Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Problem with "Microsoft .NET Framework 3.6 SP*.exe"

Started by codybuRr , Jan 22 2011 12:03 AM

  • Please log in to reply

#1
codybuRr
Posted 22 January 2011 - 12:03 AM

codybuRr

    New Member

  • Member
  • Pip
  • 1 posts
So for some reason, about two weeks ago, i started getting an error notice at the beginning of every start up after my OS made it through the Welcome screen.
its telling me: "failed to run Microsoft .NET Framework 3.6 SP8.exe"
i don't know what it is, and it is boggling my mind trying to get rid of it.
It leaves two text files in my documents folder every time i start up.
a "nt.dll" is detected by my AV. Norton 360 v4.
it blocks it and calls it a trojan/malware.
i just want this thing gone. and I dont want to go through reformatting until I have all the parts i want for my next upgrade.
which will be an i7 950, dominator 1600MHz DDr3, SSD, and other small goodies.

here is my OTL:


OTL logfile created on: 1/21/2011 9:52:33 PM - Run 1
OTL by OldTimer - Version 3.2.20.3 Folder = C:\Users\Cody\Desktop
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 65.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 148.91 Gb Total Space | 95.60 Gb Free Space | 64.20% Space Free | Partition Type: NTFS

Computer Name: HERMES | User Name: Cody | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/01/21 21:52:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Cody\Desktop\OTL.exe
PRC - [2010/12/16 22:35:00 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010/12/16 22:34:57 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/11/27 20:26:13 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/05/05 16:56:06 | 000,251,392 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
PRC - [2010/04/27 14:41:26 | 000,218,112 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\razertra.exe
PRC - [2010/02/25 16:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\ccsvchst.exe
PRC - [2009/06/04 15:10:56 | 005,777,408 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
PRC - [2009/04/10 18:29:04 | 000,294,912 | -H-- | M] (DeviceVM) -- C:\ASUS.SYS\config\DVMExportService.exe
PRC - [2007/12/19 11:58:24 | 000,163,840 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\DeathAdder\razerofa.exe
PRC - [2007/01/10 21:53:22 | 000,465,408 | ---- | M] () -- C:\Windows\VPro610.exe
PRC - [2006/11/03 11:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\Philips\SPC610NC\Monitor.exe


========== Modules (SafeList) ==========

MOD - [2011/01/21 21:52:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Cody\Desktop\OTL.exe
MOD - [2009/07/13 17:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/10/26 18:51:36 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/13 17:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 17:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011/01/11 16:52:47 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/25 16:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\ccSvcHst.exe -- (N360)
SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/04/10 18:29:04 | 000,294,912 | -H-- | M] (DeviceVM) [Auto | Running] -- C:\ASUS.SYS\config\DVMExportService.exe -- (DvmMDES)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/11/27 20:14:08 | 000,173,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2010/11/27 20:07:21 | 000,034,152 | R--- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2010/10/26 20:00:14 | 008,012,288 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/10/26 18:14:22 | 000,287,232 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/09/28 15:44:52 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/06/23 09:10:56 | 000,344,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/05/05 20:01:59 | 000,451,120 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symtdiv.sys -- (SYMTDIv)
DRV:64bit: - [2010/04/28 21:03:51 | 000,150,064 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0403000.005\ironx64.sys -- (SymIRON)
DRV:64bit: - [2010/04/21 19:02:20 | 000,221,232 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symefa64.sys -- (SymEFA)
DRV:64bit: - [2010/04/21 18:29:51 | 000,505,392 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\N360x64\0403000.005\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2010/04/21 18:29:51 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0403000.005\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2010/03/23 16:37:34 | 000,012,032 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\danew.sys -- (danewFltr)
DRV:64bit: - [2010/02/25 16:22:52 | 000,615,040 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0403000.005\cchpx64.sys -- (ccHP)
DRV:64bit: - [2010/02/03 17:40:47 | 000,433,200 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symds64.sys -- (SymDS)
DRV:64bit: - [2009/12/22 01:54:00 | 001,308,160 | ---- | M] (C-Media Electronics Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CM10864.sys -- (USBPNPA)
DRV:64bit: - [2009/12/21 21:50:00 | 000,007,552 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vHidDev.sys -- (vhidmini)
DRV:64bit: - [2009/07/13 17:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 17:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 12:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/14 09:26:24 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2006/12/04 13:20:38 | 000,561,664 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SPC610NC.SYS -- (SPC610NC)
DRV - [2010/12/16 22:34:42 | 001,791,096 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20110121.019\EX64.SYS -- (NAVEX15)
DRV - [2010/12/16 22:34:42 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20110121.019\ENG64.SYS -- (NAVENG)
DRV - [2010/11/27 01:00:00 | 000,475,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2010/11/27 01:00:00 | 000,132,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/11/22 23:47:46 | 000,476,792 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20110120.001\IDSviA64.sys -- (IDSVia64)
DRV - [2010/11/22 18:20:07 | 000,953,904 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20110114.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2005/10/13 16:41:32 | 000,156,800 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\SPC610NC.sys -- (SPC610NC)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 25 8E A0 36 B0 8E CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: [email protected]:3.2.1

FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPlgn\ [2010/11/28 20:39:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\coFFPlgn\ [2010/11/27 20:18:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/12/16 22:35:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/12/16 22:35:01 | 000,000,000 | ---D | M]

[2010/11/27 19:57:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Cody\AppData\Roaming\Mozilla\Extensions
[2011/01/21 02:04:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Cody\AppData\Roaming\Mozilla\Firefox\Profiles\si3zfxd3.default\extensions
[2010/11/27 20:46:03 | 000,000,000 | ---D | M] (Kempelton Large) -- C:\Users\Cody\AppData\Roaming\Mozilla\Firefox\Profiles\si3zfxd3.default\extensions\[email protected]
[2011/01/21 02:04:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/11/27 20:48:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/27 21:05:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/12/17 02:18:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010/11/27 20:18:08 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\COFFPLGN
[2010/11/28 20:39:43 | 000,000,000 | ---D | M] (Norton IPS) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPLGN
[2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

Hosts file not found
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\ipsbho.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Cm108Sound] C:\Windows\Syswow64\cm108.dll (C-Media Corporation)
O4:64bit: - HKLM..\Run: [Monitor] C:\Windows\Philips\SPC610NC\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [DeathAdder] C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe ()
O4 - HKLM..\Run: [messenger.exe] C:\Program Files (x86)\Common Files\microsoft shared\Web Components\messenger.exe (© MICR0S0FT corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKLM..\RunOnceEx: [Flags] Reg Error: Invalid data type. File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun- = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun- = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 253
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun- = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun- = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 253
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2011/01/21 21:03:49 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (MACHINE BootExecut) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/01/21 21:52:01 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Cody\Desktop\OTL.exe
[2011/01/21 21:49:38 | 001,349,208 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Cody\Desktop\TDSSKiller.exe
[2011/01/21 21:16:27 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/01/21 21:03:49 | 000,000,000 | RHSD | C] -- C:\desktop.ini
[2011/01/21 21:03:49 | 000,000,000 | RHSD | C] -- C:\comment.htt
[2011/01/21 21:03:49 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2011/01/21 21:03:42 | 000,037,600 | ---- | C] (Greatis Software) -- C:\Windows\SysNative\Partizan.exe
[2011/01/21 21:03:41 | 000,000,000 | -H-D | C] -- C:\Users\Cody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Disabled Startup Items
[2011/01/21 21:03:41 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disabled Startup Items
[2011/01/21 21:03:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Greatis
[2011/01/21 15:00:51 | 000,000,000 | ---D | C] -- C:\MoTemp
[2011/01/03 19:20:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guitar Pro 5
[2011/01/03 19:20:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Guitar Pro 5
[2010/12/29 00:34:37 | 000,000,000 | ---D | C] -- C:\Users\Cody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESEA
[2010/12/23 15:17:05 | 000,000,000 | ---D | C] -- C:\Users\Cody\Desktop\Easy h264 v0.6r
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/01/21 21:52:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Cody\Desktop\OTL.exe
[2011/01/21 21:28:27 | 000,000,177 | -H-- | M] () -- C:\dvmexp.idx
[2011/01/21 21:25:35 | 000,013,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/01/21 21:25:35 | 000,013,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/01/21 21:22:45 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/01/21 21:22:45 | 000,623,940 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/01/21 21:22:45 | 000,106,316 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/01/21 21:18:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/01/21 21:18:12 | 3220,529,152 | -HS- | M] () -- C:\hiberfil.sys
[2011/01/21 21:06:46 | 000,000,002 | RHS- | M] () -- C:\Windows\winstart.bat
[2011/01/21 21:06:46 | 000,000,002 | RHS- | M] () -- C:\Windows\SysWow64\CONFIG.NT
[2011/01/21 21:06:46 | 000,000,002 | RHS- | M] () -- C:\Windows\SysWow64\AUTOEXEC.NT
[2011/01/21 21:03:42 | 000,037,600 | ---- | M] (Greatis Software) -- C:\Windows\SysNative\Partizan.exe
[2011/01/18 09:34:52 | 001,349,208 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Cody\Desktop\TDSSKiller.exe
[2011/01/17 01:25:18 | 315,148,343 | ---- | M] () -- C:\Users\Cody\Desktop\New folder.rar
[2011/01/16 14:40:49 | 000,000,000 | -H-- | M] () -- C:\Users\Cody\Documents\Default.rdp
[2011/01/04 17:59:24 | 004,969,352 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/01/03 03:56:03 | 000,013,527 | ---- | M] () -- C:\Users\Cody\Desktop\workout.docx
[2010/12/29 00:34:38 | 000,001,137 | ---- | M] () -- C:\Users\Cody\Desktop\ESEA Client.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/01/21 21:03:47 | 000,000,002 | RHS- | C] () -- C:\Windows\winstart.bat
[2011/01/21 21:03:47 | 000,000,002 | RHS- | C] () -- C:\Windows\SysWow64\CONFIG.NT
[2011/01/21 21:03:47 | 000,000,002 | RHS- | C] () -- C:\Windows\SysWow64\AUTOEXEC.NT
[2011/01/21 21:03:15 | 000,057,556 | ---- | C] () -- C:\Windows\guard.bmp
[2011/01/21 15:00:51 | 000,000,882 | ---- | C] () -- C:\Users\Cody\.imagineer_log.txt
[2011/01/17 01:20:30 | 315,148,343 | ---- | C] () -- C:\Users\Cody\Desktop\New folder.rar
[2011/01/16 14:40:49 | 000,000,000 | -H-- | C] () -- C:\Users\Cody\Documents\Default.rdp
[2011/01/03 03:56:01 | 000,013,527 | ---- | C] () -- C:\Users\Cody\Desktop\workout.docx
[2010/12/29 00:34:37 | 000,001,137 | ---- | C] () -- C:\Users\Cody\Desktop\ESEA Client.lnk
[2010/11/30 17:14:23 | 000,007,605 | ---- | C] () -- C:\Users\Cody\AppData\Local\Resmon.ResmonCfg
[2010/11/29 23:35:58 | 000,000,518 | ---- | C] () -- C:\Windows\SysWow64\SPC610NC.ini
[2010/11/28 02:35:10 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2010/11/27 23:20:21 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2010/11/27 23:20:21 | 000,014,392 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2010/11/27 23:20:16 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2010/11/27 23:20:16 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2010/11/27 21:44:56 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2010/11/27 20:30:51 | 000,143,360 | ---- | C] () -- C:\Windows\Vmix108.dll
[2010/11/27 20:30:51 | 000,000,259 | ---- | C] () -- C:\Windows\Cm108.ini.cfl
[2010/11/27 20:30:42 | 000,008,287 | ---- | C] () -- C:\Windows\Cm108.ini.imi
[2010/11/27 20:30:42 | 000,002,029 | ---- | C] () -- C:\Windows\Cm108.ini.cfg
[2010/11/27 20:30:42 | 000,001,320 | ---- | C] () -- C:\Windows\cm108.ini
[2009/07/13 15:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 13:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008/12/01 18:32:32 | 000,362,029 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
[2007/06/27 16:13:51 | 000,516,096 | ---- | C] () -- C:\Windows\SysWow64\RegisterDialog.dll

========== LOP Check ==========

[2011/01/01 15:56:51 | 000,000,000 | ---D | M] -- C:\Users\Cody\AppData\Roaming\FrostWire
[2010/12/06 22:10:49 | 000,000,000 | ---D | M] -- C:\Users\Cody\AppData\Roaming\Publish Providers
[2010/11/27 20:23:54 | 000,000,000 | ---D | M] -- C:\Users\Cody\AppData\Roaming\Razer
[2010/12/06 22:10:47 | 000,000,000 | ---D | M] -- C:\Users\Cody\AppData\Roaming\Sony
[2011/01/04 14:14:09 | 000,000,000 | ---D | M] -- C:\Users\Cody\AppData\Roaming\uTorrent
[2009/07/13 21:08:49 | 000,022,500 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >


and the extras:

OTL Extras logfile created on: 1/21/2011 9:52:33 PM - Run 1
OTL by OldTimer - Version 3.2.20.3 Folder = C:\Users\Cody\Desktop
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 65.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 148.91 Gb Total Space | 95.60 Gb Free Space | 64.20% Space Free | Partition Type: NTFS

Computer Name: HERMES | User Name: Cody | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome File not found
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0C682623-8F66-46A8-B9B3-93FE1E66A001}" = iTunes
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{963BFE7E-C350-4346-B43C-B02358306A45}" = Apple Mobile Device Support
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{AB3FDAEC-7702-3A47-655B-4A34714CBEFA}" = ccc-utility64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DBB03C04-9E78-6758-94C9-5D128401CFF8}" = WMV9/VC-1 Video Playback
"{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour
"{E974638C-9F47-48C4-672C-B9C65F2BAD62}" = AMD Drag and Drop Transcoding
"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64
"{F3FEB53B-0BD3-F481-A8F9-51BA46466A6A}" = ATI Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"C-Media CM108 Like Sound Driver" = SteelSeries USB Soundcard v1.20
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"WinRAR archiver" = WinRAR 4.00 beta 2 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0032D29F-7E8F-40E5-AD12-8857AAB0DBFF}" = Catalyst Control Center - Branding
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{034C3647-3240-B744-D10B-637197A1E5B1}" = Catalyst Control Center InstallProxy
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java™ 6 Update 23
"{2C440596-FD75-9EA6-5472-B2EDBF5D222B}" = ccc-core-static
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7ACEE78A-537D-2857-1A64-72198BC4A67D}" = Catalyst Control Center Graphics Previews Vista
"{7CD82818-18F2-E4D5-A502-9D1F16C8DF9C}" = Catalyst Control Center Graphics Previews Common
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A76CFCA-4BEC-C88E-3A7B-7CD18E3B86EA}" = CCC Help English
"{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}" = EPU-4 Engine
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{926CC8AE-8414-43DF-8EB4-CF26D9C3C663}" =
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{99AD9D6D-A456-49EE-8360-F22EE7AA1272}" = Express Gate
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D54A32D7-9CDB-4982-B84B-A78CEE6ACEE9}" = SPC 610NC Laptop Camera
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{EB1B8449-CD8F-485B-ADB6-02FBCFE180D3}" = Razer DeathAdder™ Mouse
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FrostWire" = FrostWire 4.21.1
"Guitar Pro 5_is1" = Guitar Pro 5.2
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"N360" = Norton 360
"Steam App 240" = Counter-Strike: Source
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 550" = Left 4 Dead 2
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.5

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 1/21/2011 1:26:44 AM | Computer Name = Hermes | Source = Application Error | ID = 1000
Description = Faulting application name: Microsoft .NET Framework 3.6 SP8.exe, version:
0.0.0.0, time stamp: 0x4d2cba9a Faulting module name: unknown, version: 0.0.0.0,
time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x00316572 Faulting
process id: 0xc18 Faulting application start time: 0x01cbb92bbe413184 Faulting application
path: C:\Program Files (x86)\Microsoft .NET Framework 3.6 SP8.exe Faulting module
path: unknown Report Id: 089973eb-251f-11e0-9a0a-00248cbab820

Error - 1/21/2011 11:51:19 AM | Computer Name = Hermes | Source = Application Error | ID = 1000
Description = Faulting application name: Microsoft .NET Framework 3.6 SP8.exe, version:
0.0.0.0, time stamp: 0x4d2cba9a Faulting module name: unknown, version: 0.0.0.0,
time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x003a6572 Faulting
process id: 0xc14 Faulting application start time: 0x01cbb9830a0e9085 Faulting application
path: C:\Program Files (x86)\Microsoft .NET Framework 3.6 SP8.exe Faulting module
path: unknown Report Id: 48e9282a-2576-11e0-8389-00248cbab820

Error - 1/21/2011 6:19:04 PM | Computer Name = Hermes | Source = Application Error | ID = 1000
Description = Faulting application name: Microsoft .NET Framework 3.6 SP8.exe, version:
0.0.0.0, time stamp: 0x4d2cba9a Faulting module name: unknown, version: 0.0.0.0,
time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x00476572 Faulting
process id: 0xd4c Faulting application start time: 0x01cbb9b93515768c Faulting application
path: C:\Program Files (x86)\Microsoft .NET Framework 3.6 SP8.exe Faulting module
path: unknown Report Id: 744088b7-25ac-11e0-81f5-00248cbab820

Error - 1/21/2011 6:47:59 PM | Computer Name = Hermes | Source = Windows Search Service | ID = 1019
Description =

Error - 1/21/2011 6:59:46 PM | Computer Name = Hermes | Source = Application Error | ID = 1000
Description = Faulting application name: Microsoft .NET Framework 3.6 SP8.exe, version:
0.0.0.0, time stamp: 0x4d2cba9a Faulting module name: unknown, version: 0.0.0.0,
time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x00396572 Faulting
process id: 0x4d0 Faulting application start time: 0x01cbb9bee55719c6 Faulting application
path: C:\Program Files (x86)\Microsoft .NET Framework 3.6 SP8.exe Faulting module
path: unknown Report Id: 23eebb39-25b2-11e0-81f5-00248cbab820

Error - 1/21/2011 7:08:48 PM | Computer Name = Hermes | Source = Application Error | ID = 1000
Description = Faulting application name: Microsoft .NET Framework 3.6 SP8.exe, version:
0.0.0.0, time stamp: 0x4d2cba9a Faulting module name: unknown, version: 0.0.0.0,
time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x00356572 Faulting
process id: 0xb30 Faulting application start time: 0x01cbb9c027f15693 Faulting application
path: C:\Program Files (x86)\Microsoft .NET Framework 3.6 SP8.exe Faulting module
path: unknown Report Id: 66b7b319-25b3-11e0-81f5-00248cbab820

Error - 1/22/2011 12:42:03 AM | Computer Name = Hermes | Source = Application Error | ID = 1000
Description = Faulting application name: Microsoft .NET Framework 3.6 SP8.exe, version:
0.0.0.0, time stamp: 0x4d2cba9a Faulting module name: unknown, version: 0.0.0.0,
time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x00326572 Faulting
process id: 0xe94 Faulting application start time: 0x01cbb9eeb6ddcf2d Faulting application
path: C:\Program Files (x86)\Microsoft .NET Framework 3.6 SP8.exe Faulting module
path: unknown Report Id: f4fb2d51-25e1-11e0-81f2-00248cbab820

Error - 1/22/2011 1:12:43 AM | Computer Name = Hermes | Source = Application Error | ID = 1000
Description = Faulting application name: Microsoft .NET Framework 3.6 SP8.exe, version:
0.0.0.0, time stamp: 0x4d2cba9a Faulting module name: unknown, version: 0.0.0.0,
time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x01fb6572 Faulting
process id: 0xcb8 Faulting application start time: 0x01cbb9f2fca52b4a Faulting application
path: C:\Program Files (x86)\Microsoft .NET Framework 3.6 SP8.exe Faulting module
path: unknown Report Id: 3d990e9d-25e6-11e0-81f1-00248cbab820

Error - 1/22/2011 1:15:34 AM | Computer Name = Hermes | Source = Windows Search Service | ID = 1019
Description =

Error - 1/22/2011 1:18:42 AM | Computer Name = Hermes | Source = Application Error | ID = 1000
Description = Faulting application name: Microsoft .NET Framework 3.6 SP8.exe, version:
0.0.0.0, time stamp: 0x4d2cba9a Faulting module name: unknown, version: 0.0.0.0,
time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x00326572 Faulting
process id: 0x9d4 Faulting application start time: 0x01cbb9f3d4f2a10d Faulting application
path: C:\Program Files (x86)\Microsoft .NET Framework 3.6 SP8.exe Faulting module
path: unknown Report Id: 138458ce-25e7-11e0-b4da-00248cbab820

[ System Events ]
Error - 1/22/2011 1:10:59 AM | Computer Name = Hermes | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Partizan

Error - 1/22/2011 1:11:02 AM | Computer Name = Hermes | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.

Error - 1/22/2011 1:11:02 AM | Computer Name = Hermes | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.

Error - 1/22/2011 1:11:19 AM | Computer Name = Hermes | Source = Application Popup | ID = 1060
Description = \??\C:\Windows\SysWow64\Drivers\regguard.sys has been blocked from
loading due to incompatibility with this system. Please contact your software vendor
for a compatible version of the driver.

Error - 1/22/2011 1:11:57 AM | Computer Name = Hermes | Source = Application Popup | ID = 1060
Description = \??\C:\Windows\SysWow64\Drivers\regguard.sys has been blocked from
loading due to incompatibility with this system. Please contact your software vendor
for a compatible version of the driver.

Error - 1/22/2011 1:18:26 AM | Computer Name = Hermes | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.

Error - 1/22/2011 1:18:26 AM | Computer Name = Hermes | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.

Error - 1/22/2011 1:18:27 AM | Computer Name = Hermes | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Partizan

Error - 1/22/2011 1:18:30 AM | Computer Name = Hermes | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.

Error - 1/22/2011 1:18:30 AM | Computer Name = Hermes | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.


< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP