Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

PC keeps hanging

Started by ccjjxx , Jan 23 2011 06:01 AM

  • Please log in to reply

#1
ccjjxx
Posted 23 January 2011 - 06:01 AM

ccjjxx

    Member

  • Member
  • PipPip
  • 25 posts
Hi all, I've encountered some problems with my computer and would need your help in solving it.

Problems:
Computer hangs at startup screens almost everytime. Rebooting does not solve the problem.
It also hangs occasionally at random times of usage, such as when i plug in my ipod to sync my music, or when i edit folder properties. Hanging seems to be random though.

Other than hanging, it does not lag at all.

I'm running in safe mode now, I can't even on the computer without it hanging after many many tries.

OTL logfile created on: 1/23/2011 7:39:22 PM - Run 1
OTL by OldTimer - Version 3.2.20.4 Folder = E:\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 77.00% Memory free
7.00 Gb Paging File | 6.00 Gb Available in Paging File | 90.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 87.89 Gb Total Space | 51.05 Gb Free Space | 58.08% Space Free | Partition Type: NTFS
Drive D: | 107.42 Gb Total Space | 67.37 Gb Free Space | 62.71% Space Free | Partition Type: NTFS
Drive E: | 252.41 Gb Total Space | 59.27 Gb Free Space | 23.48% Space Free | Partition Type: NTFS

Computer Name: JIEXUANPC | User Name: Jiexuan | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/01/23 19:39:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\Downloads\OTL.exe
PRC - [2010/12/22 19:03:31 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010/12/22 19:03:30 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/03/01 21:43:22 | 001,029,456 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2010/03/01 21:43:22 | 000,524,632 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2009/10/19 21:48:57 | 000,640,760 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware\AAWWSC.exe
PRC - [2009/04/11 14:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011/01/23 19:39:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\Downloads\OTL.exe
MOD - [2010/08/31 23:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/01/13 16:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/05/14 11:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/01 21:43:22 | 001,029,456 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/10/12 10:02:37 | 003,414,068 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2009/09/25 09:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/05/01 14:35:54 | 000,181,544 | ---- | M] (Seagate Technology LLC) [Auto | Stopped] -- D:\Program Files\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2009/01/17 21:17:51 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/10/25 11:44:08 | 000,065,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2008/06/05 04:14:32 | 000,066,824 | ---- | M] (Trend Micro Inc.) [Auto | Stopped] -- C:\Program Files\Trend Micro\OKAVAgent\OKAVAgent.exe -- (OKAV Agent Service)
SRV - [2008/01/21 10:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/18 05:00:00 | 000,143,872 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Stopped] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE -- (EPSON_EB_RPCV4_01) EPSON V5 Service4(01)
SRV - [2007/01/12 05:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Stopped] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)
SRV - [2007/01/05 11:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Stopped] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)


========== Driver Services (SafeList) ==========

DRV - [2011/01/13 16:41:16 | 000,294,608 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/01/13 16:40:16 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/01/13 16:37:30 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/01/13 16:37:19 | 000,051,280 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011/01/13 16:37:09 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/01/02 20:47:58 | 000,010,872 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\apf001.sys -- (apf001)
DRV - [2010/07/17 21:47:00 | 000,024,576 | ---- | M] (HTC1124 Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2009/12/11 23:19:18 | 000,060,928 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\rakion.sys -- (rak)
DRV - [2009/10/19 21:49:19 | 000,064,160 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2009/10/13 17:50:00 | 000,133,632 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Mkd2kfNT.sys -- (Mkd2kfNt)
DRV - [2009/07/13 17:37:00 | 000,079,360 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Mkd2Nadr.sys -- (Mkd2Nadr)
DRV - [2009/07/09 15:41:30 | 000,077,312 | ---- | M] (© Everstrike Software) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\LFSys.sys -- (LFSys)
DRV - [2009/04/11 12:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/08/14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\adfs.sys -- (adfs)
DRV - [2008/07/28 17:19:28 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008/05/20 18:01:00 | 002,143,136 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/04/03 12:56:00 | 007,444,672 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/02/15 04:01:24 | 000,013,680 | ---- | M] (Nicomsoft Ltd.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\DDCDrv.sys -- (WinI2C-DDC)
DRV - [2008/01/21 10:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/21 10:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/21 10:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/21 10:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/21 10:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/21 10:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/21 10:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/21 10:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/21 10:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/21 10:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2008/01/21 10:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/21 10:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/21 10:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/21 10:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/21 10:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/21 10:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/21 10:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/21 10:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/21 10:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/21 10:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/21 10:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/21 10:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/21 10:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/21 10:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/21 10:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/11/22 10:31:40 | 000,266,880 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMC410.sys -- (VMC410)
DRV - [2007/08/07 08:15:07 | 000,033,052 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2007/04/18 12:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV - [2007/04/03 13:59:42 | 000,099,080 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s616unic.sys -- (s616unic) Sony Ericsson Device 616 USB Ethernet Emulation SEMC616 (WDM)
DRV - [2007/04/03 13:59:42 | 000,098,568 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s616obex.sys -- (s616obex)
DRV - [2007/04/03 13:59:42 | 000,023,176 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s616nd5.sys -- (s616nd5) Sony Ericsson Device 616 USB Ethernet Emulation SEMC616 (NDIS)
DRV - [2007/04/03 13:59:40 | 000,100,360 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s616mgmt.sys -- (s616mgmt) Sony Ericsson Device 616 USB WMC Device Management Drivers (WDM)
DRV - [2007/04/03 13:59:38 | 000,108,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s616mdm.sys -- (s616mdm)
DRV - [2007/04/03 13:59:36 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s616mdfl.sys -- (s616mdfl)
DRV - [2007/04/03 13:59:30 | 000,083,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s616bus.sys -- (s616bus) Sony Ericsson Device 616 driver (WDM)
DRV - [2007/03/10 09:04:42 | 000,031,072 | ---- | M] (Intel Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\iqvw32.sys -- (NAL)
DRV - [2007/01/31 01:01:00 | 000,256,000 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Dr71WU.sys -- (RT73)
DRV - [2007/01/08 11:53:12 | 000,020,672 | ---- | M] (OEM) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LFXACT.sys -- (LFXACT)
DRV - [2007/01/08 11:52:32 | 000,031,879 | ---- | M] (OEM) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\XMLDIUSB.sys -- (XMLDIUSB)
DRV - [2007/01/06 22:05:42 | 000,199,680 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTL8187.sys -- (RTL8187)
DRV - [2006/11/02 17:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 17:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 17:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 17:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 17:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 17:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 17:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 17:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 17:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 17:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 17:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 16:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 16:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 16:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 16:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 16:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 16:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 15:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 15:30:56 | 000,194,048 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2001/07/13 13:56:14 | 000,014,976 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\SBKUPNT.SYS -- (SBKUPNT)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.lenovo.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com/0SE...S01?FORM=TOOLBR
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.skip-sear...fg=2-82-0-1DvD8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://lenovo.live.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {b800be35-8e12-422f-9967-8176bbb4e828} - D:\Program Files\MouseHunt Toolbar\Helper.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = proxy.xenoncore.net:3128

========== FireFox ==========

FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.hwachong.edu.sg/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0
FF - prefs.js..extensions.enabledItems: {c33c5b47-69c8-45a4-a5e0-af85bbe628dd}:1.6.1.3
FF - prefs.js..extensions.enabledItems: [email protected]:9.0.0.736
FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.95.20100933
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.0
FF - prefs.js..extensions.enabledItems: {43c35458-c907-439b-bcfd-07d373834689}:2.2.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}:1.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..network.proxy.http: "proxy.xenoncore.net"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.type: 0


FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010/03/06 23:15:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/27 22:14:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/27 22:14:58 | 000,000,000 | ---D | M]

[2009/05/31 10:51:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jiexuan\AppData\Roaming\Mozilla\Extensions
[2009/05/31 10:51:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jiexuan\AppData\Roaming\Mozilla\Extensions\MediaCoder
[2009/04/28 21:39:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jiexuan\AppData\Roaming\Mozilla\Extensions\[email protected]
[2011/01/23 10:23:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jiexuan\AppData\Roaming\Mozilla\Firefox\Profiles\dj54dou7.default\extensions
[2010/04/29 19:51:00 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jiexuan\AppData\Roaming\Mozilla\Firefox\Profiles\dj54dou7.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/08/11 23:30:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jiexuan\AppData\Roaming\Mozilla\Firefox\Profiles\dj54dou7.default\extensions\{43c35458-c907-439b-bcfd-07d373834689}
[2010/11/17 11:09:12 | 000,000,000 | ---D | M] (ReloadEvery) -- C:\Users\Jiexuan\AppData\Roaming\Mozilla\Firefox\Profiles\dj54dou7.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}
[2010/11/28 21:13:48 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Users\Jiexuan\AppData\Roaming\Mozilla\Firefox\Profiles\dj54dou7.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2011/01/12 16:55:05 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Jiexuan\AppData\Roaming\Mozilla\Firefox\Profiles\dj54dou7.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/01/16 09:58:59 | 000,000,000 | ---D | M] (Interclue) -- C:\Users\Jiexuan\AppData\Roaming\Mozilla\Firefox\Profiles\dj54dou7.default\extensions\{c33c5b47-69c8-45a4-a5e0-af85bbe628dd}
[2010/12/24 09:16:39 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Jiexuan\AppData\Roaming\Mozilla\Firefox\Profiles\dj54dou7.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011/01/23 10:23:19 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Jiexuan\AppData\Roaming\Mozilla\Firefox\Profiles\dj54dou7.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2009/07/28 18:21:56 | 000,000,000 | ---D | M] (Xoopit for Gmail) -- C:\Users\Jiexuan\AppData\Roaming\Mozilla\Firefox\Profiles\dj54dou7.default\extensions\{fc76dc89-03b7-47fe-ab1d-b317b062bba8}
[2010/11/24 07:45:38 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Users\Jiexuan\AppData\Roaming\Mozilla\Firefox\Profiles\dj54dou7.default\extensions\[email protected]
[2010/09/13 00:45:59 | 000,000,000 | ---D | M] (Personas) -- C:\Users\Jiexuan\AppData\Roaming\Mozilla\Firefox\Profiles\dj54dou7.default\extensions\[email protected]
[2011/01/17 17:23:53 | 000,000,000 | ---D | M] (SkipScreen) -- C:\Users\Jiexuan\AppData\Roaming\Mozilla\Firefox\Profiles\dj54dou7.default\extensions\SkipScreen@SkipScreen
[2010/08/04 11:38:24 | 000,001,749 | ---- | M] () -- C:\Users\Jiexuan\AppData\Roaming\Mozilla\Firefox\Profiles\dj54dou7.default\searchplugins\ask.uk.xml
[2010/11/12 07:41:07 | 000,001,498 | ---- | M] () -- C:\Users\Jiexuan\AppData\Roaming\Mozilla\Firefox\Profiles\dj54dou7.default\searchplugins\saveswatts.xml
[2010/01/26 11:28:26 | 000,001,741 | ---- | M] () -- C:\Users\Jiexuan\AppData\Roaming\Mozilla\Firefox\Profiles\dj54dou7.default\searchplugins\search-the-web.xml
[2009/12/30 00:36:33 | 000,001,546 | ---- | M] () -- C:\Users\Jiexuan\AppData\Roaming\Mozilla\Firefox\Profiles\dj54dou7.default\searchplugins\thesaurus---referencecom.xml
[2011/01/22 23:15:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/17 20:44:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/11/10 23:04:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/08 00:04:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2009/12/28 12:41:18 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2010/03/06 23:15:26 | 000,000,000 | ---D | M] (Google Gears) -- C:\PROGRAM FILES\GOOGLE\GOOGLE GEARS\FIREFOX
[2010/08/24 17:31:30 | 000,773,120 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2006/09/19 05:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Freecause Toolbar BHO) - {91B53B55-36CE-4ABE-A248-F97D6D9F0CFF} - D:\Program Files\MouseHunt Toolbar\Toolbar.dll ()
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (MouseHunt Toolbar) - {89F74AE6-CC04-4740-9A19-EEE1DCD2861B} - D:\Program Files\MouseHunt Toolbar\Toolbar.dll ()
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (MouseHunt Toolbar) - {89F74AE6-CC04-4740-9A19-EEE1DCD2861B} - D:\Program Files\MouseHunt Toolbar\Toolbar.dll ()
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Healthcare] C:\Program Files\Lenovo\Healthcare\HealthCare.exe (skyware)
O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
O4 - HKLM..\Run: [LenovoTray] C:\Windows\LenovoTray.exe (Lenovo)
O4 - HKLM..\Run: [LFService] D:\Program Files\Lock Folder XP\LFService.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SetDefaultSCR] C:\Program Files\Lenovo\Lenovo Screensaver\SetDefaultSCR.exe (Lenovo)
O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files\Lenovo\VeriFaceIII\PManage.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [RegistryMechanic] D:\Program Files\Registry Mechanic\RMTray.exe (PC Tools)
O4 - Startup: C:\Users\Jiexuan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Jiexuan\AppData\Roaming\Dropbox\bin\Dropbox.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 00 00 00 02 [binary data]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab (Checkers Class)
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} http://messenger.zon...S.cab109791.cab ()
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} http://www.sibelius....tiveXPlugin.cab (Reg Error: Key error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zon...er.cab56986.cab (Minesweeper Flags Class)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Jiexuan\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Jiexuan\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/19 05:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{32817554-ee3a-11de-b8f3-00219731dced}\Shell\AutoRun\command - "" = M:\Seagate\Installer\InstallSeagateManager.exe
O33 - MountPoints2\{32817554-ee3a-11de-b8f3-00219731dced}\Shell\Install\command - "" = M:\Seagate\Installer\InstallSeagateManager.exe
O33 - MountPoints2\{508ba03e-1135-11de-b089-00219731dced}\Shell\AutoRun\command - "" = M:\WDSetup.exe
O33 - MountPoints2\{c4df1a44-1035-11de-bc9d-00219731dced}\Shell - "" = AutoRun
O33 - MountPoints2\{c4df1a44-1035-11de-bc9d-00219731dced}\Shell\AutoRun\command - "" = N:\LaunchU3.exe -a
O33 - MountPoints2\{c810c214-c449-11dd-9358-00219731dced}\Shell - "" = AutoRun
O33 - MountPoints2\{c810c214-c449-11dd-9358-00219731dced}\Shell\AutoRun\command - "" = G:\SETUP.EXE
O33 - MountPoints2\{fd81dbbc-79e7-11df-a48c-00219731dced}\Shell\AutoRun\command - "" = H:\.\EncryptionTool\MaxtorEncryption.exe
O33 - MountPoints2\M\Shell\AutoRun\command - "" = M:\.\EncryptionTool\MaxtorEncryption.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/01/01 17:30:26 | 000,000,000 | ---D | C] -- C:\Users\Jiexuan\AppData\Local\File Renamer Basic
[2011/01/01 17:30:21 | 000,000,000 | ---D | C] -- C:\Users\Jiexuan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Renamer - Basic
[2010/12/27 22:19:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2010/12/27 22:18:44 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/12/27 22:14:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2010/12/27 22:14:22 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/12/26 09:44:32 | 000,000,000 | ---D | C] -- C:\Users\Jiexuan\Documents\My Photos
[2010/12/26 09:44:32 | 000,000,000 | ---D | C] -- C:\Users\Jiexuan\Documents\My Documents
[2010/12/26 09:43:32 | 000,000,000 | ---D | C] -- C:\Users\Jiexuan\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2010/12/26 09:43:16 | 000,000,000 | ---D | C] -- C:\Users\Jiexuan\AppData\Roaming\HTC
[2010/12/26 09:41:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC Sync
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Jiexuan\Desktop\*.tmp files -> C:\Users\Jiexuan\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/01/23 19:36:00 | 000,236,544 | ---- | M] () -- C:\Users\Jiexuan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/23 18:23:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/01/23 18:20:47 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/23 18:15:49 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/01/23 18:15:49 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/01/23 17:39:03 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/23 11:37:41 | 000,107,534 | ---- | M] () -- C:\Users\Jiexuan\Desktop\cc_20110123_113730.reg
[2011/01/23 10:41:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-567642789-668631892-1033757332-1004UA.job
[2011/01/22 23:01:01 | 000,000,244 | ---- | M] () -- C:\Windows\tasks\Epson Printer Software Downloader.job
[2011/01/22 19:41:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-567642789-668631892-1033757332-1004Core.job
[2011/01/22 16:53:46 | 000,599,588 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/01/22 16:53:46 | 000,103,088 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/01/17 21:43:23 | 000,000,472 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2011/01/17 17:24:10 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011/01/14 23:41:30 | 000,002,091 | ---- | M] () -- C:\Users\Jiexuan\Desktop\Google Chrome.lnk
[2011/01/14 23:41:30 | 000,002,053 | ---- | M] () -- C:\Users\Jiexuan\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/01/13 16:47:35 | 000,038,848 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/01/13 16:47:32 | 000,188,216 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011/01/13 16:41:16 | 000,294,608 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011/01/13 16:40:16 | 000,047,440 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011/01/13 16:37:30 | 000,023,632 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011/01/13 16:37:19 | 000,051,280 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011/01/13 16:37:09 | 000,017,744 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011/01/07 10:43:08 | 000,000,162 | -H-- | M] () -- C:\Users\Jiexuan\Desktop\~$sues & Ideas reference.docx
[2011/01/07 10:38:10 | 000,000,162 | -H-- | M] () -- C:\Users\Jiexuan\Desktop\~$I&I jx.docx
[2011/01/07 10:38:09 | 000,000,162 | -H-- | M] () -- C:\Users\Jiexuan\Desktop\~$sues & Ideas.docx
[2011/01/02 20:47:58 | 000,012,920 | ---- | M] () -- C:\Windows\System32\apl001.sys
[2011/01/02 20:47:58 | 000,010,872 | ---- | M] () -- C:\Windows\System32\apf001.sys
[2011/01/01 17:30:24 | 000,121,347 | ---- | M] () -- C:\Windows\File Renamer - Basic Uninstaller.exe
[2010/12/26 09:42:12 | 000,000,971 | ---- | M] () -- C:\Users\Jiexuan\Application Data\Microsoft\Internet Explorer\Quick Launch\HTC Sync.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Jiexuan\Desktop\*.tmp files -> C:\Users\Jiexuan\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/01/23 11:37:36 | 000,107,534 | ---- | C] () -- C:\Users\Jiexuan\Desktop\cc_20110123_113730.reg
[2011/01/07 10:43:08 | 000,000,162 | -H-- | C] () -- C:\Users\Jiexuan\Desktop\~$sues & Ideas reference.docx
[2011/01/07 10:38:10 | 000,000,162 | -H-- | C] () -- C:\Users\Jiexuan\Desktop\~$I&I jx.docx
[2011/01/07 10:38:09 | 000,000,162 | -H-- | C] () -- C:\Users\Jiexuan\Desktop\~$sues & Ideas.docx
[2011/01/01 17:30:21 | 000,121,347 | ---- | C] () -- C:\Windows\File Renamer - Basic Uninstaller.exe
[2010/12/26 09:42:12 | 000,000,971 | ---- | C] () -- C:\Users\Jiexuan\Application Data\Microsoft\Internet Explorer\Quick Launch\HTC Sync.lnk
[2010/10/14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010/10/11 00:55:28 | 000,012,920 | ---- | C] () -- C:\Windows\System32\apl001.sys
[2010/10/11 00:55:28 | 000,010,872 | ---- | C] () -- C:\Windows\System32\apf001.sys
[2010/09/05 18:32:45 | 000,014,976 | ---- | C] () -- C:\Windows\System32\drivers\SBKUPNT.SYS
[2010/09/05 18:32:37 | 000,002,799 | ---- | C] () -- C:\Windows\SKLANG.INI
[2010/09/04 22:55:04 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2010/05/30 03:04:58 | 000,092,160 | ---- | C] () -- C:\Windows\System32\lua5.1a.dll
[2010/02/28 16:54:14 | 000,176,235 | ---- | C] () -- C:\Windows\System32\Primomonnt.dll
[2009/12/29 23:03:52 | 000,000,000 | ---- | C] () -- C:\Windows\System32\msexcr.ini
[2009/12/03 22:05:12 | 000,060,928 | ---- | C] () -- C:\Windows\System32\rakion.sys
[2009/09/10 23:53:25 | 000,065,536 | ---- | C] () -- C:\Windows\System32\LoadAudFlt.dll
[2009/09/10 23:53:25 | 000,000,223 | ---- | C] () -- C:\Windows\System32\VMAInit.ini
[2009/08/01 10:49:23 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/07/31 09:58:42 | 000,000,314 | ---- | C] () -- C:\Windows\primopdf.ini
[2009/05/24 18:07:17 | 000,000,063 | ---- | C] () -- C:\Users\Jiexuan\AppData\Roaming\sub.txt
[2009/04/10 23:43:47 | 000,129,024 | ---- | C] () -- C:\Windows\System32\AVERM.dll
[2009/04/10 23:43:47 | 000,028,672 | ---- | C] () -- C:\Windows\System32\AVEQT.dll
[2009/03/29 09:35:31 | 000,000,680 | ---- | C] () -- C:\Users\Jiexuan\AppData\Local\d3d9caps.dat
[2009/02/23 01:57:52 | 004,421,889 | ---- | C] () -- C:\Windows\System32\libavcodec.dll
[2009/02/18 21:57:22 | 000,557,451 | ---- | C] () -- C:\Windows\System32\libmplayer.dll
[2009/02/17 01:19:42 | 000,790,190 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009/02/17 00:32:20 | 000,425,040 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll
[2009/02/17 00:30:30 | 000,903,703 | ---- | C] () -- C:\Windows\System32\ff_x264.dll
[2009/02/17 00:23:50 | 000,145,081 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll
[2009/02/16 22:49:30 | 000,328,334 | ---- | C] () -- C:\Windows\System32\ff_kernelDeint.dll
[2009/02/14 23:15:42 | 000,486,400 | ---- | C] () -- C:\Windows\System32\ff_libfaad2.dll
[2009/02/10 06:28:18 | 000,098,304 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll
[2009/02/10 04:19:18 | 000,183,296 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll
[2009/02/10 04:19:12 | 000,178,688 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll
[2009/02/10 04:18:52 | 000,113,152 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll
[2009/02/10 04:18:32 | 000,146,944 | ---- | C] () -- C:\Windows\System32\ff_tremor.dll
[2009/02/10 04:18:24 | 000,257,024 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll
[2009/02/10 04:18:20 | 000,142,848 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll
[2009/02/10 03:56:22 | 000,067,584 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009/01/11 06:17:32 | 000,163,840 | ---- | C] () -- C:\Windows\System32\ts.dll
[2009/01/11 06:16:56 | 000,148,480 | ---- | C] () -- C:\Windows\System32\mkx.dll
[2009/01/11 06:16:50 | 000,108,032 | ---- | C] () -- C:\Windows\System32\avi.dll
[2009/01/11 06:16:14 | 000,141,312 | ---- | C] () -- C:\Windows\System32\mp4.dll
[2009/01/11 06:15:54 | 000,120,832 | ---- | C] () -- C:\Windows\System32\ogm.dll
[2009/01/11 06:15:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\mmfinfo.dll
[2009/01/11 06:15:32 | 000,102,400 | ---- | C] () -- C:\Windows\System32\avss.dll
[2009/01/11 06:15:28 | 000,246,784 | ---- | C] () -- C:\Windows\System32\dxr.dll
[2009/01/11 06:15:12 | 000,097,280 | ---- | C] () -- C:\Windows\System32\avs.dll
[2009/01/11 06:14:08 | 000,079,360 | ---- | C] () -- C:\Windows\System32\mkzlib.dll
[2009/01/11 06:14:06 | 000,023,552 | ---- | C] () -- C:\Windows\System32\mkunicode.dll
[2008/12/09 23:08:54 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/12/09 22:55:44 | 000,040,960 | ---- | C] () -- C:\Windows\System32\LFXPJL2K.DLL
[2008/12/07 23:02:20 | 000,236,544 | ---- | C] () -- C:\Users\Jiexuan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/12/04 17:41:02 | 000,509,224 | ---- | C] () -- C:\Windows\System32\ICCProfiles.dll
[2008/12/04 06:11:50 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008/11/14 15:00:10 | 009,338,880 | ---- | C] () -- C:\Windows\System32\Facev.dll
[2008/11/14 15:00:10 | 000,491,520 | ---- | C] () -- C:\Windows\System32\picn.dll
[2008/11/14 15:00:10 | 000,208,896 | ---- | C] () -- C:\Windows\System32\image.dll
[2008/11/14 15:00:09 | 009,502,720 | ---- | C] () -- C:\Windows\System32\FaceVerify.dll
[2008/11/14 15:00:09 | 001,974,272 | ---- | C] () -- C:\Windows\System32\Imagereog.dll
[2008/11/14 15:00:09 | 001,564,672 | ---- | C] () -- C:\Windows\System32\MainOp.dll
[2008/11/14 15:00:09 | 001,159,168 | ---- | C] () -- C:\Windows\System32\PicNotify.dll
[2008/11/14 15:00:09 | 000,655,360 | ---- | C] () -- C:\Windows\System32\EncIcons.dll
[2008/11/14 15:00:09 | 000,507,904 | ---- | C] () -- C:\Windows\System32\SimpleExt.dll
[2008/11/14 15:00:09 | 000,442,368 | ---- | C] () -- C:\Windows\System32\Apblend.dll
[2008/11/14 15:00:09 | 000,241,752 | ---- | C] () -- C:\Windows\System32\IcnOvrly.dll
[2008/11/14 15:00:09 | 000,221,184 | ---- | C] () -- C:\Windows\System32\SetDev.dll
[2008/11/14 15:00:09 | 000,126,976 | ---- | C] () -- C:\Windows\System32\VideoOp.dll
[2008/11/14 15:00:09 | 000,094,208 | ---- | C] () -- C:\Windows\System32\Momo.dll
[2008/11/14 15:00:09 | 000,053,248 | ---- | C] () -- C:\Windows\System32\FunFrm.dll
[2008/11/14 15:00:09 | 000,049,152 | ---- | C] () -- C:\Windows\System32\DevFilt.dll
[2008/11/14 15:00:08 | 000,241,664 | ---- | C] () -- C:\Windows\System32\3DImageRenderer.dll
[2008/11/07 00:37:32 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2007/10/13 17:30:20 | 000,000,137 | ---- | C] () -- C:\Windows\System32\Registration.ini
[2007/07/30 06:26:00 | 000,011,264 | ---- | C] () -- C:\Windows\System32\LFXCOINS.DLL
[2006/11/02 20:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 15:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== LOP Check ==========

[2010/10/30 21:17:26 | 000,000,000 | ---D | M] -- C:\Users\Jiexuan\AppData\Roaming\BitComet
[2010/08/15 00:49:02 | 000,000,000 | ---D | M] -- C:\Users\Jiexuan\AppData\Roaming\Broad Intelligence
[2010/06/06 21:46:06 | 000,000,000 | ---D | M] -- C:\Users\Jiexuan\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/08/29 08:57:58 | 000,000,000 | ---D | M] -- C:\Users\Jiexuan\AppData\Roaming\DMCache
[2011/01/23 18:20:52 | 000,000,000 | ---D | M] -- C:\Users\Jiexuan\AppData\Roaming\Dropbox
[2009/07/05 19:13:33 | 000,000,000 | ---D | M] -- C:\Users\Jiexuan\AppData\Roaming\Easy Macro Recorder
[2010/10/20 19:26:28 | 000,000,000 | ---D | M] -- C:\Users\Jiexuan\AppData\Roaming\Epson
[2010/04/03 01:12:42 | 000,000,000 | ---D | M] -- C:\Users\Jiexuan\AppData\Roaming\Facebook
[2009/12/30 22:43:20 | 000,000,000 | ---D | M] -- C:\Users\Jiexuan\AppData\Roaming\FileZilla
[2009/11/21 19:56:34 | 000,000,000 | ---D | M] -- C:\Users\Jiexuan\AppData\Roaming\FMA
[2008/12/08 00:15:06 | 000,000,000 | ---D | M] -- C:\Users\Jiexuan\AppData\Roaming\Garritan
[2009/01/23 20:55:25 | 000,000,000 | ---D | M] -- C:\Users\Jiexuan\AppData\Roaming\GetRightToGo
[2009/05/23 21:37:43 | 000,000,000 | ---D | M] -- C:\Users\Jiexuan\AppData\Roaming\GrabPro
[2010/12/26 09:43:24 | 000,000,000 | ---D | M] -- C:\Users\Jiexuan\AppData\Roaming\HTC
[2010/12/26 09:43:32 | 000,000,000 | ---D | M] -- C:\Users\Jiexuan\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2009/09/04 17:21:05 | 000,000,000 | ---D | M] -- C:\Users\Jiexuan\AppData\Roaming\InfraRecorder
[2009/02/22 12:43:19 | 000,000,000 | ---D | M] -- C:\Users\Jiexuan\AppData\Roaming\InterVideo
[2009/12/21 23:42:49 | 000,000,000 | ---D | M] -- C:\Users\Jiexuan\AppData\Roaming\Leadertech
[2009/05/12 21:14:08 | 000,000,000 | ---D | M] -- C:\Users\Jiexuan\AppData\Roaming\LimeWire
[2010/02/27 23:49:04 | 000,000,000 | ---D | M] -- C:\Users\Jiexuan\AppData\Roaming\Molecular Workbench
[2009/03/30 19:19:33 | 000,000,000 | ---D | M] -- C:\Users\Jiexuan\AppData\Roaming\NCH Swift Sound
[2008/12/07 23:49:15 | 000,000,000 | ---D | M] -- C:\Users\Jiexuan\AppData\Roaming\Nitro PDF
[2009/11/09 16:13:25 | 000,000,000 | ---D | M] -- C:\Users\Jiexuan\AppData\Roaming\Orbit
[2010/12/05 11:55:11 | 000,000,000 | ---D | M] -- C:\Users\Jiexuan\AppData\Roaming\PrimoPDF
[2010/08/07 23:08:07 | 000,000,000 | ---D | M] -- C:\Users\Jiexuan\AppData\Roaming\Publish Providers
[2010/05/29 00:12:27 | 000,000,000 | RHSD | M] -- C:\Users\Jiexuan\AppData\Roaming\recyclerr
[2009/12/02 19:15:17 | 000,000,000 | ---D | M] -- C:\Users\Jiexuan\AppData\Roaming\Red Kawa
[2010/08/12 23:38:49 | 000,000,000 | ---D | M] -- C:\Users\Jiexuan\AppData\Roaming\Sony
[2010/06/06 21:45:32 | 000,000,000 | ---D | M] -- C:\Users\Jiexuan\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010/07/17 21:49:22 | 000,000,000 | ---D | M] -- C:\Users\Jiexuan\AppData\Roaming\Teleca
[2010/09/13 23:28:30 | 000,000,000 | ---D | M] -- C:\Users\Jiexuan\AppData\Roaming\YouSendIt
[2011/01/17 21:43:23 | 000,000,472 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2011/01/22 23:01:01 | 000,000,244 | ---- | M] () -- C:\Windows\Tasks\Epson Printer Software Downloader.job
[2011/01/23 11:40:41 | 000,032,624 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2010/10/20 22:22:11 | 000,000,000 | ---D | M](C:\Users\Jiexuan\Documents\?? ???) -- C:\Users\Jiexuan\Documents\넥슨 플러그
[2010/10/20 22:22:11 | 000,000,000 | ---D | C](C:\Users\Jiexuan\Documents\?? ???) -- C:\Users\Jiexuan\Documents\넥슨 플러그
[2010/10/03 22:34:42 | 000,080,384 | ---- | M] ()(C:\Users\Jiexuan\Documents\?? 2.doc) -- C:\Users\Jiexuan\Documents\文档 2.doc
[2010/10/03 22:34:42 | 000,080,384 | ---- | C] ()(C:\Users\Jiexuan\Documents\?? 2.doc) -- C:\Users\Jiexuan\Documents\文档 2.doc

========== Alternate Data Streams ==========

@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >


Thanks for your help!

Edited by ccjjxx, 23 January 2011 - 06:02 AM.

  • 0

Advertisements

#2
ccjjxx
Posted 24 January 2011 - 04:36 AM

ccjjxx

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
Okay, I've run Avast and MalwareBytes in safe mode but both did not detect anything..
Hope there's someone out there that can help!
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP