[apong1208]

hello, my computer is very slow and there are redirects of my search results. My OTL logs is shown. If someone can help me it would be great. Thx.


OTL logfile created on: 7/10/2011 3:34:41 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Derek\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.99 Gb Total Physical Memory | 2.04 Gb Available Physical Memory | 68.08% Memory free
6.21 Gb Paging File | 5.31 Gb Available in Paging File | 85.52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.75 Gb Total Space | 31.41 Gb Free Space | 13.49% Space Free | Partition Type: NTFS
Drive D: | 100.00 Mb Total Space | 70.12 Mb Free Space | 70.12% Space Free | Partition Type: NTFS

Computer Name: DEREK-PC | User Name: Derek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/07/10 15:34:00 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Derek\Desktop\OTL.exe
PRC - [2011/05/15 12:53:20 | 000,325,512 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2011/05/10 05:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/05/10 05:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2009/04/11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011/07/10 15:34:00 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Derek\Desktop\OTL.exe
MOD - [2011/05/10 05:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2010/08/31 08:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (Apache2.2)
SRV - [2011/06/16 15:28:39 | 003,435,096 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_e877e12.dll -- (Akamai)
SRV - [2011/05/10 05:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/12/31 08:39:54 | 008,133,120 | -H-- | M] () [Disabled | Stopped] -- c:\wamp\bin\mysql\mysql5.5.8\bin\mysqld.exe -- (wampmysqld)
SRV - [2010/12/31 08:39:42 | 000,020,549 | -H-- | M] (Apache Software Foundation) [Disabled | Stopped] -- c:\wamp\bin\apache\apache2.2.17\bin\httpd.exe -- (wampapache)
SRV - [2010/03/18 11:19:26 | 000,113,152 | -H-- | M] (ArcSoft Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/02/19 14:37:14 | 000,517,096 | -H-- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2008/01/20 19:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011/05/10 05:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/05/10 05:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/05/10 05:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/05/10 04:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/05/10 04:59:44 | 000,053,592 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011/05/10 04:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2008/06/02 12:44:02 | 000,018,424 | -H-- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2007/06/07 00:21:32 | 000,111,616 | -H-- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/?ref=hp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files\MSN Toolbar\Platform\5.0.1384.0\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin: C:\Program Files\MyWebSearch\bar\1.bin\NPMyWebS.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571: C:\Program Files\Ringz Studio\Storm Codec\Plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.709: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.709: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739: C:\Program Files\Ringz Studio\Storm Codec\Plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.709: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Users\Derek\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\MSN Toolbar\Platform\5.0.1384.0\Firefox [2010/03/07 19:49:58 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\MyWebSearch\bar\1.bin
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011/02/13 23:23:09 | 000,000,000 | -H-D | M]


O1 HOSTS File: ([2011/03/13 18:21:27 | 000,000,786 | -H-- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (WebThunder Browser Helper) - {00000AAA-A363-466E-BEF5-9BB68697AA7F} - C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll (Thunder Networking Technologies,LTD)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (MajiToolbar) - {DF76A633-1E37-4A16-A943-0938402FFA8B} - C:\Program Files\MyMaji\MajiToolbar\majitoolbar.dll (MyMaji.com Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [EfficientCalendar] File not found
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10k_ActiveX.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Epson all-in-one Registration.lnk = File not found
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Foxy ?? - C:\Program Files\Foxy\Foxy.exe (Foxy, Inc.)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: 雄厙珜捃濘 - {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} - File not found
O9 - Extra 'Tools' menuitem : 雄厙珜捃濘 - {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} - File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {0725D9DE-4CB8-4BC3-8219-3E74C0D544F7} http://sample3.dmm.c...MDownloader.cab (DMM Downloader)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Derek\Downloads\五十音.jpg
O24 - Desktop BackupWallPaper: C:\Users\Derek\Downloads\五十音.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | -H-- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{018bf60f-2f9e-11df-9e98-0023ae0a31fb}\Shell\AutoRun\command - "" = C:\Windows\System32\setupSNK.exe -- [2008/01/20 19:32:58 | 000,013,312 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{6f77205b-6c69-11df-af72-0023ae0a31fb}\Shell\AutoRun\command - "" = H:\bootcd\wintools\autorun.exe
O33 - MountPoints2\{6f77205b-6c69-11df-af72-0023ae0a31fb}\Shell\Option1\Command - "" = H:\bootcd\wintools\autorun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/07/10 15:33:57 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\Derek\Desktop\OTL.exe
[2011/06/16 15:54:28 | 000,000,000 | ---D | C] -- C:\Users\Derek\AppData\Roaming\WinPatrol
[2011/06/16 15:53:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
[2011/06/16 15:53:49 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2011/06/16 15:53:49 | 000,000,000 | ---D | C] -- C:\Program Files\BillP Studios
[2011/06/16 15:44:27 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/07/10 15:37:05 | 000,000,392 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{B448E35D-2C67-4D13-A39D-8B92C846D37A}.job
[2011/07/10 15:34:00 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Derek\Desktop\OTL.exe
[2011/07/10 15:25:35 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/10 15:25:35 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/10 15:25:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/10 15:25:25 | 3210,784,768 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/16 15:54:40 | 000,000,908 | -H-- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1957678625-1605181781-3776461308-1000UA.job
[2011/06/16 15:54:20 | 000,002,042 | -H-- | M] () -- C:\Users\Derek\Desktop\Google Chrome.lnk
[2011/06/16 15:54:20 | 000,002,004 | ---- | M] () -- C:\Users\Derek\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/06/16 15:45:51 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/16 15:45:51 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/04/04 14:06:12 | 000,000,136 | -H-- | C] () -- C:\ProgramData\~43835144r
[2011/04/04 14:06:12 | 000,000,112 | -H-- | C] () -- C:\ProgramData\~43835144
[2011/04/04 14:06:03 | 000,000,336 | -H-- | C] () -- C:\ProgramData\43835144
[2011/02/14 22:55:25 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/02/14 22:53:52 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/02/14 22:53:52 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010/12/19 10:54:49 | 000,153,600 | -H-- | C] () -- C:\Windows\System32\WSContextMenu.dll
[2010/10/27 22:10:27 | 000,001,456 | ---- | C] () -- C:\Users\Derek\AppData\Local\Adobe Save for Web 12.0 Prefs
[2010/09/21 14:33:47 | 000,000,376 | -H-- | C] () -- C:\Windows\ODBC.INI
[2010/08/29 22:55:10 | 000,169,724 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2010/08/03 23:14:23 | 000,018,760 | -H-- | C] () -- C:\Windows\System32\QQVistaHelper.dll
[2010/06/21 17:42:13 | 000,022,942 | -H-- | C] () -- C:\Windows\System32\cid_store.dat
[2010/06/21 17:41:39 | 000,000,020 | -H-- | C] () -- C:\Windows\System32\pub_store.dat
[2010/05/09 12:23:36 | 000,190,464 | ---- | C] () -- C:\Users\Derek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/04 17:18:44 | 000,000,000 | -H-- | C] () -- C:\Windows\EEventManager.INI
[2010/03/07 22:46:02 | 000,126,976 | -H-- | C] () -- C:\Windows\System32\EEBAPI.dll
[2010/03/07 22:46:02 | 000,094,208 | -H-- | C] () -- C:\Windows\System32\EEBDSCVR.dll
[2010/03/07 22:46:02 | 000,049,152 | -H-- | C] () -- C:\Windows\System32\EBAPI.dll
[2010/03/07 22:11:40 | 000,073,220 | -H-- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2010/03/07 22:11:40 | 000,031,053 | -H-- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2010/03/07 22:11:40 | 000,027,417 | -H-- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2010/03/07 22:11:40 | 000,021,021 | -H-- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2010/03/07 22:11:40 | 000,015,670 | -H-- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2010/03/07 22:11:40 | 000,013,280 | -H-- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2010/03/07 22:11:40 | 000,010,673 | -H-- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2010/03/07 22:11:40 | 000,004,943 | -H-- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2010/03/07 22:11:40 | 000,001,140 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2010/03/07 22:11:40 | 000,001,140 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2010/03/07 22:11:40 | 000,001,137 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2010/03/07 22:11:40 | 000,001,130 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2010/03/07 22:11:40 | 000,001,130 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2010/03/07 22:11:40 | 000,001,104 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2010/03/07 22:11:40 | 000,000,097 | -H-- | C] () -- C:\Windows\System32\PICSDK.ini
[2010/03/07 22:11:39 | 000,029,114 | -H-- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2010/03/07 22:10:52 | 000,000,079 | -H-- | C] () -- C:\Windows\EPWF600.ini
[2010/03/07 12:09:52 | 000,055,808 | -H-- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2010/03/07 12:09:52 | 000,024,064 | -H-- | C] () -- C:\Windows\System32\WLTRYSVC.EXE
[2010/03/07 12:03:15 | 000,004,608 | -H-- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2010/03/07 12:03:14 | 001,953,696 | -H-- | C] () -- C:\Windows\System32\igklg400.dll
[2010/03/07 12:03:14 | 001,533,360 | -H-- | C] () -- C:\Windows\System32\igklg450.dll
[2010/03/07 12:03:14 | 000,147,456 | -H-- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2010/03/07 12:03:14 | 000,104,636 | -H-- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2010/03/07 11:54:25 | 000,000,680 | ---- | C] () -- C:\Users\Derek\AppData\Local\d3d9caps.dat
[2008/01/20 19:32:58 | 000,070,144 | ---- | C] () -- C:\Windows\System32\wzcdlg.dll
[2006/11/02 05:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 05:44:53 | 003,729,720 | -H-- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 03:33:01 | 000,590,082 | -H-- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 03:33:01 | 000,287,440 | -H-- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 03:33:01 | 000,102,094 | -H-- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 03:33:01 | 000,030,674 | -H-- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 03:23:21 | 000,215,943 | -H-- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 01:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 01:19:00 | 000,000,741 | -H-- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 00:40:29 | 000,013,750 | -H-- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 00:25:31 | 000,673,088 | -H-- | C] () -- C:\Windows\System32\mlang.dat
[2006/10/31 23:54:30 | 000,180,224 | -H-- | C] () -- C:\Windows\System32\xvidvfw.dll
[2006/10/31 23:52:38 | 000,765,952 | -H-- | C] () -- C:\Windows\System32\xvidcore.dll
[2006/05/26 06:29:14 | 000,005,120 | -H-- | C] () -- C:\Windows\System32\ff_vfw.dll
[2003/05/14 23:39:50 | 000,155,136 | -H-- | C] () -- C:\Windows\System32\unrar.dll
[2002/05/14 21:58:38 | 000,122,880 | -H-- | C] () -- C:\Windows\System32\v2k2_dec.dll

========== LOP Check ==========

[2010/09/09 01:06:53 | 000,000,000 | ---D | M] -- C:\Users\Derek\AppData\Roaming\AnvSoft
[2010/06/06 20:05:20 | 000,000,000 | ---D | M] -- C:\Users\Derek\AppData\Roaming\Azureus
[2011/03/20 23:28:01 | 000,000,000 | ---D | M] -- C:\Users\Derek\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/10/27 21:17:50 | 000,000,000 | ---D | M] -- C:\Users\Derek\AppData\Roaming\com.adobe.TrialDownloader
[2010/10/06 21:33:26 | 000,000,000 | ---D | M] -- C:\Users\Derek\AppData\Roaming\Efficient Calendar
[2010/04/04 15:06:54 | 000,000,000 | ---D | M] -- C:\Users\Derek\AppData\Roaming\Epson
[2010/03/07 20:02:02 | 000,000,000 | ---D | M] -- C:\Users\Derek\AppData\Roaming\Foxy
[2010/05/09 22:11:00 | 000,000,000 | ---D | M] -- C:\Users\Derek\AppData\Roaming\GNU Solfege
[2010/03/07 22:24:44 | 000,000,000 | ---D | M] -- C:\Users\Derek\AppData\Roaming\Leadertech
[2010/12/01 00:07:31 | 000,000,000 | ---D | M] -- C:\Users\Derek\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010/08/29 22:45:36 | 000,000,000 | ---D | M] -- C:\Users\Derek\AppData\Roaming\Tencent
[2010/03/07 12:15:29 | 000,000,000 | ---D | M] -- C:\Users\Derek\AppData\Roaming\TMP
[2011/06/16 15:54:28 | 000,000,000 | ---D | M] -- C:\Users\Derek\AppData\Roaming\WinPatrol
[2010/10/25 02:24:29 | 000,000,000 | ---D | M] -- C:\Users\Derek\AppData\Roaming\winstron
[2011/06/16 15:56:49 | 000,032,552 | -H-- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/07/10 15:37:05 | 000,000,392 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{B448E35D-2C67-4D13-A39D-8B92C846D37A}.job

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2011/02/28 01:14:23 | 000,015,922 | ---- | M] ()(C:\Users\Derek\Desktop\????.docx) -- C:\Users\Derek\Desktop\にんほご.docx
[2011/02/28 00:52:48 | 000,015,922 | ---- | C] ()(C:\Users\Derek\Desktop\????.docx) -- C:\Users\Derek\Desktop\にんほご.docx
[2010/06/22 17:48:07 | 000,191,087 | -H-- | C] ()(C:\Users\Derek\Documents\?E?i.torrent) -- C:\Users\Derek\Documents\»È»î.torrent
[2010/06/21 20:20:09 | 000,191,087 | -H-- | M] ()(C:\Users\Derek\Documents\?E?i.torrent) -- C:\Users\Derek\Documents\»È»î.torrent

========== Alternate Data Streams ==========

@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:502D809E

< End of report >

OTL Extras logfile created on: 7/10/2011 3:34:41 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Derek\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.99 Gb Total Physical Memory | 2.04 Gb Available Physical Memory | 68.08% Memory free
6.21 Gb Paging File | 5.31 Gb Available in Paging File | 85.52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.75 Gb Total Space | 31.41 Gb Free Space | 13.49% Space Free | Partition Type: NTFS
Drive D: | 100.00 Mb Total Space | 70.12 Mb Free Space | 70.12% Space Free | Partition Type: NTFS

Computer Name: DEREK-PC | User Name: Derek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0625DCED-5151-48FC-AEF6-2EFA421CB2F3}" = lport=8065 | protocol=6 | dir=in | name=foxy (192.168.1.4:8065) 8065 tcp |
"{06D829EC-F27F-4215-ADE1-87F5EBC4BE3F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{1E5BFEB0-5AF5-4264-A7A1-B3C713F2D0DD}" = lport=49165 | protocol=6 | dir=in | name=akamai netsession interface |
"{30E688B3-FD15-4D58-8BCD-47E21F8888F6}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{3AFDE6C9-6677-4E34-9A30-FC2A7F98225E}" = lport=8065 | protocol=17 | dir=in | name=foxy (192.168.1.4:8065) 8065 udp |
"{41AA3A7C-6F4E-47E8-8C0F-4B71ED7C8294}" = lport=49158 | protocol=6 | dir=in | name=akamai netsession interface |
"{7C74AAE9-A419-46AD-93AA-308F38C5C1EE}" = lport=2869 | protocol=6 | dir=in | name=upnp framework (192.168.1.2:2869) 2869 tcp |
"{7FCFE775-6C29-44B3-A7F2-EDDB4AD1E7C4}" = lport=20608 | protocol=17 | dir=in | name=foxy (192.168.1.2:20608) 20608 udp |
"{83FE3C27-BAB8-48F5-B21E-EE652B5672BF}" = lport=20608 | protocol=6 | dir=in | name=foxy (192.168.1.2:20608) 20608 tcp |
"{88C6DE08-9162-4C77-B0E0-DFE2F88978EF}" = lport=3495 | protocol=6 | dir=in | name=foxy (192.168.1.5:3495) 3495 tcp |
"{9FF512A5-340E-4F79-864C-1AE54A8CF3C5}" = lport=3495 | protocol=17 | dir=in | name=foxy (192.168.1.5:3495) 3495 udp |
"{E6E04E31-DB80-45C3-A043-A533A9116C14}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{F1CC5D1D-5DDA-4376-BBC1-05E3D5FECE86}" = lport=1900 | protocol=17 | dir=in | name=upnp framework (192.168.1.2:1900) 1900 udp |
"{F84593E3-5A44-4000-A4C6-E6D058016A27}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1325825F-6379-4F03-8704-0E6A79CB6BEF}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{15192B42-31ED-45A9-946A-064890164547}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{18EA6631-3091-4A9A-95C7-08308390D7BC}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{1D472D73-FA50-4DAB-A8A4-CD07F9B29F44}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{2D754B35-BB17-4724-B0B4-85665BA39862}" = protocol=6 | dir=in | app=c:\program files\thunder network\webthunder\thunderliveud.exe |
"{30CA237E-28C0-4E56-BE3D-C61A064C89F5}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{34702519-0C36-4167-87F2-C1D3D3758CE9}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{37552D4A-4C81-46A6-B51D-CC0B441A46B2}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{65B5D9B4-7678-4CB3-A565-E6EBE43BAEDE}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9576E75B-5879-408B-B5F7-401D78B3EFD4}" = protocol=17 | dir=in | app=c:\program files\tencent\qq\bin\qq.exe |
"{9AE15165-CDAD-4CE5-8156-58FFFF33DFEC}" = protocol=6 | dir=in | app=c:\program files\tencent\qq\bin\qq.exe |
"{9B4BB77B-642F-4E97-BE11-7F78B210A44F}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{A448B3A4-917D-41BF-8155-6C4469000755}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{BF35CFF8-40EC-495C-B4CE-CA203EB31D0F}" = protocol=17 | dir=in | app=c:\program files\thunder network\webthunder\webthunder.exe |
"{CE78D91D-AA8B-4928-80A2-268ABDCE0781}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{D8D7F12A-6836-42AA-8FB2-3B0F0416D3BE}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"{E094ACEA-9ECD-4800-801C-9F5C95121DA8}" = protocol=17 | dir=in | app=c:\users\derek\desktop\videoconverter_setup.exe |
"{EDFFB199-FAC4-497E-ADB4-DBD94548394B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{EE659906-F07C-4EBC-8A18-C1211F037A56}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{FCAFC3B4-1115-42D4-AD85-ECA8926EBF80}" = protocol=6 | dir=in | app=c:\program files\thunder network\webthunder\webthunder.exe |
"{FCF04DC2-AE7D-48CC-B63B-69018DB4C6F0}" = protocol=6 | dir=in | app=c:\users\derek\desktop\videoconverter_setup.exe |
"{FEAEE82D-92B2-4899-A30C-CEAD06F83979}" = protocol=17 | dir=in | app=c:\program files\thunder network\webthunder\thunderliveud.exe |
"TCP Query User{60E41169-7BFF-4529-BE0B-066B32057FC1}E:\common\easyinstall\easyinstall.exe" = protocol=6 | dir=in | app=e:\common\easyinstall\easyinstall.exe |
"TCP Query User{6D109FC3-4427-43A5-AC52-4C5C7871DFDA}C:\program files\adobe\adobe flash builder 4\flashbuilder.exe" = protocol=6 | dir=in | app=c:\program files\adobe\adobe flash builder 4\flashbuilder.exe |
"TCP Query User{9D114346-D812-43C9-A4A9-623CA22FA2D6}C:\program files\qvodplayer\qvodterminal.exe" = protocol=6 | dir=in | app=c:\program files\qvodplayer\qvodterminal.exe |
"TCP Query User{EBF04022-7C82-425F-8F53-A9B982165204}C:\program files\foxy\foxy.exe" = protocol=6 | dir=in | app=c:\program files\foxy\foxy.exe |
"TCP Query User{EC77B6AB-7565-4A16-9C4A-B3E0FECB8426}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{EF6072D3-C147-42AA-B44C-C8BDAE90BD3E}C:\program files\mamessenger\mamessenger.exe" = protocol=6 | dir=in | app=c:\program files\mamessenger\mamessenger.exe |
"UDP Query User{03FE6520-738C-472C-91C6-2DBB62CB1F75}C:\program files\mamessenger\mamessenger.exe" = protocol=17 | dir=in | app=c:\program files\mamessenger\mamessenger.exe |
"UDP Query User{713EFF06-4607-4204-8590-F9845E7693D4}C:\program files\adobe\adobe flash builder 4\flashbuilder.exe" = protocol=17 | dir=in | app=c:\program files\adobe\adobe flash builder 4\flashbuilder.exe |
"UDP Query User{83BDFF5B-EEB1-4CBC-A338-4D08086D81C2}C:\program files\foxy\foxy.exe" = protocol=17 | dir=in | app=c:\program files\foxy\foxy.exe |
"UDP Query User{97DBF83A-A011-4C3F-90EC-8B69D3CB6933}C:\program files\qvodplayer\qvodterminal.exe" = protocol=17 | dir=in | app=c:\program files\qvodplayer\qvodterminal.exe |
"UDP Query User{A320969C-2A48-481F-BF89-4288C8A86B61}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{ECC1E585-7D31-4B44-AD5D-D049782FEFC4}E:\common\easyinstall\easyinstall.exe" = protocol=17 | dir=in | app=e:\common\easyinstall\easyinstall.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007811BF-E310-4285-BFC6-55DB29B3EDDE}" = WinPatrol
"{01818DDE-1A58-46CF-BB4C-D69C20AAB165}" = Bing Bar Platform
"{01A1A019-E1D8-482A-BE17-5E118D17C0A0}" = ArcSoft Print Creations - Brochure
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{052CFB79-9D62-42E3-8A15-DE66C2C97C3E}" = 騰訊QQ2009
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{14CAE90A-7395-4DF6-93AD-14AF6E52922B}" = Adobe Flash Player 10 Plugin
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java™ 6 Update 18
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{294BF709-D758-4363-8D75-01479AD20927}" = Windows Live Family Safety
"{2B0CDD4D-5C1A-47F7-89E2-9BF604670ABC}" = EpsonNet Config V3
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{350FB27C-CF62-4EF3-AF9D-70FF313FE221}" = iTunes
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{48F22622-1CC2-4A83-9C1E-644DD96F832D}" = Epson Event Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5EFA68C8-CFFD-407F-8B17-7D7C61D2F93A}" = InstallIQ Updater
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3963B0-E13B-4FC3-B0FF-506A304BB043}" = Cisco EAP-FAST Module
"{71B1913E-7702-436F-A225-6217A382118A}_is1" = 厙珜捃濘
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74EF259F-1DC6-4DEE-866B-0707173D7654}" = Adobe Flash Builder 4
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90280404-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AEEB3643-71DE-414d-9E3F-1159177FE211}" = Office Animation Runtime
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{B95B1BA9-F887-4B3C-8D3A-CCD4C4675120}" = Microsoft Default Manager
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4E3B199-DD29-72CB-237F-07E4D7A61925}" = Adobe Download Assistant
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2C29C93-171B-40CF-949E-B27E3E6F9EDE}" = Becker's CPA Exam Review and PassMaster - 2011 Edition
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F626E006-C06C-466A-B133-92C1991385CA}" = ArcSoft Print Creations
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"8461-7759-5462-8226" = Vuze
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Aiseesoft DVD to iPhone Suite_is1" = Aiseesoft DVD to iPhone Suite
"Akamai" = Akamai NetSession Interface
"Any Video Converter_is1" = Any Video Converter 3.0.7
"avast" = avast! Free Antivirus
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card Utility
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"com.adobe.TrialDownloader" = Adobe Download Assistant
"Daniusoft Video Converter_is1" = Daniusoft Video Converter(Build 3.0.2.0)
"Efficient Calendar_is1" = Efficient Calendar 1.66
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Scanner" = EPSON Scan
"EPSON WorkForce 600 Series" = EPSON WorkForce 600 Series Printer Uninstall
"Foxy_is1" = Foxy v1.9.10
"GNU Solfege_is1" = GNU Solfege 3.16.2
"HDMI" = Intel® Graphics Media Accelerator Driver
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"maMessenger 2.6.20.0" = maMessenger 2.6.20.0
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Office14.SingleImage" = Microsoft Office Professional 2010
"Picasa 3" = Picasa 3
"RealPlayer 12.0" = RealPlayer
"RER Video Converter_is1" = RER Video Converter
"ST6UNST #1" = Pitch Train
"Storm Codec 5" = Storm Codec
"TinyMediaConverter" = TinyMediaConverter 1.0.0.0
"WampServer 2_is1" = WampServer 2.1
"WebThunder" = 厙珜捃濘2009
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WinstronToolbar" = 麻吉工具列
"邧弝荌埏" = 邧弝荌埏 - 蟯伎辦畦畦溫

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 6/16/2011 6:28:41 PM | Computer Name = Derek-PC | Source = Application Error | ID = 1000
Description = Faulting application SZServer.exe, version 5.0.91.6, time stamp 0x4de94410,
faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code
0xc0000005, fault offset 0x00000000, process id 0x4c4, application start time 0x01cc2c74af3840df.

Error - 6/16/2011 6:29:45 PM | Computer Name = Derek-PC | Source = WinMgmt | ID = 10
Description =

Error - 6/16/2011 6:30:23 PM | Computer Name = Derek-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.19019, time stamp
0x4d0c3d4c, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception
code 0xc0000005, fault offset 0x00000000, process id 0xf90, application start time
0x01cc2c74cfba7e60.

Error - 6/16/2011 6:40:11 PM | Computer Name = Derek-PC | Source = Application Error | ID = 1000
Description = Faulting application SZServer.exe, version 5.0.91.6, time stamp 0x4de94410,
faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code
0xc0000005, fault offset 0x00000000, process id 0x4c0, application start time 0x01cc2c764a268d9a.

Error - 6/16/2011 6:41:24 PM | Computer Name = Derek-PC | Source = WinMgmt | ID = 10
Description =

Error - 6/16/2011 6:44:25 PM | Computer Name = Derek-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description =

Error - 6/16/2011 6:48:58 PM | Computer Name = Derek-PC | Source = WinMgmt | ID = 10
Description =

Error - 6/16/2011 6:59:09 PM | Computer Name = Derek-PC | Source = WinMgmt | ID = 10
Description =

Error - 6/16/2011 6:59:13 PM | Computer Name = Derek-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.19019, time stamp
0x4d0c3d4c, faulting module mshtml.dll, version 8.0.6001.19019, time stamp 0x4d0c53b1,
exception code 0xc0000096, fault offset 0x00001136, process id 0xcac, application
start time 0x01cc2c78d9ba216b.

Error - 7/10/2011 6:26:48 PM | Computer Name = Derek-PC | Source = WinMgmt | ID = 10
Description =

[ Broadcom Wireless LAN Events ]
Error - 6/6/2011 12:31:27 AM | Computer Name = Derek-PC | Source = WLAN-Tray | ID = 0
Description = 21:31:27, Sun, Jun 05, 11 Error - User "" does not have administrative
privileges on this system

Error - 6/6/2011 12:31:27 AM | Computer Name = Derek-PC | Source = WLAN-Tray | ID = 0
Description = 21:31:27, Sun, Jun 05, 11 Error - User "" does not have administrative
privileges on this system

Error - 6/6/2011 1:00:02 AM | Computer Name = Derek-PC | Source = WLAN-Tray | ID = 0
Description = 22:00:02, Sun, Jun 05, 11 Error - User "" does not have administrative
privileges on this system

Error - 6/6/2011 1:00:02 AM | Computer Name = Derek-PC | Source = WLAN-Tray | ID = 0
Description = 22:00:02, Sun, Jun 05, 11 Error - User "" does not have administrative
privileges on this system

Error - 6/6/2011 1:30:33 AM | Computer Name = Derek-PC | Source = WLAN-Tray | ID = 0
Description = 22:30:33, Sun, Jun 05, 11 Error - User "" does not have administrative
privileges on this system

Error - 6/6/2011 1:30:33 AM | Computer Name = Derek-PC | Source = WLAN-Tray | ID = 0
Description = 22:30:33, Sun, Jun 05, 11 Error - User "" does not have administrative
privileges on this system

Error - 6/6/2011 1:44:09 AM | Computer Name = Derek-PC | Source = WLAN-Tray | ID = 0
Description = 22:44:09, Sun, Jun 05, 11 Error - User "" does not have administrative
privileges on this system

Error - 6/6/2011 1:44:09 AM | Computer Name = Derek-PC | Source = WLAN-Tray | ID = 0
Description = 22:44:09, Sun, Jun 05, 11 Error - User "" does not have administrative
privileges on this system

Error - 6/6/2011 7:35:13 PM | Computer Name = Derek-PC | Source = WLAN-Tray | ID = 0
Description = 16:35:13, Mon, Jun 06, 11 Error - User "" does not have administrative
privileges on this system

Error - 6/6/2011 7:35:13 PM | Computer Name = Derek-PC | Source = WLAN-Tray | ID = 0
Description = 16:35:13, Mon, Jun 06, 11 Error - User "" does not have administrative
privileges on this system

[ System Events ]
Error - 6/16/2011 6:45:54 PM | Computer Name = Derek-PC | Source = disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\DR0.

Error - 6/16/2011 6:45:54 PM | Computer Name = Derek-PC | Source = disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\DR0.

Error - 6/16/2011 6:45:54 PM | Computer Name = Derek-PC | Source = disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\DR0.

Error - 6/16/2011 6:48:58 PM | Computer Name = Derek-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 6/16/2011 6:48:58 PM | Computer Name = Derek-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 6/16/2011 6:59:09 PM | Computer Name = Derek-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 6/16/2011 6:59:09 PM | Computer Name = Derek-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 7/10/2011 6:25:29 PM | Computer Name = Derek-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 下午 04:10:25 on 2011/6/16 was unexpected.

Error - 7/10/2011 6:26:49 PM | Computer Name = Derek-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 7/10/2011 6:26:49 PM | Computer Name = Derek-PC | Source = Service Control Manager | ID = 7000
Description =


< End of report >

[Advertisements]

Hi there sorry for the delay - I will need a fresh look at your system please

Download aswMBR.exe ( 1.8mb ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan


On completion of the scan click save log, save it to your desktop and post in your next reply


THEN

• Run OTL.
• Select All Users
• Under the Custom Scan box paste this in
  
  netsvcs
  %SYSTEMDRIVE%\*.exe
  /md5start
  explorer.exe
  winlogon.exe
  Userinit.exe
  svchost.exe
  /md5stop
  %systemroot%\*. /mp /s
  hklm\software\clients\startmenuinternet|command /rs
  CREATERESTOREPOINT
  
  
• Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

[Essexboy]

Hi there sorry for the delay - I will need a fresh look at your system please

Download aswMBR.exe ( 1.8mb ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan


On completion of the scan click save log, save it to your desktop and post in your next reply


THEN

• Run OTL.
• Select All Users
• Under the Custom Scan box paste this in
  
  netsvcs
  %SYSTEMDRIVE%\*.exe
  /md5start
  explorer.exe
  winlogon.exe
  Userinit.exe
  svchost.exe
  /md5stop
  %systemroot%\*. /mp /s
  hklm\software\clients\startmenuinternet|command /rs
  CREATERESTOREPOINT
  
  
• Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

[apong1208]

The problem has taken a turn for the worse this morning. When I turn on the computer, it wont boot and gives a BSOD. It is the same thing in safe mode. Right before the Blue screen, it is trying to open crcdisk.sys. Please tell me what I should do. Thanks.

[Essexboy]

OK no problem we have the technology

Please print these instruction out so that you know what you are doing

Latest version: v3.1.46.0

OTLPENet.exe
MD5=79209302A1AFB2490808DB890A815CED
Size: 127,222,215b / 121.3MB

• Download the attached scan.txt to a USB drive [attachment=51342:scan.txt]
• Download OTLPENet.exe to your desktop
• Ensure that you have a blank CD in the drive
• Double click OTLPENet.exe and this will then open imgburn to burn the file to CD
  
• Reboot the poorly system using the boot CD you just created.
  Note : If you do not know how to set your computer to boot from CD follow the steps here
• As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads
  
  
• Your system should now display a Reatogo desktop.
  Note : as you are running from CD it is not exactly speedy
• Double-click on the OTLPE icon.
• Select the Windows folder of the infected drive if it asks for a location
• When asked "Do you wish to load the remote registry", select Yes
• When asked "Do you wish to load remote user profile(s) for scanning", select Yes
• Ensure the box "Automatically Load All Remaining Users" is checked and press OK
• OTL should now start.
• Double click the Custom scans and fixes box
• In the dialogue locate the scan.txt you have on the USB
• Press Run Scan to start the scan.
• When finished, the file will be saved in drive C:\OTL.txt
• Copy this file to your USB drive if you do not have internet connection on this system.
• Right click the file and select send to : select the USB drive.
• Confirm that it has copied to the USB drive by selecting it
• You can backup any files that you wish from this OS
• Please post the contents of the C:\OTL.txt file in your reply.

[apong1208]

hello, I have one more problem, my cd-rom is broken. Is there someway to boot it from another device? Thx

[Essexboy]

How about a USB drive

IMPORTANT:
You will need a flash drive with a size of 512 Mb or bigger. Make sure that you do not leave anything important on the flash drive, as all data on it will be deleted during the following steps.

• 
  
  • Download OTLPEStd.exe from the following link and save it to your Desktop: mirror1.
    
  • Download eeepcfr.zip from the following link and save it to your Desktop: the mirror
    
  • Finally, if you do not have a file archiver like 7-zip or Winrar installed, please download 7-zip from the following link and install it: the mirror
• Once you have 7-zip install, decompress OTLPEStd.exe by rightclicking on the folder and choosing the options shown in the picture below. Please use a dedicated folder, for example OTLPE, on your Desktop
  
  
  
  
• Open the folder OTLPEStd which will be created in the same location as OTLPEStd.exe and right-click OTLPE_New_Std.iso. Select 7-Zip and from the submenu select Extract files... and extract the content onto your Desktop in a OTLPE folder:
  
  
  
  
• Please also decompress eeepcfr to your systemroot (usually C:\).
  
• Empty the flash drive you want to install OTLPE on.
  
• Go to C:\eeecpfr and double-click usb_prep8.cmd to launch it.
  
• Press any key when asked to in the black window that opens.
  
• As indicated in the image, make sure you have selected the correct flash drive, before proceeding.
  For Drive Label: type in OTLPE.
  Under Source Path to built BartPE/WinPE Files click ... and select the folder OTLPE that you created on your Desktop.
  Finally check Enable File Copy.
  
  
  
  
  
• Click on Start, accept the disclaimers and wait for the program to finish.

Your bootable flash drive should now be ready!

[apong1208]

Hello, I have problem when I launch usb_prep8.cmd. The software do not detect my USB Flash drive. Is it because my Flash drive is FAT 32 format? So I must FAT 16 format Flash drive? Thank you

[Essexboy]

Yes ensure the Enable LBA (fat 16 ) is checked

[Essexboy]

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.