStory.lnk
[2009/05/03 01:49:27 | 00,134,870 | ---- | C] () -- I:\Documents and Settings\David Tan\Desktop\FATMS500.rar
[2009/05/02 02:29:12 | 07,112,481 | ---- | C] () -- I:\Documents and Settings\David Tan\Desktop\Final Fantasy IX.zip
[2009/05/02 02:28:59 | 06,858,343 | ---- | C] () -- I:\Documents and Settings\David Tan\Desktop\Final Fantasy VIII.rar
[2009/05/02 02:22:53 | 04,884,063 | ---- | C] () -- I:\Documents and Settings\David Tan\Desktop\Final Fantasy VII.zip
[2009/05/02 01:34:10 | 00,000,041 | -HS- | C] () -- I:\Documents and Settings\All Users\Application Data\.zreglib
[2009/05/02 01:34:00 | 00,000,000 | ---D | C] -- I:\Program Files\SlySoft
[2009/05/01 20:00:02 | 00,468,677 | ---- | C] () -- I:\Documents and Settings\David Tan\Desktop\pool.zip
[2009/05/01 01:46:01 | 00,000,000 | ---D | C] -- I:\Documents and Settings\David Tan\Application Data\ijjigame
[2009/05/01 01:44:54 | 00,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Application Data\IJJIGame
[2009/04/30 23:30:41 | 40,487,4845 | ---- | C] () -- I:\Documents and Settings\David Tan\Desktop\GunboundRV_setup_updated.zip
[2009/04/30 20:32:45 | 00,000,000 | ---D | C] -- I:\Documents and Settings\All Users\Application Data\PMB Files
[2009/04/30 20:32:30 | 00,000,000 | ---D | C] -- I:\Program Files\Pando Networks
[2009/04/30 02:11:48 | 00,000,000 | ---D | C] -- I:\Documents and Settings\David Tan\Desktop\Univer_File
[2009/04/29 22:41:45 | 23,019,665 | ---- | C] () -- I:\Documents and Settings\David Tan\Desktop\3552 - Henry Hatsworth In The Puzzling Adventure (U)(Xenophobia).rar
[2009/04/28 22:29:41 | 00,000,000 | ---D | C] -- I:\Documents and Settings\David Tan\Desktop\PSP
[2009/04/22 23:35:47 | 00,000,000 | ---D | C] -- I:\Documents and Settings\David Tan\Desktop\New Folder
[2009/04/22 22:17:01 | 00,257,055 | ---- | C] () -- I:\Documents and Settings\David Tan\Desktop\Assignment.pdf
[2009/04/21 02:04:36 | 00,025,856 | ---- | C] (Microsoft Corporation) -- I:\WINDOWS\System32\drivers\usbprint.sys
[2009/04/21 02:04:36 | 00,025,856 | ---- | C] (Microsoft Corporation) -- I:\WINDOWS\System32\dllcache\usbprint.sys
[2009/04/21 01:25:09 | 00,000,341 | ---- | C] () -- I:\Program Files\Setup_ver1.1561.03.exe
[2009/04/21 01:25:09 | 00,000,335 | ---- | C] () -- I:\Program Files\MediaXCodec3.exe
[2009/04/21 01:24:42 | 00,000,335 | ---- | C] () -- I:\Program Files\MediaXCodec2.exe
[2009/04/21 01:24:41 | 00,000,341 | ---- | C] () -- I:\Program Files\Setup_ver1.1561.02.exe
[2009/04/21 01:23:53 | 00,000,341 | ---- | C] () -- I:\Program Files\Setup_ver1.1561.01.exe
[2009/04/21 01:23:53 | 00,000,335 | ---- | C] () -- I:\Program Files\MediaXCodec1.exe
[2009/04/21 01:23:44 | 00,000,341 | ---- | C] () -- I:\Program Files\Setup_ver1.1561.0.exe
[2009/04/21 01:23:44 | 00,000,335 | ---- | C] () -- I:\Program Files\MediaXCodec.exe
[2009/04/17 20:41:43 | 00,000,082 | ---- | C] () -- I:\WINDOWS\AW6.ini
[2009/04/17 20:41:42 | 00,000,000 | ---D | C] -- I:\Documents and Settings\David Tan\My Documents\AppleWorks User Data
[2009/04/17 20:41:42 | 00,000,000 | ---D | C] -- I:\Documents and Settings\David Tan\Application Data\AppleWorks
[2009/04/17 20:41:32 | 00,000,000 | ---D | C] -- I:\Program Files\Apple Computer
[2009/03/18 16:31:38 | 00,000,066 | ---- | C] () -- I:\WINDOWS\BBW_INFO.INI
[2009/01/25 22:27:43 | 00,000,262 | ---- | C] () -- I:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2009/01/22 20:02:15 | 00,000,026 | ---- | C] () -- I:\WINDOWS\startUp manager.INI
[2009/01/13 02:28:20 | 00,000,048 | ---- | C] () -- I:\WINDOWS\WININIT.INI
[2009/01/11 18:32:30 | 00,168,448 | ---- | C] () -- I:\WINDOWS\System32\unrar.dll
[2009/01/11 18:32:28 | 03,596,288 | ---- | C] () -- I:\WINDOWS\System32\qt-dx331.dll
[2009/01/11 18:32:28 | 00,057,344 | ---- | C] () -- I:\WINDOWS\System32\ff_vfw.dll
[2009/01/11 18:32:28 | 00,000,547 | ---- | C] () -- I:\WINDOWS\System32\ff_vfw.dll.manifest
[2009/01/02 01:22:10 | 00,000,000 | ---- | C] () -- I:\WINDOWS\oodcnt.INI
[2009/01/01 18:45:55 | 00,000,131 | ---- | C] () -- I:\WINDOWS\CRC.INI
[2008/12/26 18:14:09 | 00,001,045 | ---- | C] () -- I:\WINDOWS\Rtcwplat.INI
[2008/12/26 01:08:00 | 01,724,416 | ---- | C] () -- I:\WINDOWS\System32\nvwdmcpl.dll
[2008/12/26 01:08:00 | 01,507,328 | ---- | C] () -- I:\WINDOWS\System32\nview.dll
[2008/12/26 01:08:00 | 01,101,824 | ---- | C] () -- I:\WINDOWS\System32\nvwimg.dll
[2008/12/26 01:08:00 | 00,466,944 | ---- | C] () -- I:\WINDOWS\System32\nvshell.dll
[2008/12/25 04:53:05 | 00,000,023 | ---- | C] () -- I:\WINDOWS\BlendSettings.ini
[2008/12/25 03:46:55 | 01,584,149 | ---- | C] () -- I:\WINDOWS\System32\setupapinew.dll
[2008/12/25 03:46:55 | 00,789,525 | ---- | C] () -- I:\WINDOWS\System32\rpcrt4new.dll
[2008/12/25 03:46:55 | 00,681,478 | ---- | C] () -- I:\WINDOWS\System32\msvcrtnew.dll
[2008/12/25 03:46:55 | 00,633,871 | ---- | C] () -- I:\WINDOWS\System32\user32new.dll
[2008/12/25 03:46:55 | 00,134,671 | ---- | C] () -- I:\WINDOWS\System32\winstanew.dll
[2008/12/25 03:46:55 | 00,096,783 | ---- | C] () -- I:\WINDOWS\System32\powrprofnew.dll
[2008/12/25 03:46:55 | 00,087,558 | ---- | C] () -- I:\WINDOWS\System32\ntdsapinew.dll
[2008/12/25 03:46:55 | 00,072,707 | ---- | C] () -- I:\WINDOWS\System32\secur32new.dll
[2008/12/25 03:46:54 | 00,874,502 | ---- | C] () -- I:\WINDOWS\System32\kernel32new.dll
[2008/12/25 03:46:54 | 00,376,832 | ---- | C] () -- I:\WINDOWS\System32\M2000Twn.dll
[2008/12/25 03:46:54 | 00,039,948 | ---- | C] () -- I:\WINDOWS\System32\dwmapi.dll
[2008/12/25 03:46:53 | 00,974,354 | ---- | C] () -- I:\WINDOWS\System32\crypt32new.dll
[2008/12/25 03:46:53 | 00,770,069 | ---- | C] () -- I:\WINDOWS\System32\advapi32new.dll
[2008/12/25 03:46:53 | 00,187,398 | ---- | C] () -- I:\WINDOWS\System32\d3d10core.dll
[2008/12/25 03:46:53 | 00,171,023 | ---- | C] () -- I:\WINDOWS\System32\apphelpnew.dll
[2008/12/25 03:45:03 | 00,000,754 | ---- | C] () -- I:\WINDOWS\WORDPAD.INI
[2008/12/25 03:44:42 | 00,167,948 | ---- | C] () -- I:\WINDOWS\System32\dxgi.dll
[2008/12/25 03:44:42 | 00,025,037 | ---- | C] () -- I:\WINDOWS\System32\Nucleus.dll
[2008/12/25 03:44:40 | 01,029,126 | ---- | C] () -- I:\WINDOWS\System32\d3d10.dll
[2008/12/25 03:44:40 | 00,519,912 | ---- | C] () -- I:\WINDOWS\System32\d3dx10d_33.dll
[2008/12/25 03:44:40 | 00,519,912 | ---- | C] () -- I:\WINDOWS\System32\d3dx10d.dll
[2008/12/24 23:30:45 | 00,339,968 | ---- | C] () -- I:\WINDOWS\System32\pythoncom25.dll
[2008/12/24 23:30:45 | 00,114,688 | ---- | C] () -- I:\WINDOWS\System32\pywintypes25.dll
[2008/12/24 10:20:51 | 00,138,944 | ---- | C] () -- I:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008/12/24 08:59:12 | 00,003,972 | ---- | C] () -- I:\WINDOWS\System32\drivers\PciBus.sys
[2008/12/24 04:19:54 | 00,717,296 | ---- | C] () -- I:\WINDOWS\System32\drivers\sptd.sys
[2008/12/24 04:01:31 | 00,000,024 | ---- | C] () -- I:\WINDOWS\LogonStudio.ini
[2008/12/24 04:00:52 | 00,187,392 | ---- | C] () -- I:\WINDOWS\System32\JPGUtils.dll
[2008/12/24 03:54:49 | 00,000,081 | ---- | C] () -- I:\WINDOWS\WB.ini
[2008/12/24 01:56:35 | 00,000,307 | ---- | C] () -- I:\WINDOWS\System32\kill.ini
[2008/12/24 01:56:33 | 00,014,336 | ---- | C] ( ) -- I:\WINDOWS\System32\a3d.dll
[2008/12/24 01:56:31 | 00,002,560 | ---- | C] () -- I:\WINDOWS\System32\CtxfiRes.dll
[2008/12/24 00:22:25 | 00,024,576 | R--- | C] () -- I:\WINDOWS\System32\AsIO.dll
[2008/12/24 00:22:25 | 00,012,664 | R--- | C] () -- I:\WINDOWS\System32\drivers\AsIO.sys
[2008/12/24 00:22:23 | 00,012,096 | ---- | C] () -- I:\WINDOWS\System32\drivers\AsInsHelp64.sys
[2008/12/24 00:22:23 | 00,010,304 | ---- | C] () -- I:\WINDOWS\System32\drivers\AsInsHelp32.sys
[2008/12/24 00:06:29 | 00,015,728 | ---- | C] () -- I:\WINDOWS\Ascd_log.ini
[2008/12/24 00:04:53 | 00,015,498 | ---- | C] () -- I:\WINDOWS\Ascd_tmp.ini
[2008/12/24 00:04:53 | 00,005,810 | R--- | C] () -- I:\WINDOWS\System32\drivers\ASACPI.sys
[2008/12/24 00:04:42 | 00,012,536 | ---- | C] () -- I:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2008/12/07 22:25:56 | 00,031,088 | ---- | C] () -- I:\WINDOWS\System32\wrLZMA.dll
[2008/10/28 18:40:48 | 00,173,552 | ---- | C] () -- I:\WINDOWS\System32\xlive.dll.cat
[2008/10/07 10:13:30 | 00,197,912 | ---- | C] () -- I:\WINDOWS\System32\physxcudart_20.dll
[2008/10/07 10:13:22 | 00,058,648 | ---- | C] () -- I:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- I:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- I:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- I:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- I:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- I:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- I:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- I:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 10:13:20 | 00,058,648 | ---- | C] () -- I:\WINDOWS\System32\AgCPanelFrench.dll
[2008/08/06 22:44:38 | 00,027,148 | ---- | C] () -- I:\WINDOWS\System32\instwdm.ini
[2008/08/06 22:44:38 | 00,000,054 | ---- | C] () -- I:\WINDOWS\System32\ctzapxx.ini
[2008/08/06 22:15:12 | 00,002,560 | ---- | C] () -- I:\WINDOWS\CTXFIRES.DLL
[2008/04/14 05:00:00 | 00,000,579 | ---- | C] () -- I:\WINDOWS\win.ini
[2008/04/14 05:00:00 | 00,000,227 | ---- | C] () -- I:\WINDOWS\system.ini
[1997/06/13 19:56:08 | 00,056,832 | ---- | C] () -- I:\WINDOWS\System32\iyvu9_32.dll

========== Files - Modified Within 30 Days ==========

[16 I:\WINDOWS\System32\*.tmp files]
[4 I:\Documents and Settings\All Users\Application Data\*.tmp files]
[2009/05/17 18:36:34 | 00,000,006 | -H-- | M] () -- I:\WINDOWS\tasks\SA.DAT
[2009/05/17 18:34:30 | 00,200,941 | ---- | M] () -- I:\WINDOWS\System32\nvapps.xml
[2009/05/17 18:34:28 | 00,000,446 | ---- | M] () -- I:\WINDOWS\tasks\RegCure Program Check.job
[2009/05/17 18:34:28 | 00,000,320 | ---- | M] () -- I:\WINDOWS\tasks\GlaryInitialize.job
[2009/05/17 18:34:27 | 00,000,062 | -HS- | M] () -- I:\Documents and Settings\David Tan\Local Settings\desktop.ini
[2009/05/17 18:34:26 | 00,002,048 | --S- | M] () -- I:\WINDOWS\bootstat.dat
[2009/05/17 18:34:17 | 00,748,322 | ---- | M] () -- I:\WINDOWS\System32\oodbs.lor
[2009/05/17 18:33:42 | 00,054,104 | ---- | M] () -- I:\WINDOWS\System32\BMXStateBkp-{00000007-00000000-00000000-00001102-0000000B-00431102}.rfx
[2009/05/17 18:33:42 | 00,054,104 | ---- | M] () -- I:\WINDOWS\System32\BMXState-{00000007-00000000-00000000-00001102-0000000B-00431102}.rfx
[2009/05/17 18:33:42 | 00,000,796 | ---- | M] () -- I:\WINDOWS\System32\DVCState-{00000007-00000000-00000000-00001102-0000000B-00431102}.rfx
[2009/05/17 18:29:46 | 00,267,612 | ---- | M] () -- I:\Documents and Settings\David Tan\Desktop\Rooter.exe
[2009/05/17 18:29:04 | 00,000,632 | ---- | M] () -- I:\Documents and Settings\David Tan\Desktop\NTREGOPT.lnk
[2009/05/17 18:28:57 | 00,791,393 | ---- | M] (Lars Hederer ) -- I:\Documents and Settings\David Tan\Desktop\erunt_setup.exe
[2009/05/17 18:19:47 | 00,000,227 | ---- | M] () -- I:\WINDOWS\system.ini
[2009/05/17 18:17:42 | 00,000,027 | ---- | M] () -- I:\WINDOWS\System32\drivers\etc\hosts
[2009/05/17 18:14:56 | 00,000,281 | RHS- | M] () -- I:\boot.ini
[2009/05/17 18:14:10 | 16,283,032 | ---- | M] () -- I:\Documents and Settings\David Tan\Desktop\jre-6u13-windows-i586-p.exe
[2009/05/17 18:10:39 | 00,389,120 | ---- | M] (Microsoft Corporation) -- I:\WINDOWS\System32\CF13026.exe
[2009/05/17 18:09:34 | 00,069,512 | ---- | M] () -- I:\Documents and Settings\David Tan\Desktop\JavaRa.zip
[2009/05/17 18:06:36 | 16,409,960 | ---- | M] (Safer Networking Limited ) -- I:\Documents and Settings\David Tan\Desktop\spybotsd162.exe
[2009/05/17 17:50:38 | 00,000,131 | ---- | M] () -- I:\WINDOWS\CRC.INI
[2009/05/17 17:11:34 | 01,684,528 | ---- | M] (Uniblue Systems ) -- I:\Documents and Settings\David Tan\Desktop\registrybooster(2).exe
[2009/05/17 16:40:10 | 00,000,472 | ---- | M] () -- I:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/05/17 16:40:01 | 00,015,688 | ---- | M] () -- I:\WINDOWS\System32\lsdelete.exe
[2009/05/17 16:39:21 | 00,064,160 | ---- | M] (Lavasoft AB) -- I:\WINDOWS\System32\drivers\Lbd.sys
[2009/05/17 16:37:11 | 00,000,888 | ---- | M] () -- I:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2009/05/17 16:23:58 | 01,678,320 | ---- | M] (Uniblue Systems ) -- I:\Documents and Settings\David Tan\Desktop\registrybooster.exe
[2009/05/17 16:17:24 | 37,452,296 | ---- | M] (Lavasoft ) -- I:\Documents and Settings\David Tan\Desktop\Ad-AwareAE.exe
[2009/05/17 15:50:12 | 00,001,619 | ---- | M] () -- I:\Documents and Settings\David Tan\Desktop\True Sword.lnk
[2009/05/17 15:47:08 | 08,667,730 | ---- | M] (Security Stronghold ) -- I:\Documents and Settings\David Tan\Desktop\TrueSword5.exe
[2009/05/17 15:39:34 | 00,000,579 | ---- | M] () -- I:\WINDOWS\win.ini
[2009/05/17 12:51:53 | 00,013,646 | ---- | M] () -- I:\WINDOWS\System32\wpa.dbl
[2009/05/15 01:00:02 | 00,001,736 | ---- | M] () -- I:\WINDOWS\tasks\wrSpySweeper_L2386DEC8F4A64D2B991B35FE76A1F610.job
[2009/05/14 17:50:08 | 00,117,248 | ---- | M] () -- I:\WINDOWS\vFind.exe
[2009/05/13 05:05:53 | 40,032,48051 | ---- | M] () -- I:\Documents and Settings\David Tan\Desktop\Final Fantasy VII Advent Children.mp4
[2009/05/13 00:31:42 | 03,959,509 | ---- | M] () -- I:\Documents and Settings\David Tan\Desktop\2.flv
[2009/05/13 00:28:15 | 16,451,525 | ---- | M] () -- I:\Documents and Settings\David Tan\Desktop\get_video12.flv
[2009/05/13 00:27:18 | 07,533,497 | ---- | M] () -- I:\Documents and Settings\David Tan\Desktop\hot_pocket.flv
[2009/05/13 00:16:37 | 00,022,338 | ---- | M] () -- I:\Documents and Settings\David Tan\Desktop\Final.Fantasy.VII.Advent.Children.Complete.2009.720p.Bluray.DTS.PROPER.x264-EPiK.zip
[2009/05/12 23:30:34 | 00,005,348 | ---- | M] () -- I:\Documents and Settings\David Tan\Desktop\wiiUR-1.0.zip
[2009/05/12 20:08:35 | 38,191,05233 | ---- | M] () -- I:\Documents and Settings\David Tan\Desktop\Beta_download.zip
[2009/05/12 19:05:47 | 06,037,564 | ---- | M] (MKV-TO-DVD, Inc. ) -- I:\Documents and Settings\David Tan\Desktop\MKV2DVDSetup.exe
[2009/05/12 19:02:27 | 00,000,913 | ---- | M] () -- I:\Documents and Settings\David Tan\Desktop\DVDVideoSoft Free Studio.lnk
[2009/05/12 19:00:07 | 09,929,811 | ---- | M] (DVDVideoSoft Limited. ) -- I:\Documents and Settings\David Tan\Desktop\FreeVideoToDVDConverter.exe
[2009/05/12 18:13:24 | 33,564,911 | ---- | M] () -- I:\Documents and Settings\David Tan\Desktop\Avi2Dvd_Setup_05.exe
[2009/05/12 05:33:41 | 26,317,90036 | ---- | M] () -- I:\Documents and Settings\David Tan\Desktop\Final Fantasy VII Advent Children.mkv
[2009/05/12 02:11:22 | 00,528,788 | ---- | M] () -- I:\Documents and Settings\David Tan\Desktop\duke3ds.rar
[2009/05/12 01:58:05 | 23,015,455 | ---- | M] () -- I:\Documents and Settings\David Tan\Desktop\Wiibrew.zip
[2009/05/12 01:36:50 | 05,636,840 | ---- | M] (Disk Software Ltd) -- I:\Documents and Settings\David Tan\Desktop\Astroburn1.0.91.exe
[2009/05/12 01:15:32 | 03,314,123 | ---- | M] () -- I:\Documents and Settings\David Tan\Desktop\WiiEmus.rar
[2009/05/12 00:39:25 | 15,490,280 | ---- | M] (Any-Video-Converter.com ) -- I:\Documents and Settings\David Tan\Desktop\avc-free.exe
[2009/05/11 22:17:25 | 02,652,452 | ---- | M] ( ) -- I:\Documents and Settings\David Tan\Desktop\ROM CHECK FAIL Setup.exe
[2009/05/11 18:36:42 | 00,000,004 | ---- | M] () -- I:\WINDOWSRegDefrag.dat
[2009/05/11 16:37:28 | 30,075,904 | ---- | M] () -- I:\Documents and Settings\David Tan\Desktop\avira_antivir_personal_en.exe
[2009/05/08 23:01:47 | 01,691,922 | ---- | M] () -- I:\Documents and Settings\David Tan\Desktop\12 12 Au Privave No 1 p24.mp3
[2009/05/07 13:57:00 | 00,000,284 | ---- | M] () -- I:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/05/07 10:20:10 | 08,388,608 | ---- | M] () -- I:\Documents and Settings\David Tan\Desktop\N+.nds
[2009/05/07 03:00:00 | 00,000,380 | ---- | M] () -- I:\WINDOWS\tasks\RegCure.job
[2009/05/03 23:22:40 | 00,116,551 | ---- | M] () -- I:\Documents and Settings\David Tan\Desktop\16898_PowerMgr0.2.3.zip
[2009/05/03 23:19:20 | 01,132,306 | ---- | M] () -- I:\Documents and Settings\David Tan\Desktop\UMDGen_v4.00.rar
[2009/05/03 21:16:28 | 00,001,673 | ---- | M] () -- I:\Documents and Settings\David Tan\Desktop\MapleStory.lnk
[2009/05/03 01:49:27 | 00,134,870 | ---- | M] () -- I:\Documents and Settings\David Tan\Desktop\FATMS500.rar
[2009/05/02 03:06:35 | 00,000,041 | -HS- | M] () -- I:\Documents and Settings\All Users\Application Data\.zreglib
[2009/05/02 02:30:02 | 07,112,481 | ---- | M] () -- I:\Documents and Settings\David Tan\Desktop\Final Fantasy IX.zip
[2009/05/02 02:29:54 | 06,858,343 | ---- | M] () -- I:\Documents and Settings\David Tan\Desktop\Final Fantasy VIII.rar
[2009/05/02 02:23:21 | 04,884,063 | ---- | M] () -- I:\Documents and Settings\David Tan\Desktop\Final Fantasy VII.zip
[2009/05/01 20:00:03 | 00,468,677 | ---- | M] () -- I:\Documents and Settings\David Tan\Desktop\pool.zip
[2009/05/01 00:55:35 | 40,487,4845 | ---- | M] () -- I:\Documents and Settings\David Tan\Desktop\GunboundRV_setup_updated.zip
[2009/04/29 22:46:28 | 23,019,665 | ---- | M] () -- I:\Documents and Settings\David Tan\Desktop\3552 - Henry Hatsworth In The Puzzling Adventure (U)(Xenophobia).rar
[2009/04/22 22:17:01 | 00,257,055 | ---- | M] () -- I:\Documents and Settings\David Tan\Desktop\Assignment.pdf
[2009/04/22 00:20:19 | 00,000,620 | ---- | M] () -- I:\Documents and Settings\David Tan\Application Data\wklnhst.dat
[2009/04/21 01:25:05 | 00,069,720 | ---- | M] () -- I:\WINDOWS\uninstall.dat
[2009/04/21 01:25:05 | 00,004,459 | ---- | M] () -- I:\WINDOWS\uninstall.xml
[2009/04/20 12:56:28 | 00,031,232 | ---- | M] (NirSoft) -- I:\WINDOWS\NIRCMD.exe
[2009/04/19 11:49:42 | 02,116,608 | ---- | M] () -- I:\WINDOWS\System32\FNTCACHE.DAT
[2009/04/17 20:41:43 | 00,000,082 | ---- | M] () -- I:\WINDOWS\AW6.ini
< End of report >









Microsoft Windows XP Home Edition (5.1.2600) Service Pack 3

A:\ [Removable] (Total:0 Mo/Free:0 Mo)
C:\ [Fixed] - NTFS - (Total:319997 Mo/Free:1070 Mo)
D:\ [Fixed] - NTFS - (Total:49999 Mo/Free:759 Mo)
E:\ [Fixed] - NTFS - (Total:250003 Mo/Free:2315 Mo)
G:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
H:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
I:\ [Fixed] - NTFS - (Total:156939 Mo/Free:2219 Mo)
M:\ [Fixed] - NTFS - (Total:176934 Mo/Free:2169 Mo)
T:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
W:\ [Removable] (Total:0 Mo/Free:0 Mo)
X:\ [Removable] (Total:0 Mo/Free:0 Mo)
Y:\ [Removable] (Total:0 Mo/Free:0 Mo)
Z:\ [Removable] (Total:0 Mo/Free:0 Mo)

17/05/2009|18:30

----------------------\\ Processes..

--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\I:\WINDOWS\system32\csrss.exe
---------- \??\I:\WINDOWS\system32\winlogon.exe
---------- I:\WINDOWS\system32\services.exe
---------- I:\WINDOWS\system32\lsass.exe
---------- I:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe
---------- I:\WINDOWS\system32\svchost.exe
---------- I:\WINDOWS\system32\svchost.exe
---------- I:\WINDOWS\system32\svchost.exe
---------- I:\WINDOWS\system32\svchost.exe
---------- I:\WINDOWS\system32\svchost.exe
---------- I:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
---------- I:\WINDOWS\system32\spoolsv.exe
---------- I:\Program Files\Creative\Shared Files\CTAudSvc.exe
---------- I:\Program Files\RivaTuner v2.22\RivaTuner.exe
---------- I:\WINDOWS\system32\RUNDLL32.EXE
---------- I:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe
---------- I:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
---------- I:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
---------- I:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
---------- I:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
---------- I:\Program Files\Java\jre6\bin\jusched.exe
---------- I:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe
---------- I:\Program Files\RocketDock\RocketDock.exe
---------- I:\WINDOWS\system32\ctfmon.exe
---------- C:\program files\steam\steam.exe
---------- I:\WINDOWS\SYSTEM32\CTXFISPI.EXE
---------- I:\Program Files\Stardock\CursorFX\CursorFX.exe
---------- I:\Program Files\Logitech\SetPoint\SetPoint.exe
---------- I:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe
---------- I:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
---------- I:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
---------- I:\Program Files\Bonjour\mDNSResponder.exe
---------- I:\WINDOWS\system32\CTsvcCDA.exe
---------- I:\Program Files\Java\jre6\bin\jqs.exe
---------- I:\Program Files\Mediafour\MacDrive 7\MacDriveService.exe
---------- I:\WINDOWS\system32\nvsvc32.exe
---------- I:\WINDOWS\system32\oodag.exe
---------- I:\WINDOWS\system32\PnkBstrA.exe
---------- I:\WINDOWS\system32\tcpsvcs.exe
---------- I:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
---------- I:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
---------- I:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
---------- I:\Program Files\Mozilla Firefox\firefox.exe
---------- I:\WINDOWS\system32\wbem\unsecapp.exe
---------- I:\WINDOWS\System32\alg.exe
---------- I:\WINDOWS\System32\svchost.exe
---------- I:\Program Files\Webroot\WebrootSecurity\SSU.EXE
---------- I:\WINDOWS\explorer.exe
---------- I:\WINDOWS\system32\cmd.exe
---------- I:\Rooter$\RK.exe

----------------------\\ Search..

----------------------\\ ROOTKIT !!


----------------------\\ Cracks & Keygens..

I:\DOCUME~1\DAVIDT~1\Application Data\uTorrent\Neverwinter Nights 2 - Update 1.22.1587 CRACK.rar.torrent
I:\DOCUME~1\DAVIDT~1\My Documents\Downloads\Neverwinter Nights 2 - Update 1.22.1587 CRACK.rar
I:\DOCUME~1\DAVIDT~1\My Documents\Downloads\Nintendo.Roms.MegaPack-NiTRO\NiNTENDO.GAMEBOY.AND.GAMEBOY.COLOR.ROMS-NiTRO\ROMS\Warioland_2_USA_Crack_GBC-CPL.zip
I:\DOCUME~1\DAVIDT~1\My Documents\Downloads\Nintendo.Roms.MegaPack-NiTRO\NiNTENDO.GAMEBOY.AND.GAMEBOY.COLOR.ROMS-NiTRO\ROMS\WWF_Attitude_Crack_GBC-CPL.zip
I:\DOCUME~1\DAVIDT~1\My Documents\Downloads\Nintendo.Roms.MegaPack-NiTRO\NiNTENDO.NES.ROMS-NiTRO\ROMS\Crackout (USA) (Beta).zip
I:\DOCUME~1\DAVIDT~1\My Documents\Downloads\[Portable] LAN Games Repository 3.0.0 [Final]\includes\EA Games Keygen v190.exe


1 - "I:\Rooter$\Rooter_1.txt" - 17/05/2009|18:30

----------------------\\ Scan completed at 18:30








Malwarebytes' Anti-Malware 1.36
Database version: 2146
Windows 5.1.2600 Service Pack 3

17/05/2009 6:32:42 PM
mbam-log-2009-05-17 (18-32-42).txt

Scan type: Quick Scan
Objects scanned: 82178
Time elapsed: 1 minute(s), 16 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
  • 0

Advertisements

#2
Essexboy
Posted 23 May 2009 - 08:58 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there and sorry for the delay - could you update me on your current problems

To ensure that I get all the information this log will need to be attached (instructions at the end) if it is to large to attach then upload to Mediafire and post the sharing link.

Download OTS to your Desktop
  • Close ALL OTHER PROGRAMS.
  • Double-click on OTS.exe to start the program.
  • Check the box that says Scan All Users
  • Under Additional Scans check the following:
    • File - Lop Check
    • File - Purity Scan
    • Evnt - EvtViewer (last 10)
  • Now click the Run Scan button on the toolbar.
  • Let it run unhindered until it finishes.
  • When the scan is complete Notepad will open with the report file loaded in it.
  • Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
Please attach the log in your next post.

To attach a file, do the following:
  • Click Add Reply
  • Under the reply panel is the Attachments Panel
  • Browse for the attachment file you want to upload, then click the green Upload button
  • Once it has uploaded, click the Manage Current Attachments drop down box
  • Click on Posted Image to insert the attachment into your post

  • 0

#3
Hetion
Posted 23 May 2009 - 11:40 AM

Hetion

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
Thanks for the reply, here's the scan results.Attached File  OTS.Txt   247.21KB   421 downloads

Also, just an update on the problem. All the aforementioned problems remain, but I also have been having a tendency for a lot of blue screens of death, ocassional not, but usually when I try playing a video game (mainly Steam games, such as Team Fortress 2 or Left 4 Dead).

Edited by Hetion, 23 May 2009 - 11:44 AM.

  • 0

#4
Essexboy
Posted 23 May 2009 - 01:19 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there part of the problem is the number of cracks on your system, this makes it hard for me to determine which is good or bad. I will remove what I can see and then get a second opinion

Start OTS. Copy/Paste the information in the quotebox below into the pane where it says "Paste fix here" and then click the Run Fix button.

[Unregister Dlls]
[Registry - Safe List]
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
YN -> "UserFaultCheck" -> I:\WINDOWS\System32\dumprep.exe ["I:\WINDOWS\system32\dumprep.exe" 0 -u]
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List
YN -> "F:\Guilty Gear XX #Reload\ggxx (english).exe" -> F:\Guilty Gear XX #Reload\ggxx (english).exe [F:\Guilty Gear XX #Reload\ggxx (english).exe:*:Enabled:GUILTYGEAR XX #RELOAD]
YN -> "I:\DOCUME~1\DAVIDT~1\LOCALS~1\Temp\cm25.09.exe" -> I:\DOCUME~1\DAVIDT~1\LOCALS~1\Temp\cm25.09.exe [I:\DOCUME~1\DAVIDT~1\LOCALS~1\Temp\cm25.09.exe:*:Enabled:Windows Application Service]
YN -> "I:\DOCUME~1\DAVIDT~1\LOCALS~1\Temp\vcs23.09.exe" -> I:\DOCUME~1\DAVIDT~1\LOCALS~1\Temp\vcs23.09.exe [I:\DOCUME~1\DAVIDT~1\LOCALS~1\Temp\vcs23.09.exe:*:Enabled:Windows Application Service]
YN -> "I:\Documents and Settings\David Tan\desktop\desmume.exe" -> I:\Documents and Settings\David Tan\desktop\desmume.exe [I:\Documents and Settings\David Tan\desktop\desmume.exe:*:Enabled:desmume]
YN -> "I:\Documents and Settings\David Tan\desktop\Downloader_Diablo2_enUS.exe" -> I:\Documents and Settings\David Tan\desktop\Downloader_Diablo2_enUS.exe [I:\Documents and Settings\David Tan\desktop\Downloader_Diablo2_enUS.exe:*:Enabled:Blizzard Downloader]
[Custom Items]
:Files 
I:\DOCUME~1\DAVIDT~1\Application Data\uTorrent\Neverwinter Nights 2 - Update 1.22.1587 CRACK.rar.torrent
I:\DOCUME~1\DAVIDT~1\My Documents\Downloads\Neverwinter Nights 2 - Update 1.22.1587 CRACK.rar
I:\DOCUME~1\DAVIDT~1\My Documents\Downloads\Nintendo.Roms.MegaPack-NiTRO\NiNTENDO.GAMEBOY.AND.GAMEBOY.COLOR.ROMS-NiTRO\ROMS\Warioland_2_USA_Crack_GBC-CPL.zip
I:\DOCUME~1\DAVIDT~1\My Documents\Downloads\Nintendo.Roms.MegaPack-NiTRO\NiNTENDO.GAMEBOY.AND.GAMEBOY.COLOR.ROMS-NiTRO\ROMS\WWF_Attitude_Crack_GBC-CPL.zip
I:\DOCUME~1\DAVIDT~1\My Documents\Downloads\Nintendo.Roms.MegaPack-NiTRO\NiNTENDO.NES.ROMS-NiTRO\ROMS\Crackout (USA) (Beta).zip
I:\DOCUME~1\DAVIDT~1\My Documents\Downloads\[Portable] LAN Games Repository 3.0.0 [Final]\includes\EA Games Keygen v190.exe
:end
[Empty Temp Folders]

The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here.

THEN

Download Dr.Web CureIt to the desktop:
  • Doubleclick the drweb-cureit icon to start the program.
  • press start
  • Allow the program to run the initial express scan
  • This will scan the files currently running in memory. If something is found, click the YES button when it asks you if you want to cure it. This is only a short scan.
    Note: A pop up may appear during this phase suggesting you purchase their program - click the X at the top right corner of this pop-up to close it.
  • Once the short scan has finished, check the Complete scan box on the left side, even if nothing was found on the initial scan.
  • Then click the small green arrow button on the right under the Dr.Web Antivirus picture to start the complete scan. (This scan will take several hours)
  • During this complete scan - if Dr.Web finds an infection a window will pop up requesting your attention. Select the Cure button.
    • Note:(If the file cannot be cured, Dr.Web will automatically delete the file)
  • Once the scan is complete, on the menu bar, click file and choose report list.
  • Save the report to your desktop. The report will be called DrWeb.csv
  • Note:this report will need to be renamed to Dr.Web.txt in order to post it on the forum.
  • Close Dr.Web Cureit.
  • Please post the Dr.Web.txt report in your next reply

  • 0

#5
Hetion
Posted 24 May 2009 - 07:01 PM

Hetion

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
When I scanned with Dr. Web, it didn't detect anything and would not allow me to make a log. So for now, here's that OST post Attached File  05242009_150646.txt   34.9KB   275 downloads.
  • 0

#6
Essexboy
Posted 25 May 2009 - 03:51 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets go for a sweep for orphans - how is your computer running now, what problems are you experiencing ?


Posted Image Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.
  • 0

#7
Hetion
Posted 25 May 2009 - 05:22 PM

Hetion

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
I'm still having all the same problems as before. Explorer usually crashes on computer startup, audio drivers get disabled (although can be re-enabled in services.msc), and games tend to crash when I play, often in form of a blue screen of death. Also, blue screens of death happen more often even when not playing games.

The scan found nothing, but here's the log anyways Attached File  mbam_log_2009_05_25__16_20_09_.txt   834bytes   228 downloads
  • 0

#8
Essexboy
Posted 26 May 2009 - 11:19 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
We look to be seeing a hardware/software problem here

Lets check the veracity of your files

From the Start menu, select Run.
In the Open field, type sfc /scannow (Note: There is a space between sfc and /scannow)
Select the OK button.
Follow the prompts throughout the System File Checker process.
Reboot the computer when System File Checker completes.
  • 0

#9
Hetion
Posted 26 May 2009 - 09:39 PM

Hetion

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
Still having the problems.
  • 0

#10
Essexboy
Posted 27 May 2009 - 12:31 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK next question what is your video card ?
  • 0

Advertisements

#11
Hetion
Posted 27 May 2009 - 11:35 PM

Hetion

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
Two Nvidia GTX 260s with SLI. The drivers are a bit out of date, but I was playing games just fine until more recently with these drivers, and haven't installed any new games recently that would require them to be updated.
  • 0

#12
Essexboy
Posted 28 May 2009 - 11:37 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Lets check the veracity of your system files

From the Start menu, select Run.
In the Open field, type sfc /scannow (Note: There is a space between sfc and /scannow)
Select the OK button.
Follow the prompts throughout the System File Checker process.
Reboot the computer when System File Checker completes.
  • 0

#13
Hetion
Posted 28 May 2009 - 04:10 PM

Hetion

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
Uh, I'll do it again I guess, but didn't you just tell me to do that before?
  • 0

#14
Essexboy
Posted 29 May 2009 - 09:08 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Sorry old age creeping up on me I meant to do something else UserFaultCheck is a windows system file that is generated when you have a driver/memory error

Could you update your video drivers and initialy remove any customisations you have set (window blinds) and see if you still get the same problem. Windows Blinds changes the shell programme of you computer and if it becomes corrupted it may show the symptoms you are experiencing
  • 0

#15
Hetion
Posted 29 May 2009 - 11:17 PM

Hetion

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
No problem. So, I updated my drivers, and disabled Window Blinds, but it still so far has not solved the problem. I also went ahead and tried re-installing and updating my audio drivers, but that didn't work.

EDIT: Also, a quick note. The updated video card drivers started causing me a LOT of BSODs. So, I rolled back, to an earlier version (although it's later than the one I started off with). Since, I haven't had a BSOD, but I still have all the other problems.

Edited by Hetion, 30 May 2009 - 02:13 AM.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP