Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Vista suddenly slow today, freezing for a few seconds


  • Please log in to reply

#1
Rutares

Rutares

    New Member

  • Member
  • Pip
  • 1 posts
Usually I'm pretty good at figuring out how to deal with computer issues... but I'm completely stumped.

I just purchased this laptop last month. It's brand spanking new. It was running like a charm until this morning. All of a sudden the system starts to lag. Something seems to be eating my memory, but there's nothing in processes and I'm not running anything out of the norm (firefox, maybe some music, etc). Everything just freezes for several seconds for absolutely no reason. I can still move the mouse around, but the programs just go unresponsive. I can't even browse through my start bar, its ridiculous. It was a pain getting firefox to work long enough for me to register and get this thread started.

I've run virus scans and found three viruses, but those have been dealt with, and I haven't had any other positives since. I've run CCleaner, HijackThis (the processes all were apparently "friendly"), Ad-Aware (nothing but cookies), I've tried a system restore... nothing is helping. I've looked everywhere online, but nothing seems to be working. I'm hoping I don't have to somehow reformat...

Here are my system specs:
Hewlett-Packard
HP G60 Notebook PC
AMD Athlon Dual-Core QL-64 (2 CPUs), ~2.1GHz
3.00 GB RAM
Windows Vista Home Premium (6.0, build 6001)
32-bit Operating SystemHP
NVIDIA GeForce 8200M G (1394MB RAM)
Conexant High Definition SmartAudio

RootRepeal report:

ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/10/15 02:39
Program Version: Version 1.3.5.0
Windows Version: Windows Vista SP1
==================================================

Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\Windows\System32\Drivers\dump_atapi.sys
Address: 0x8F1E7000 Size: 32768 File Visible: No Signed: -
Status: -

Name: dump_dumpata.sys
Image Path: C:\Windows\System32\Drivers\dump_dumpata.sys
Address: 0x8F1DC000 Size: 45056 File Visible: No Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\Windows\system32\drivers\rootrepeal.sys
Address: 0x8A3F3000 Size: 49152 File Visible: No Signed: -
Status: -

Processes
-------------------
Path: System
PID: 4 Status: Locked to the Windows API!

Path: C:\Windows\System32\audiodg.exe
PID: 1132 Status: Locked to the Windows API!

SSDT
-------------------
#: 078 Function Name: NtCreateThread
Status: Hooked by "<unknown>" at address 0x9aa228c4

#: 194 Function Name: NtOpenProcess
Status: Hooked by "<unknown>" at address 0x9aa228b0

#: 201 Function Name: NtOpenThread
Status: Hooked by "<unknown>" at address 0x9aa228b5

#: 334 Function Name: NtTerminateProcess
Status: Hooked by "<unknown>" at address 0x9aa228bf

==EOF==


OTL Log:

OTL.txt:

OTL logfile created on: 10/15/2009 3:28:53 AM - Run 1
OTL by OldTimer - Version 3.0.21.0 Folder = C:\Users\Rutares\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18813)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.57 Gb Available Physical Memory | 78.61% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287.16 Gb Total Space | 120.82 Gb Free Space | 42.07% Space Free | Partition Type: NTFS
Drive D: | 10.92 Gb Total Space | 1.82 Gb Free Space | 16.68% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: 966LAB0
Current User Name: Rutares
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2009/10/15 02:31:29 | 00,521,216 | ---- | M] (OldTimer Tools) -- C:\Users\Rutares\Desktop\OTL.exe
PRC - [2009/09/21 17:51:15 | 00,520,024 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2009/09/21 17:51:14 | 01,028,432 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2009/09/15 22:28:52 | 00,204,848 | ---- | M] () -- C:\Program Files\Hotspot Shield\bin\openvpnas.exe
PRC - [2009/09/15 22:04:58 | 00,331,824 | ---- | M] (AnchorFree Inc.) -- C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
PRC - [2009/09/10 16:19:36 | 00,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/09/02 21:27:36 | 25,623,336 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe
PRC - [2009/09/02 21:27:36 | 00,077,360 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe
PRC - [2009/08/28 19:42:54 | 00,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/07/21 14:34:33 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/05/13 16:48:22 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/04/20 19:24:22 | 02,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Explorer.EXE
PRC - [2009/03/03 04:16:04 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmiprvse.exe
PRC - [2009/03/02 13:08:47 | 00,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/11/09 22:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/10/09 16:56:48 | 00,094,208 | ---- | M] (Hewlett-Packard) -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
PRC - [2008/10/06 18:54:52 | 00,365,952 | ---- | M] () -- C:\Program Files\SMINST\BLService.exe
PRC - [2008/09/24 02:21:52 | 00,468,264 | ---- | M] (CyberLink Corp.) -- C:\Program Files\HP\QuickPlay\QPService.exe
PRC - [2008/09/15 16:13:38 | 00,241,734 | ---- | M] () -- C:\Program Files\CyberLink\Shared files\RichVideo.exe
PRC - [2008/08/02 01:14:02 | 00,202,032 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
PRC - [2008/07/11 20:31:00 | 00,196,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
PRC - [2008/06/09 19:21:58 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2008/05/02 01:25:56 | 00,165,192 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
PRC - [2008/04/17 20:05:20 | 00,103,720 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
PRC - [2008/04/17 20:05:10 | 01,049,896 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2008/04/15 23:51:00 | 00,488,752 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
PRC - [2008/04/11 18:04:54 | 00,685,360 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
PRC - [2008/04/03 20:33:26 | 00,193,840 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
PRC - [2008/01/21 04:25:33 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2008/01/21 04:25:33 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2008/01/21 04:25:32 | 00,198,656 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
PRC - [2008/01/21 04:25:11 | 00,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehtray.exe
PRC - [2008/01/21 04:25:11 | 00,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehmsas.exe
PRC - [2008/01/21 04:24:39 | 00,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Taskmgr.exe
PRC - [2008/01/21 04:23:52 | 00,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2008/01/21 04:23:52 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2008/01/21 04:23:32 | 01,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/10/18 01:37:04 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\xaudio.exe
PRC - [2007/09/26 16:34:40 | 00,316,720 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
PRC - [2007/05/09 01:24:20 | 00,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PRC - [2007/05/04 10:00:12 | 05,701,632 | ---- | M] () -- C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
PRC - [2007/03/20 17:43:50 | 00,315,392 | ---- | M] () -- C:\Windows\System32\ATWTUSB.EXE
PRC - [2007/01/04 23:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe

========== Win32 Services (SafeList) ==========

SRV - [2009/10/14 21:26:43 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
SRV - [2009/10/13 14:23:55 | 00,316,664 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service [On_Demand | Stopped])
SRV - [2009/09/21 17:51:14 | 01,028,432 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service [Auto | Running])
SRV - [2009/09/21 16:36:02 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Stopped])
SRV - [2009/09/15 22:29:04 | 00,057,640 | ---- | M] () -- C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE -- (HssTrayService [On_Demand | Stopped])
SRV - [2009/09/15 22:28:52 | 00,204,848 | ---- | M] () -- C:\Program Files\Hotspot Shield\bin\openvpnas.exe -- (HotspotShieldService [Auto | Running])
SRV - [2009/09/15 22:04:58 | 00,331,824 | ---- | M] (AnchorFree Inc.) -- C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv [Auto | Running])
SRV - [2009/09/13 16:32:31 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [On_Demand | Stopped])
SRV - [2009/09/06 02:36:58 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2009/08/28 19:42:54 | 00,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2009/07/21 14:34:33 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService [Auto | Running])
SRV - [2009/05/13 16:48:22 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService [Auto | Running])
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2008/11/09 22:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService [Auto | Running])
SRV - [2008/10/09 16:56:48 | 00,094,208 | ---- | M] (Hewlett-Packard) -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe -- (HP Health Check Service [Auto | Running])
SRV - [2008/10/06 18:54:52 | 00,365,952 | ---- | M] () -- C:\Program Files\SMINST\BLService.exe -- (Recovery Service for Windows [Auto | Running])
SRV - [2008/09/15 16:13:38 | 00,241,734 | ---- | M] () -- C:\Program Files\CyberLink\Shared files\RichVideo.exe -- (RichVideo [Auto | Running])
SRV - [2008/07/27 20:03:13 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/07/27 20:03:11 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008/07/11 20:31:00 | 00,196,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe -- (nvsvc [Auto | Running])
SRV - [2008/06/20 03:14:44 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2008/06/20 03:14:31 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008/06/20 03:14:31 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2008/06/09 19:21:58 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
SRV - [2008/05/06 00:25:46 | 00,165,416 | ---- | M] (WildTangent, Inc.) -- C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe -- (GameConsoleService [On_Demand | Stopped])
SRV - [2008/05/02 01:25:56 | 00,165,192 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe -- (hpqwmiex [On_Demand | Running])
SRV - [2008/04/03 20:33:26 | 00,193,840 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe -- (Com4QLBEx [On_Demand | Running])
SRV - [2008/01/21 04:25:33 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Running])
SRV - [2008/01/21 04:25:09 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])
SRV - [2008/01/21 04:23:49 | 01,013,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtsvc.dll -- (Eventlog [Auto | Running])
SRV - [2008/01/21 04:23:32 | 00,272,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Running])
SRV - [2007/10/18 01:37:04 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\xaudio.exe -- (XAudioService [Auto | Running])
SRV - [2007/05/04 10:00:12 | 05,701,632 | ---- | M] () -- C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe -- (MySQL [Auto | Running])
SRV - [2007/01/04 23:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service [Auto | Running])
SRV - [2006/11/02 14:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
SRV - [2006/11/02 14:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped])
SRV - [2004/10/22 12:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...ion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Winamp Search"
FF - prefs.js..browser.search.defaulturl: "http://slirsredirect...nampie7&query="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://rutares.deviantart.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:1.9.3
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.0.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.11.2
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.5.4.20081105
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3
FF - prefs.js..keyword.URL: "http://slirsredirect...inampab&query="


FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/09 09:00:57 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/10/14 21:51:52 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/10/15 03:21:52 | 00,000,000 | ---D | M]

[2009/09/06 02:48:15 | 00,000,000 | ---D | M] -- C:\Users\Rutares\AppData\Roaming\mozilla\Extensions
[2009/09/06 02:48:15 | 00,000,000 | ---D | M] -- C:\Users\Rutares\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/10/15 03:24:08 | 00,000,000 | ---D | M] -- C:\Users\Rutares\AppData\Roaming\mozilla\Firefox\Profiles\i3vkwrl4.default\extensions
[2009/09/08 06:28:23 | 00,000,000 | ---D | M] -- C:\Users\Rutares\AppData\Roaming\mozilla\Firefox\Profiles\i3vkwrl4.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2009/09/28 21:06:24 | 00,000,000 | ---D | M] -- C:\Users\Rutares\AppData\Roaming\mozilla\Firefox\Profiles\i3vkwrl4.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2009/09/09 18:01:27 | 00,000,000 | ---D | M] -- C:\Users\Rutares\AppData\Roaming\mozilla\Firefox\Profiles\i3vkwrl4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/10/14 21:42:31 | 00,000,000 | ---D | M] -- C:\Users\Rutares\AppData\Roaming\mozilla\Firefox\Profiles\i3vkwrl4.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/10/10 21:16:43 | 00,000,000 | ---D | M] -- C:\Users\Rutares\AppData\Roaming\mozilla\Firefox\Profiles\i3vkwrl4.default\extensions\[email protected](234).net
[2009/10/14 18:03:25 | 00,000,000 | ---D | M] -- C:\Users\Rutares\AppData\Roaming\mozilla\Firefox\Profiles\i3vkwrl4.default\extensions\[email protected]
[2009/09/08 06:28:29 | 00,001,201 | ---- | M] () -- C:\Users\Rutares\AppData\Roaming\Mozilla\FireFox\Profiles\i3vkwrl4.default\searchplugins\winamp-search.xml
[2009/10/15 00:38:51 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/09/10 16:19:40 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/09/06 03:20:28 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2009/09/10 16:19:36 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/09/10 16:19:36 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2008/07/08 23:07:06 | 00,040,960 | ---- | M] (BYOND) -- C:\Program Files\mozilla firefox\plugins\npbyond.dll
[2009/09/06 03:20:13 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2009/09/10 16:19:37 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2009/10/06 20:38:59 | 00,238,776 | ---- | M] (Pando Networks) -- C:\Program Files\mozilla firefox\plugins\npPandoWebInst.dll
[2009/09/21 14:44:02 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2009/09/21 14:44:02 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2009/09/21 14:44:02 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2009/09/21 14:44:02 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2009/09/21 14:44:02 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2009/09/21 14:44:02 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2009/09/21 14:44:02 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2007/04/16 19:07:12 | 00,180,293 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npViewpoint.dll
[2009/07/30 09:24:20 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/07/30 09:24:20 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/07/30 09:24:20 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/07/30 09:24:20 | 00,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/07/30 09:24:20 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/07/30 09:24:20 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/07/30 09:24:20 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\hssie\HssIE.dll (AnchorFree Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: [atwtusb] C:\Windows\System32\atwtusb.exe ()
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe ( Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [QPService] C:\Program Files\HP\QuickPlay\QPService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (Microsoft Corporation)
O4 - HKCU..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - Startup: C:\Users\Rutares\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE File not found
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\napinsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

NetSvcs: FastUserSwitchingCompatibility - Service key not found. File not found
NetSvcs: Ias - Service key not found. File not found
NetSvcs: Irmon - Service key not found. File not found
NetSvcs: Nla - Service key not found. File not found
NetSvcs: Ntmssvc - Service key not found. File not found
NetSvcs: NWCWorkstation - Service key not found. File not found
NetSvcs: Nwsapagent - Service key not found. File not found
NetSvcs: SRService - Service key not found. File not found
NetSvcs: Wmi - Service key not found. File not found
NetSvcs: WmdmPmSp - Service key not found. File not found
NetSvcs: LogonHours - Service key not found. File not found
NetSvcs: PCAudit - Service key not found. File not found
NetSvcs: helpsvc - Service key not found. File not found
NetSvcs: uploadmgr - Service key not found. File not found

========== Files/Folders - Created Within 14 Days ==========

[2009/10/14 16:43:37 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/10/06 20:39:11 | 00,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2009/10/14 07:07:42 | 00,000,000 | ---D | C] -- C:\Users\Rutares\AppData\Roaming\DNA
[2009/10/14 16:44:39 | 00,000,000 | ---D | C] -- C:\Users\Rutares\AppData\Roaming\Malwarebytes
[2009/10/04 21:32:17 | 00,000,000 | ---D | C] -- C:\Users\Rutares\AppData\Roaming\SQLyog
[2009/10/06 22:41:20 | 00,000,000 | ---D | C] -- C:\Users\Rutares\AppData\Roaming\Turbine
[2009/10/14 09:34:41 | 00,000,000 | ---D | C] -- C:\Users\Rutares\AppData\Local\AIM
[2009/10/06 22:35:39 | 00,000,000 | ---D | C] -- C:\Users\Rutares\AppData\Local\ApplicationHistory
[2009/10/09 17:16:14 | 00,000,000 | ---D | C] -- C:\Users\Rutares\AppData\Local\AVNEX_Ltd._(CY)
[2009/10/14 07:07:44 | 00,000,000 | ---D | C] -- C:\Users\Rutares\AppData\Local\DNA
[2009/10/04 16:19:49 | 00,000,000 | ---D | C] -- C:\Users\Rutares\AppData\Local\Logitech
[2009/10/06 20:39:14 | 00,000,000 | ---D | C] -- C:\Users\Rutares\AppData\Local\PMB Files
[2009/10/06 22:41:11 | 00,000,000 | ---D | C] -- C:\Users\Rutares\AppData\Local\Turbine
[2009/10/04 16:13:40 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Logitech
[2009/10/14 21:26:43 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2009/10/14 21:38:49 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/10/10 02:40:35 | 00,000,000 | ---D | C] -- C:\Program Files\directx
[2009/10/14 19:22:03 | 00,000,000 | ---D | C] -- C:\Program Files\DNA
[2009/10/01 14:46:32 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2009/10/01 14:46:29 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2009/10/01 05:13:08 | 00,000,000 | ---D | C] -- C:\Program Files\Kaiba Corp VDS
[2009/10/10 02:41:15 | 00,000,000 | ---D | C] -- C:\Program Files\Konami
[2009/10/04 16:13:39 | 00,000,000 | ---D | C] -- C:\Program Files\Logitech
[2009/10/14 16:43:12 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/10/04 21:22:35 | 00,000,000 | ---D | C] -- C:\Program Files\MySQL
[2009/10/06 20:38:50 | 00,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2009/10/09 23:15:14 | 00,000,000 | ---D | C] -- C:\Program Files\SprayR
[2009/10/04 21:31:17 | 00,000,000 | ---D | C] -- C:\Program Files\SQLyog Community
[2009/10/14 21:31:57 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/10/06 22:18:05 | 00,000,000 | ---D | C] -- C:\Program Files\Turbine
[2009/10/15 02:31:20 | 00,521,216 | ---- | C] (OldTimer Tools) -- C:\Users\Rutares\Desktop\OTL.exe
[2009/10/15 02:31:03 | 00,271,872 | ---- | C] (OldTimer Tools) -- C:\Users\Rutares\Desktop\TFC.exe
[2009/10/15 02:29:40 | 00,472,064 | ---- | C] ( ) -- C:\Users\Rutares\Desktop\RootRepeal.exe
[2009/10/14 21:38:20 | 03,309,072 | ---- | C] (Piriform Ltd) -- C:\Users\Rutares\Desktop\ccsetup224.exe
[2009/10/14 21:18:11 | 00,000,000 | ---D | C] -- C:\Windows\pss
[2009/10/14 21:11:03 | 00,000,000 | ---D | C] -- C:\Windows\Minidump
[2009/10/14 18:32:39 | 00,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2009/10/14 16:59:13 | 00,000,000 | ---D | C] -- C:\SDFix
[2009/10/14 09:15:00 | 00,000,000 | ---D | C] -- C:\AeriaGames
[2009/10/07 20:27:49 | 00,000,000 | ---D | C] -- C:\GAMIGO
[2009/10/07 17:07:29 | 00,000,000 | ---D | C] -- C:\Games
[2009/10/07 04:04:47 | 00,000,000 | ---D | C] -- C:\Users\Rutares\Desktop\Games
[2009/10/06 22:42:38 | 00,000,000 | ---D | C] -- C:\Users\Rutares\Documents\Dungeons and Dragons Online
[2009/10/06 22:33:23 | 00,000,000 | ---D | C] -- C:\Windows\System32\URTTEMP

========== Files - Modified Within 14 Days ==========

[2009/10/15 03:29:02 | 00,704,434 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/10/15 03:29:02 | 00,604,452 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/10/15 03:29:02 | 00,105,376 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/10/15 03:26:10 | 00,028,029 | ---- | M] () -- C:\ProgramData\nvModes.001
[2009/10/15 03:23:30 | 00,000,246 | ---- | M] () -- C:\ProgramData\hpqp.ini
[2009/10/15 03:21:16 | 00,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/10/15 03:21:16 | 00,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/10/15 03:21:13 | 00,318,992 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/10/15 03:21:11 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/10/15 03:21:03 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/10/15 03:19:21 | 00,000,259 | ---- | M] () -- C:\Windows\win.ini
[2009/10/15 03:18:42 | 02,085,083 | -H-- | M] () -- C:\Users\Rutares\AppData\Local\IconCache.db
[2009/10/15 02:39:12 | 00,000,015 | ---- | M] () -- C:\Users\Rutares\Desktop\settings.dat
[2009/10/15 02:31:29 | 00,521,216 | ---- | M] (OldTimer Tools) -- C:\Users\Rutares\Desktop\OTL.exe
[2009/10/15 02:31:29 | 00,271,872 | ---- | M] (OldTimer Tools) -- C:\Users\Rutares\Desktop\TFC.exe
[2009/10/15 02:30:16 | 00,472,064 | ---- | M] ( ) -- C:\Users\Rutares\Desktop\RootRepeal.exe
[2009/10/15 02:14:34 | 51,221,504 | ---- | M] () -- C:\Users\Rutares\Documents\smooooch.fla
[2009/10/14 21:47:52 | 00,079,424 | ---- | M] () -- C:\Users\Rutares\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/10/14 21:43:19 | 00,083,958 | ---- | M] () -- C:\Users\Rutares\Documents\cc_20091014_214257.reg
[2009/10/14 21:38:51 | 00,001,670 | ---- | M] () -- C:\Users\Rutares\Desktop\CCleaner.lnk
[2009/10/14 21:38:37 | 03,309,072 | ---- | M] (Piriform Ltd) -- C:\Users\Rutares\Desktop\ccsetup224.exe
[2009/10/14 21:31:57 | 00,001,874 | ---- | M] () -- C:\Users\Rutares\Desktop\HijackThis.lnk
[2009/10/14 21:23:52 | 00,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2009/10/14 21:20:48 | 00,000,000 | ---- | M] () -- C:\Windows\System32\cd.dat
[2009/10/14 21:12:15 | 00,028,029 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2009/10/14 21:08:29 | 00,098,816 | ---- | M] () -- C:\Users\Rutares\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/14 20:08:46 | 00,000,227 | ---- | M] () -- C:\Users\Rutares\Desktop\Sound - Shortcut.lnk
[2009/10/14 20:06:37 | 00,001,571 | ---- | M] () -- C:\Users\Rutares\Desktop\Shin Megami Tensei Imagine Online.lnk
[2009/10/14 19:36:03 | 14,824,68412 | ---- | M] () -- C:\Users\Rutares\Documents\MegaTenSetup_2009_09_15.exe
[2009/10/14 17:51:57 | 00,000,472 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2009/10/14 12:39:40 | 00,000,680 | ---- | M] () -- C:\Users\Rutares\AppData\Local\d3d9caps.dat
[2009/10/13 06:18:20 | 00,045,056 | ---- | M] (DXGames) -- C:\Windows\System32\VBMP.ocx
[2009/10/13 06:18:19 | 00,064,000 | ---- | M] () -- C:\Windows\System32\richtx32.oca
[2009/10/13 06:18:19 | 00,003,008 | ---- | M] () -- C:\Windows\System32\RICHTX32.DEP
[2009/10/13 06:18:14 | 00,221,184 | ---- | M] () -- C:\Windows\System32\COMSocketServer.dll
[2009/10/13 06:18:13 | 00,430,080 | ---- | M] (Nathan Lewis <[email protected]>) -- C:\Windows\System32\cmcs21.ocx
[2009/10/13 06:18:13 | 00,331,776 | ---- | M] (CIPL) -- C:\Windows\System32\ciplListBar.ocx
[2009/10/13 06:18:13 | 00,155,648 | ---- | M] (CIPL) -- C:\Windows\System32\ciplImageList.ocx
[2009/10/13 06:18:13 | 00,102,400 | ---- | M] (ECX Programming / CCRP) -- C:\Windows\System32\ccrpprg6.ocx
[2009/10/13 06:18:13 | 00,055,808 | ---- | M] () -- C:\Windows\System32\zlib1.dll
[2009/10/13 06:18:13 | 00,053,248 | ---- | M] () -- C:\Windows\System32\zlib.dll
[2009/10/13 06:18:13 | 00,036,864 | ---- | M] (CIPL) -- C:\Windows\System32\ascbalon.dll
[2009/10/09 23:15:45 | 00,000,107 | ---- | M] () -- C:\LOLDONTHAXFAG.vmt
[2009/10/09 23:15:44 | 00,087,600 | ---- | M] () -- C:\LOLDONTHAXFAG.vtf
[2009/10/09 23:15:15 | 00,000,776 | ---- | M] () -- C:\Users\Rutares\Desktop\SprayR.lnk
[2009/10/09 22:34:41 | 00,000,738 | ---- | M] () -- C:\Users\Rutares\Desktop\VTFEdit.lnk
[2009/10/06 22:41:15 | 00,000,095 | ---- | M] () -- C:\Users\Rutares\AppData\Local\fusioncache.dat
[2009/10/04 21:29:33 | 00,000,190 | ---- | M] () -- C:\Windows\ODBCINST.INI
[2009/10/04 21:17:02 | 00,032,768 | ---- | M] () -- C:\Windows\System32\MD5.dll

========== Files - No Company Name ==========
[2009/10/15 02:35:34 | 00,000,015 | ---- | C] () -- C:\Users\Rutares\Desktop\settings.dat
[2009/10/14 23:44:56 | 51,221,504 | ---- | C] () -- C:\Users\Rutares\Documents\smooooch.fla
[2009/10/14 21:43:01 | 00,083,958 | ---- | C] () -- C:\Users\Rutares\Documents\cc_20091014_214257.reg
[2009/10/14 21:39:33 | 02,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
[2009/10/14 21:38:51 | 00,001,670 | ---- | C] () -- C:\Users\Rutares\Desktop\CCleaner.lnk
[2009/10/14 21:31:57 | 00,001,874 | ---- | C] () -- C:\Users\Rutares\Desktop\HijackThis.lnk
[2009/10/14 21:23:52 | 00,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/10/14 21:20:48 | 00,000,000 | ---- | C] () -- C:\Windows\System32\cd.dat
[2009/10/14 21:18:36 | 02,085,083 | -H-- | C] () -- C:\Users\Rutares\AppData\Local\IconCache.db
[2009/10/14 20:08:46 | 00,000,227 | ---- | C] () -- C:\Users\Rutares\Desktop\Sound - Shortcut.lnk
[2009/10/14 20:06:37 | 00,001,571 | ---- | C] () -- C:\Users\Rutares\Desktop\Shin Megami Tensei Imagine Online.lnk
[2009/10/14 19:22:07 | 14,824,68412 | ---- | C] () -- C:\Users\Rutares\Documents\MegaTenSetup_2009_09_15.exe
[2009/10/14 18:15:32 | 00,015,688 | ---- | C] () -- C:\Windows\System32\lsdelete.exe
[2009/10/09 23:15:45 | 00,000,107 | ---- | C] () -- C:\LOLDONTHAXFAG.vmt
[2009/10/09 23:15:44 | 00,087,600 | ---- | C] () -- C:\LOLDONTHAXFAG.vtf
[2009/10/09 23:15:15 | 00,000,776 | ---- | C] () -- C:\Users\Rutares\Desktop\SprayR.lnk
[2009/10/09 22:34:41 | 00,000,738 | ---- | C] () -- C:\Users\Rutares\Desktop\VTFEdit.lnk
[2009/10/06 22:41:15 | 00,000,095 | ---- | C] () -- C:\Users\Rutares\AppData\Local\fusioncache.dat
[2009/10/04 21:48:32 | 00,032,768 | ---- | C] () -- C:\Windows\System32\MD5.dll
[2009/09/27 04:03:03 | 00,221,184 | ---- | C] () -- C:\Windows\System32\COMSocketServer.dll
[2009/09/27 04:03:01 | 00,055,808 | ---- | C] () -- C:\Windows\System32\zlib1.dll
[2009/09/27 04:03:01 | 00,053,248 | ---- | C] () -- C:\Windows\System32\zlib.dll
[2009/09/13 22:05:34 | 00,151,552 | ---- | C] () -- C:\Windows\System32\nvRegDev.dll
[2009/09/08 00:21:06 | 00,098,816 | ---- | C] () -- C:\Users\Rutares\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/07 03:07:26 | 00,000,680 | ---- | C] () -- C:\Users\Rutares\AppData\Local\d3d9caps.dat
[2009/09/07 02:59:03 | 00,000,021 | ---- | C] () -- C:\ProgramData\hpqp.txt
[2009/09/06 06:45:20 | 00,005,511 | ---- | C] () -- C:\Windows\aiptbl.ini
[2009/09/06 04:43:45 | 00,028,029 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/09/06 04:42:39 | 00,028,029 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/09/06 02:30:05 | 00,000,000 | ---- | C] () -- C:\Users\Rutares\AppData\Local\QSwitch.txt
[2009/09/06 02:30:05 | 00,000,000 | ---- | C] () -- C:\Users\Rutares\AppData\Local\DSwitch.txt
[2009/09/06 02:30:05 | 00,000,000 | ---- | C] () -- C:\Users\Rutares\AppData\Local\AtStart.txt
[2009/09/06 02:27:12 | 00,079,424 | ---- | C] () -- C:\Users\Rutares\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/06/08 15:42:29 | 00,000,105 | ---- | C] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
[2009/06/08 15:42:19 | 00,000,032 | ---- | C] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
[2009/06/08 15:41:51 | 00,000,032 | ---- | C] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
[2009/06/08 15:41:16 | 00,000,032 | ---- | C] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
[2009/06/08 15:39:17 | 00,000,032 | ---- | C] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
[2009/06/08 15:38:42 | 00,000,246 | ---- | C] () -- C:\ProgramData\hpqp.ini
[2009/04/20 20:18:48 | 00,000,109 | ---- | C] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
[2009/04/20 20:12:55 | 00,000,110 | ---- | C] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
[2009/04/20 20:10:59 | 00,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2009/04/20 20:09:38 | 00,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[2006/11/02 14:50:50 | 00,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini
[2006/11/02 14:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 12:23:31 | 00,000,259 | ---- | C] () -- C:\Windows\win.ini
[2006/11/02 12:23:31 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 09:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/03/09 11:58:00 | 01,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll

========== LOP Check ==========

[2009/10/14 16:44:39 | 00,000,000 | ---D | M] -- C:\Users\Rutares\AppData\Roaming
[2009/09/09 18:13:48 | 00,000,000 | ---D | M] -- C:\Users\Rutares\AppData\Roaming\acccore
[2009/09/07 02:59:13 | 00,000,000 | ---D | M] -- C:\Users\Rutares\AppData\Roaming\CyberLink
[2009/10/14 21:18:26 | 00,000,000 | ---D | M] -- C:\Users\Rutares\AppData\Roaming\DNA
[2009/09/24 01:11:05 | 00,000,000 | ---D | M] -- C:\Users\Rutares\AppData\Roaming\dvdcss
[2009/09/19 18:37:38 | 00,000,000 | ---D | M] -- C:\Users\Rutares\AppData\Roaming\FMZilla
[2009/10/14 17:43:04 | 00,000,000 | ---D | M] -- C:\Users\Rutares\AppData\Roaming\Hamachi
[2006/11/02 14:37:34 | 00,000,000 | ---D | M] -- C:\Users\Rutares\AppData\Roaming\Media Center Programs
[2009/09/24 00:51:50 | 00,000,000 | ---D | M] -- C:\Users\Rutares\AppData\Roaming\mIRC
[2009/09/16 01:02:29 | 00,000,000 | ---D | M] -- C:\Users\Rutares\AppData\Roaming\NetMedia Providers
[2009/09/14 20:56:34 | 00,000,000 | ---D | M] -- C:\Users\Rutares\AppData\Roaming\Notepad++
[2009/09/08 04:40:18 | 00,000,000 | ---D | M] -- C:\Users\Rutares\AppData\Roaming\OpenOffice.org
[2009/09/16 01:02:29 | 00,000,000 | ---D | M] -- C:\Users\Rutares\AppData\Roaming\Publish Providers
[2009/09/06 02:29:59 | 00,000,000 | ---D | M] -- C:\Users\Rutares\AppData\Roaming\Snapfish
[2009/09/16 01:03:04 | 00,000,000 | ---D | M] -- C:\Users\Rutares\AppData\Roaming\Sony
[2009/10/04 21:32:17 | 00,000,000 | ---D | M] -- C:\Users\Rutares\AppData\Roaming\SQLyog
[2009/09/23 00:53:27 | 00,000,000 | ---D | M] -- C:\Users\Rutares\AppData\Roaming\Subversion
[2009/09/09 06:20:40 | 00,000,000 | ---D | M] -- C:\Users\Rutares\AppData\Roaming\SYSTEMAX Software Development
[2009/09/06 02:53:30 | 00,000,000 | ---D | M] -- C:\Users\Rutares\AppData\Roaming\SystemRequirementsLab
[2009/09/30 16:32:48 | 00,000,000 | ---D | M] -- C:\Users\Rutares\AppData\Roaming\teamspeak2
[2009/10/06 22:41:20 | 00,000,000 | ---D | M] -- C:\Users\Rutares\AppData\Roaming\Turbine
[2009/09/09 22:54:46 | 00,000,000 | ---D | M] -- C:\Users\Rutares\AppData\Roaming\Unity
[2009/10/14 20:14:37 | 00,000,000 | ---D | M] -- C:\Users\Rutares\AppData\Roaming\uTorrent
[2009/10/14 17:51:57 | 00,000,472 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2009/10/15 03:21:11 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2009/10/15 03:19:42 | 00,014,684 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >

< %systemroot%\system32\eventlog.dll >

< %systemroot%\system32\scecli.dll >
[2008/01/21 04:24:50 | 00,177,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\scecli.dll

< %systemroot%\netlogon.dll >

< %systemroot%\system32\cngaudit.dll >
[2006/11/02 11:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cngaudit.dll

< %systemroot%\system32\sceclt.dll >

< %systemroot%\ntelogon.dll >

< %systemroot%\system32\logevent.dll >

========== Alternate Data Streams ==========

@Alternate Data Stream - 64 bytes -> C:\Users\Rutares\Documents\isosry.mp3:TOC.WMV
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:05EE1EEF
< End of report >


Extras.txt:
OTL Extras logfile created on: 10/15/2009 3:28:53 AM - Run 1
OTL by OldTimer - Version 3.0.21.0 Folder = C:\Users\Rutares\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18813)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.57 Gb Available Physical Memory | 78.61% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287.16 Gb Total Space | 120.82 Gb Free Space | 42.07% Space Free | Partition Type: NTFS
Drive D: | 10.92 Gb Total Space | 1.82 Gb Free Space | 16.68% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: 966LAB0
Current User Name: Rutares
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Free Music Zilla\FMZilla.exe" = C:\Program Files\Free Music Zilla\FMZilla.exe:*:Enabled:FMZilla -- ()


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{9FC06F54-4B44-44DA-811B-47D27C48BE47}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BEC3CCE1-84B7-4F62-A090-D8C79EDCD632}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08EACFAE-235C-4D18-BA46-A65A71DD4E4D}" = protocol=6 | dir=in | app=c:\program files\aim6\aim6.exe |
"{14CF5772-0E66-41AD-A5B7-8B3B1E6B0B82}" = protocol=17 | dir=in | app=c:\users\rutares\desktop\client\client\client.exe |
"{1628F288-1B73-404B-BE32-0584A75FDD2C}" = protocol=17 | dir=in | app=c:\program files\hotspot shield\bin\openvpntray.exe |
"{1BD8BA46-308A-47C5-AC0B-2B5985D6A045}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead\srcds.exe |
"{2A4710D0-C17C-4990-91D9-27ED3CCE42CB}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{2DF3C58D-A2B1-4A41-BFFA-AA001E6DB3F8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{319F868B-F7D1-4175-AE2C-FC723AE6E6C9}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead\left4dead.exe |
"{36DCC2B4-6951-464C-945F-698AABAC1C0F}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{380A008E-F61D-4B3C-8910-80D7C25818D7}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{3BD186AA-82A5-452B-BA73-BAFBBE8F4D84}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{40473E86-94DD-4FDD-9C64-60E78573B2D2}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{5C432625-AD51-4842-B9DD-4B2C84BC2BB5}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead\left4dead.exe |
"{5CB88E07-3939-4183-BDF6-DC9C386FD704}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{72D02CC1-8695-4103-914E-43B7765B34CC}" = protocol=6 | dir=in | app=c:\users\rutares\desktop\client\client\client.exe |
"{72D25554-97CC-42C4-9383-28BAE8CEE484}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead\bin\sdklauncher.exe |
"{77968E02-BBD6-4C9B-AB27-03283167342E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{79B2F4BD-B598-4984-8325-FA6FC62AF0E5}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead\bin\sdklauncher.exe |
"{7FEB126A-0338-4867-9709-1134D7723E4F}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{96C4A4B7-2677-4C9D-8096-6FF6A4935861}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{96D3CEFE-35E3-4519-B50D-AF4C1AE062B2}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{974D572B-FCCE-4E2B-8B96-F06E42B006CA}" = protocol=17 | dir=in | app=c:\program files\avira\antivir desktop\update.exe |
"{98D454D2-BC99-49DD-A892-4C26647F437F}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe |
"{A73D5D3E-422B-494C-AA4C-2C6F443C9A5E}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{A90B2153-39E4-4476-B2A6-97215E29C720}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead\srcds.exe |
"{B72963E4-4AC7-42C8-B460-6AD68BED6C72}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{BD345789-1B9B-4EC8-8DFE-CAB0E58F7BE0}" = protocol=17 | dir=in | app=c:\program files\aim6\aim6.exe |
"{C1E851DC-2846-40EB-BE88-7F5371AFF65D}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{C52853BA-7053-40B0-A99E-7012F4817436}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{C99D8B96-D152-4A52-B60D-5A8C31331ED3}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{CEAC4544-DCD9-474D-B0E3-39D803440096}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{D2095FFE-6771-4D37-95AE-E42FEA3A8712}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{DB9ACA4D-8604-4889-BD92-D8BDE024A51A}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{DEAA5DBC-0FD9-4BFC-82E4-23EB5DCDE215}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe |
"{E8678607-20F8-4223-AA1E-DAB5D40CE042}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{E9C8EF78-BA12-4438-B637-AB8D06D8C5CD}" = protocol=6 | dir=in | app=c:\program files\avira\antivir desktop\update.exe |
"{ECE56388-4A80-439E-85E6-D3C0137FB773}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{EFC3DB42-EDE8-45EE-9123-F1D788B5F0AC}" = protocol=6 | dir=in | app=c:\program files\hotspot shield\bin\openvpntray.exe |
"TCP Query User{146FCFB3-79B0-4355-A42B-178172D88C2A}C:\program files\steam\steamapps\kururuko\garrysmod\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\kururuko\garrysmod\hl2.exe |
"TCP Query User{7F58F04B-7B86-4609-8EAA-F1C1C7C57012}C:\users\rutares\desktop\oc11b72.exe" = protocol=6 | dir=in | app=c:\users\rutares\desktop\oc11b72.exe |
"TCP Query User{BB6BD44F-63D9-4412-8051-5BC627C8BCF1}C:\program files\byond\bin\byond.exe" = protocol=6 | dir=in | app=c:\program files\byond\bin\byond.exe |
"TCP Query User{C14B4B82-8459-430A-B244-B93BC960B998}C:\program files\steam\steamapps\kururuko\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\kururuko\team fortress 2\hl2.exe |
"TCP Query User{D8D3B956-FB8B-4189-9ED7-DE75E9B9B1B2}C:\program files\free music zilla\fmzilla.exe" = protocol=6 | dir=in | app=c:\program files\free music zilla\fmzilla.exe |
"TCP Query User{E05E008C-A90F-4676-9DE0-4B081384DF73}C:\users\rutares\desktop\do_full-client_downloader.exe" = protocol=6 | dir=in | app=c:\users\rutares\desktop\do_full-client_downloader.exe |
"UDP Query User{11AE33A6-9725-42AA-9344-1BEF2CCE1347}C:\users\rutares\desktop\oc11b72.exe" = protocol=17 | dir=in | app=c:\users\rutares\desktop\oc11b72.exe |
"UDP Query User{584B8B76-F1CD-4975-BF74-BFBDF7C29B99}C:\program files\byond\bin\byond.exe" = protocol=17 | dir=in | app=c:\program files\byond\bin\byond.exe |
"UDP Query User{6340A0D5-CB27-4ADF-974C-0E3409F3DDDD}C:\program files\steam\steamapps\kururuko\garrysmod\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\kururuko\garrysmod\hl2.exe |
"UDP Query User{90D59FEA-08D6-48E7-8C7E-9D0E1251DFCE}C:\users\rutares\desktop\do_full-client_downloader.exe" = protocol=17 | dir=in | app=c:\users\rutares\desktop\do_full-client_downloader.exe |
"UDP Query User{A552E1FC-6245-44D4-884E-9A520D5B1E5B}C:\program files\free music zilla\fmzilla.exe" = protocol=17 | dir=in | app=c:\program files\free music zilla\fmzilla.exe |
"UDP Query User{B9759760-EF8C-42F5-A997-72F20B754133}C:\program files\steam\steamapps\kururuko\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\kururuko\team fortress 2\hl2.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
".hack//The World" = .hack//The World
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{029B5901-1F27-4347-9923-E8ACC8F54E15}" = Snapfish Picture Mover
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
"{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}" = HP Total Care Advisor
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1944C6DC-0F0C-472A-8D0F-047297EE7B0A}" = MySQL Server 5.0
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{23F79416-CAD1-41BF-99A3-040F6C814AAA}" = NVIDIA Photoshop Plug-ins
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java™ 6 Update 16
"{2956585F-DB2F-45C2-9363-F8CB0BB4F2A7}" = Sony ACID Pro 6.0
"{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}" = Adobe Flash Video Encoder
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{33BC9D7E-E790-495E-A4EA-CFB160C17A91}" = Logitech Gaming Software 5.08
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 H2
"{352310C3-E46B-42D3-8F32-54721FDD72D9}" = NetZero Preloader
"{38058455-8C21-4C2F-B2F6-14ED166039CB}" = HP Total Care Setup
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 3.7
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{57A5AEC1-97FC-474D-92C4-908FCC2253D4}" = HP Customer Experience Enhancements
"{6423EF83-6E1D-4D22-A36F-689CD19FD4D2}" = Juno Preloader
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{665CBCA4-5AB0-414B-A288-3F8F99FEFC45}" = HP User Guides 0118
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A370610-3778-44AF-9AAC-69B2FD1A3356}" = Microsoft Live Search Toolbar
"{6B52140A-F189-4945-BFFC-DB3F00B8C589}" = Adobe Flash CS3
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}" = HP Wireless Assistant
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}" = Adobe Shockwave Player
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}" = Adobe Flash Player 9 ActiveX
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D3C80E77-E549-4F76-BC07-61DDBD950345}" = Silent Hill 2
"{DA34FE93-5DC5-48E0-ACC8-A5389E05BB51}" = iTunes
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}" = muvee Reveal
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E6B87DC4-2B3D-4483-ADFF-E483BF718991}" = OpenOffice.org 3.1
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{ECEE0279-785F-4CB3-9F28-E69813234BF8}" = SPORE Creature Creator Trial Edition
"{EDE4AA32-ECD4-4FC2-BAD2-E50ED86219E6}" = MySQL Connector/ODBC 3.51
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F751C062-87DA-4D33-8A12-6E7F1D4C051C}" = Netflix in Windows Media Center
"{FFC1ADE3-944B-4231-894E-3903C37271D2}" = Adobe Setup
"15b35190-c6f9-11d9-9669-0800200c9a66_is1" = Dungeons & Dragons Online ®: Eberron Unlimited ™ v01.09.04.804
"7-Zip" = 7-Zip 4.65
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe_c3c7fe8b09d497ab2b3fd91c9353390" = Adobe Flash CS3 Professional
"AIM_6" = AIM 6
"Alarm Clock_is1" = Alarm Clock v1.0
"Alt WAV MP3 WMA OGG Converter 7.2 Shareware_is1" = Alt WAV MP3 WMA OGG Converter 7.2
"Audacity_is1" = Audacity 1.2.6
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner (remove only)
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_HERMOSA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"dBpowerAMP Music Converter" = dBpowerAMP Music Converter
"Fraps" = Fraps (remove only)
"Free Music Zilla_is1" = Free Music Zilla
"Furcadia" = Furcadia
"Hamachi" = Hamachi 1.0.3.0
"HijackThis" = HijackThis 2.0.2
"HotspotShield" = Hotspot Shield 1.30
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"Kaiba Corp VDS_is1" = Kaiba Corp Virtual Duel System 1.16
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.3)" = Mozilla Firefox (3.5.3)
"NeoSteam_EU" = NeoSteam_EU
"Notepad++" = Notepad++
"NVIDIA Drivers" = NVIDIA Drivers
"Phantasy Star Online Blue Burst_is1" = Phantasy Star Online Blue Burst 1.0
"Rmtablet" = USB Tablet Manager
"Shin Megami Tensei: Imagine Online" = Shin Megami Tensei: Imagine Online
"SprayR" = SprayR 1.0 RC7b
"SQLyog Community" = SQLyog Community 6.03
"Steam App 4000" = Garry's Mod
"Steam App 500" = Left 4 Dead
"Steam App 510" = Left 4 Dead Dedicated Server
"Steam App 513" = Left 4 Dead Authoring Tools
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SystemRequirementsLab" = System Requirements Lab
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 2 Server_is1" = TeamSpeak 2 Server RC2
"UnityWebPlayer" = Unity Web Player
"uTorrent" = µTorrent
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 1.0.1
"VTFEdit_is1" = VTFEdit 1.2.5
"WildTangent hp Master Uninstall" = My HP Games
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
"WinLiveSuite_Wave3" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent DNA" = DNA

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/14/2009 3:30:58 AM | Computer Name = 966LAB0 | Source = WinMgmt | ID = 10
Description =

Error - 10/14/2009 3:34:55 AM | Computer Name = 966LAB0 | Source = HP AdvisorUpdate | ID = 0
Description = Could not find a part of the path 'C:\_pack6\hp-advisor\src\HPAdvisor\Shared\Content\xsd\HPAdvisor.xsd'.
at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.FileStream.Init(String
path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare
share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize) at System.Xml.XmlDownloadManager.GetStream(Uri
uri, ICredentials credentials) at System.Xml.XmlUrlResolver.GetEntity(Uri absoluteUri,
String role, Type ofObjectToReturn) at System.Xml.XmlReader.Create(String inputUri,
XmlReaderSettings settings, XmlParserContext inputContext) at System.Xml.Schema.XmlSchemaSet.Add(String
targetNamespace, String schemaUri) at HPAdvisor.Common.Content.CategoryCollection.ValidateDocument(String
path) ValidateDocument failed Business\SearchTargets.xml

Error - 10/14/2009 6:13:49 AM | Computer Name = 966LAB0 | Source = WinMgmt | ID = 10
Description =

Error - 10/14/2009 6:15:12 AM | Computer Name = 966LAB0 | Source = EventSystem | ID = 4609
Description =

Error - 10/14/2009 6:22:28 AM | Computer Name = 966LAB0 | Source = WinMgmt | ID = 10
Description =

Error - 10/14/2009 6:40:48 AM | Computer Name = 966LAB0 | Source = HP AdvisorUpdate | ID = 0
Description = Could not find a part of the path 'C:\_pack6\hp-advisor\src\HPAdvisor\Shared\Content\xsd\HPAdvisor.xsd'.
at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.FileStream.Init(String
path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare
share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize) at System.Xml.XmlDownloadManager.GetStream(Uri
uri, ICredentials credentials) at System.Xml.XmlUrlResolver.GetEntity(Uri absoluteUri,
String role, Type ofObjectToReturn) at System.Xml.XmlReader.Create(String inputUri,
XmlReaderSettings settings, XmlParserContext inputContext) at System.Xml.Schema.XmlSchemaSet.Add(String
targetNamespace, String schemaUri) at HPAdvisor.Common.Content.CategoryCollection.ValidateDocument(String
path) ValidateDocument failed Business\SearchTargets.xml

Error - 10/14/2009 11:09:27 AM | Computer Name = 966LAB0 | Source = WinMgmt | ID = 10
Description =

Error - 10/14/2009 11:09:50 AM | Computer Name = 966LAB0 | Source = EventSystem | ID = 4609
Description =

Error - 10/14/2009 11:44:36 AM | Computer Name = 966LAB0 | Source = WinMgmt | ID = 10
Description =

Error - 10/14/2009 11:49:52 AM | Computer Name = 966LAB0 | Source = HP AdvisorUpdate | ID = 0
Description = Could not find a part of the path 'C:\_pack6\hp-advisor\src\HPAdvisor\Shared\Content\xsd\HPAdvisor.xsd'.
at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.FileStream.Init(String
path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare
share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize) at System.Xml.XmlDownloadManager.GetStream(Uri
uri, ICredentials credentials) at System.Xml.XmlUrlResolver.GetEntity(Uri absoluteUri,
String role, Type ofObjectToReturn) at System.Xml.XmlReader.Create(String inputUri,
XmlReaderSettings settings, XmlParserContext inputContext) at System.Xml.Schema.XmlSchemaSet.Add(String
targetNamespace, String schemaUri) at HPAdvisor.Common.Content.CategoryCollection.ValidateDocument(String
path) ValidateDocument failed Business\SearchTargets.xml

[ System Events ]
Error - 10/14/2009 11:47:28 AM | Computer Name = 966LAB0 | Source = WinDefend | ID = 2004
Description = %%827 has encountered an error trying to load signatures and will
attempt reverting back to a known-good set of signatures. Signatures Attempted: %%824

Error
Code: 0x8050a001 Error description: The program can't find definition files that
help detect unwanted software. Check for updates to the definition files, and then
try again. For information on installing updates, see Help and Support. Signatures
loading: %%825 Loading signature version: 1.67.543.0 Loading engine version: 1.1.5101.0

Error - 10/14/2009 11:47:46 AM | Computer Name = 966LAB0 | Source = Service Control Manager | ID = 7009
Description =

Error - 10/14/2009 11:47:50 AM | Computer Name = 966LAB0 | Source = Service Control Manager | ID = 7000
Description =

Error - 10/14/2009 11:51:07 AM | Computer Name = 966LAB0 | Source = Service Control Manager | ID = 7022
Description =

Error - 10/14/2009 3:10:12 PM | Computer Name = 966LAB0 | Source = EventLog | ID = 6008
Description = The previous system shutdown at 9:08:12 PM on 10/14/2009 was unexpected.

Error - 10/14/2009 3:10:16 PM | Computer Name = 966LAB0 | Source = HTTP | ID = 15016
Description =

Error - 10/14/2009 3:11:14 PM | Computer Name = 966LAB0 | Source = Service Control Manager | ID = 7000
Description =

Error - 10/14/2009 3:20:38 PM | Computer Name = 966LAB0 | Source = HTTP | ID = 15016
Description =

Error - 10/14/2009 3:20:57 PM | Computer Name = 966LAB0 | Source = Service Control Manager | ID = 7000
Description =

Error - 10/14/2009 3:20:57 PM | Computer Name = 966LAB0 | Source = Service Control Manager | ID = 7026
Description =


< End of report >



MBAM Log:

Malwarebytes' Anti-Malware 1.41
Database version: 2964
Windows 6.0.6001 Service Pack 1

10/15/2009 3:43:52 AM
mbam-log-2009-10-15 (03-43-52).txt

Scan type: Quick Scan
Objects scanned: 86340
Time elapsed: 5 minute(s), 15 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


If I should post the hijackthis log too, please let me know.

Edited by Rutares, 14 October 2009 - 08:21 PM.

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP