Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Rundll32 Error

Started by RyanMcDonald , Dec 09 2011 03:50 PM

  • Please log in to reply

#1
RyanMcDonald
Posted 09 December 2011 - 03:50 PM

RyanMcDonald

    New Member

  • Member
  • Pip
  • 1 posts
Hello, As I browse in google chrome, every 10 minutes i get a pop up saying my rundll32 has stopped working. i just click ok and go on as if nothing happened, and it doesnt seem to effect anything, other than me getting annoyed at pop up always showing...any help would be amazing, i looked everywhere online and found your site and registered to get a solution to this problem.

Please find my OTL Logs attached.

OTL logfile created on: 12/9/2011 4:44:33 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Ryan\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

3.75 Gb Total Physical Memory | 1.90 Gb Available Physical Memory | 50.80% Memory free
7.50 Gb Paging File | 5.69 Gb Available in Paging File | 75.85% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 913.84 Gb Total Space | 715.00 Gb Free Space | 78.24% Space Free | Partition Type: NTFS
Drive D: | 379.20 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: RAOUL | User Name: Ryan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/09 16:41:57 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Ryan\Downloads\OTL.exe
PRC - [2011/11/14 22:50:22 | 000,312,376 | ---- | M] (Power Software Ltd) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
PRC - [2011/08/31 04:59:14 | 000,274,216 | ---- | M] (Conduit Ltd.) -- C:\Users\Public\Conduit\ConduitHelper\ConduitHelper.exe
PRC - [2011/07/28 18:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/01/31 15:55:14 | 000,244,624 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2011/01/26 19:48:52 | 000,378,984 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/01/18 20:08:08 | 000,620,136 | ---- | M] () -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
PRC - [2009/04/07 12:53:32 | 000,030,440 | ---- | M] () -- C:\Program Files (x86)\dcmsvc\dcmsvc.exe


========== Modules (No Company Name) ==========

MOD - [2011/11/14 12:25:39 | 000,424,504 | ---- | M] () -- C:\Users\Ryan\AppData\Local\Google\Chrome\Application\17.0.938.0\ppgooglenaclpluginchrome.dll
MOD - [2011/11/14 12:25:38 | 003,767,864 | ---- | M] () -- C:\Users\Ryan\AppData\Local\Google\Chrome\Application\17.0.938.0\pdf.dll
MOD - [2011/11/14 12:24:03 | 000,122,952 | ---- | M] () -- C:\Users\Ryan\AppData\Local\Google\Chrome\Application\17.0.938.0\avutil-51.dll
MOD - [2011/11/14 12:24:01 | 000,222,280 | ---- | M] () -- C:\Users\Ryan\AppData\Local\Google\Chrome\Application\17.0.938.0\avformat-53.dll
MOD - [2011/11/14 12:24:00 | 001,746,504 | ---- | M] () -- C:\Users\Ryan\AppData\Local\Google\Chrome\Application\17.0.938.0\avcodec-53.dll
MOD - [2011/11/14 09:11:29 | 008,593,056 | ---- | M] () -- C:\Users\Ryan\AppData\Local\Google\Chrome\Application\17.0.938.0\gcswf32.dll
MOD - [2011/07/28 18:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/28 18:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/01/18 20:08:08 | 000,620,136 | ---- | M] () -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
MOD - [2009/04/07 12:53:32 | 000,030,440 | ---- | M] () -- C:\Program Files (x86)\dcmsvc\dcmsvc.exe
MOD - [2009/02/14 04:04:38 | 000,756,040 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/11/15 12:30:22 | 000,062,512 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe -- (UPDATESRV)
SRV:64bit: - [2011/11/15 12:30:03 | 001,936,040 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe -- (VSSERV)
SRV:64bit: - [2011/10/27 08:49:58 | 000,466,736 | ---- | M] (BitDefender) [On_Demand | Stopped] -- C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe -- (Update Server)
SRV:64bit: - [2011/01/31 15:55:14 | 000,244,624 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service)
SRV:64bit: - [2009/08/10 18:01:06 | 000,206,880 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV:64bit: - [2009/08/10 18:01:04 | 000,626,208 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM))
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/12/07 12:11:16 | 000,253,600 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/01/26 19:48:52 | 000,378,984 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/12/02 10:11:14 | 000,543,528 | ---- | M] (BitDefender) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\avckf.sys -- (avckf)
DRV:64bit: - [2011/12/02 10:11:13 | 000,685,192 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avc3.sys -- (avc3)
DRV:64bit: - [2011/12/02 10:11:13 | 000,258,736 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avchv.sys -- (avchv)
DRV:64bit: - [2011/11/22 07:30:31 | 000,103,504 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys -- (bdfwfpf)
DRV:64bit: - [2011/11/14 22:50:14 | 000,125,376 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2011/11/04 12:06:01 | 000,526,392 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011/11/01 12:03:41 | 000,329,800 | ---- | M] (BitDefender S.R.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\trufos.sys -- (trufos)
DRV:64bit: - [2011/10/20 07:34:49 | 000,079,952 | ---- | M] (BitDefender SRL) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bdsandbox.sys -- (bdsandbox)
DRV:64bit: - [2011/04/14 13:01:38 | 000,075,160 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2011/03/24 14:36:22 | 000,431,176 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\bdfsfltr.sys -- (bdfsfltr)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/16 17:23:46 | 000,074,240 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2011/01/15 11:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 22:24:15 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/08/12 11:07:50 | 000,350,952 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2010/08/10 22:40:06 | 001,014,624 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2010/01/19 18:32:40 | 000,103,944 | ---- | M] (BitDefender) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bdvedisk.sys -- (BDVEDISK)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009/06/10 15:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/01/09 14:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV - [2010/10/12 16:36:20 | 000,021,504 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\libusb0.sys -- (libusb0)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:1.0.10.1959
FF - prefs.js..extensions.enabledItems: [email protected]:1.9.3
FF - prefs.js..extensions.enabledItems: [email protected]:1.9.3
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.6.1959
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.6.1985
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.21.1959
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.9.1959
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.9.1959
FF - prefs.js..extensions.enabledItems: {7fea29e4-d5c5-41d1-983f-7c8d2b8a612f}:2.3.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.3.7
FF - prefs.js..extensions.enabledItems: [email protected]:0.4.1.3
FF - prefs.js..extensions.enabledItems: {6039188e-d135-11df-bcc9-c7e1ded72085}:1.2.10

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_121.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_121.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/11/20 23:39:44 | 000,000,000 | ---D | M]

[2011/10/30 15:57:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ryan\AppData\Roaming\Mozilla\Extensions
[2011/10/30 15:57:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ryan\AppData\Roaming\Mozilla\Extensions\[email protected]
[2011/11/16 18:44:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/10/29 09:05:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES (X86)\SONGBIRD\EXTENSIONS\[email protected]
File not found (No name found) -- C:\PROGRAM FILES (X86)\SONGBIRD\EXTENSIONS\[email protected]
File not found (No name found) -- C:\PROGRAM FILES (X86)\SONGBIRD\EXTENSIONS\[email protected]
[2011/10/30 16:17:54 | 000,000,000 | ---D | M] ("MLyrics") -- C:\USERS\RYAN\APPDATA\ROAMING\SONGBIRD2\PROFILES\2AOSX44S.DEFAULT\EXTENSIONS\{6039188E-D135-11DF-BCC9-C7E1DED72085}
[2011/10/30 16:17:57 | 000,000,000 | ---D | M] (Glossy Coat 2) -- C:\USERS\RYAN\APPDATA\ROAMING\SONGBIRD2\PROFILES\2AOSX44S.DEFAULT\EXTENSIONS\{7FEA29E4-D5C5-41D1-983F-7C8D2B8A612F}
[2011/10/30 16:17:54 | 000,000,000 | ---D | M] (BirdTune) -- C:\USERS\RYAN\APPDATA\ROAMING\SONGBIRD2\PROFILES\2AOSX44S.DEFAULT\EXTENSIONS\[email protected]
[2011/10/30 15:59:04 | 000,000,000 | ---D | M] (CD Rip Support) -- C:\USERS\RYAN\APPDATA\ROAMING\SONGBIRD2\PROFILES\2AOSX44S.DEFAULT\EXTENSIONS\[email protected]
[2011/10/30 16:17:54 | 000,000,000 | ---D | M] (MorningPeeps) -- C:\USERS\RYAN\APPDATA\ROAMING\SONGBIRD2\PROFILES\2AOSX44S.DEFAULT\EXTENSIONS\[email protected]
[2011/10/30 15:59:04 | 000,000,000 | ---D | M] (MSC Device Support) -- C:\USERS\RYAN\APPDATA\ROAMING\SONGBIRD2\PROFILES\2AOSX44S.DEFAULT\EXTENSIONS\[email protected]
[2011/10/30 15:59:04 | 000,000,000 | ---D | M] (MTP Device Support) -- C:\USERS\RYAN\APPDATA\ROAMING\SONGBIRD2\PROFILES\2AOSX44S.DEFAULT\EXTENSIONS\[email protected]
[2011/10/30 15:59:04 | 000,000,000 | ---D | M] (QuickTime Playback) -- C:\USERS\RYAN\APPDATA\ROAMING\SONGBIRD2\PROFILES\2AOSX44S.DEFAULT\EXTENSIONS\[email protected]
[2011/10/30 15:59:04 | 000,000,000 | ---D | M] (Windows Media Playback) -- C:\USERS\RYAN\APPDATA\ROAMING\SONGBIRD2\PROFILES\2AOSX44S.DEFAULT\EXTENSIONS\[email protected]
[2011/10/03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/09/24 20:59:25 | 000,151,552 | ---- | M] (PopCap Games) -- C:\Program Files (x86)\mozilla firefox\plugins\nppopcaploader.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Ryan\AppData\Local\Google\Chrome\Application\17.0.938.0\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Ryan\AppData\Local\Google\Chrome\Application\17.0.938.0\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Ryan\AppData\Local\Google\Chrome\Application\17.0.938.0\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: PopCap Games Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppopcaploader.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Sexy Undo Close Tab = C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcennaiejdjpomgmmohhpgnjlmpcjmbg\7.1.1_0\
CHR - Extension: YouTube = C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\
CHR - Extension: Google Search = C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: LastPass = C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.80.2_0\
CHR - Extension: Similar Sites = C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\necpbmbhhdiplmfhmjicabdeighkndkn\1.6.6_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Gmail = C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
O4:64bit: - HKLM..\Run: [BDAgent] C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe (Bitdefender)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ConduitHelper] C:\Users\Public\Conduit\ConduitHelper\ConduitHelper.exe (Conduit Ltd.)
O4 - HKLM..\Run: [dcmsvc] C:\Program Files (x86)\dcmsvc\dcmsvc.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThumbnailCache = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: link = [binary data]
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5393C967-C674-47B3-BF5E-24FC98098A83}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2001/12/12 22:15:27 | 000,053,248 | R--- | M] () - D:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [1999/01/18 20:30:20 | 000,010,454 | R--- | M] () - D:\autorun.ico -- [ CDFS ]
O32 - AutoRun File - [2003/06/05 10:28:33 | 000,000,046 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{7dae8175-e716-11e0-8148-f80f411bf498}\Shell - "" = AutoRun
O33 - MountPoints2\{eff8c04b-80a9-11e0-b813-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{eff8c04b-80a9-11e0-b813-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Launch.exe -- [2001/11/13 14:48:53 | 000,126,976 | R--- | M] (InstallShield Software Corporation)
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Autorun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/12/09 12:13:09 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{7CECAA7A-FD50-4ED6-9A48-CE7E464CFC19}
[2011/12/09 11:32:02 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{BBBD41FC-F2FC-47E2-9085-9BDCE6B30D13}
[2011/12/08 11:55:54 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{A07B1D7C-0C48-4938-ABB4-CE66042CB159}
[2011/12/08 11:55:39 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{BDE0EAEF-8B06-416A-9F34-25D6F17F1CD3}
[2011/12/08 10:40:19 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{72126F0F-6CA3-439C-A019-6B04D6DD49EF}
[2011/12/07 23:45:43 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{652F2A75-3029-4B9A-84ED-7900CD47AFDA}
[2011/12/07 13:56:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/12/07 13:56:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011/12/07 13:55:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2011/12/07 13:55:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2011/12/07 10:38:23 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\SCE
[2011/12/07 02:15:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Ride Games
[2011/12/07 02:04:32 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\APN
[2011/12/07 01:37:27 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{9B3546DB-9B6E-4F37-9AC0-86743B5A7BC5}
[2011/12/07 01:37:15 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{A95652F0-7D36-4401-B8B5-2361BA4DBEC4}
[2011/12/06 13:43:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
[2011/12/06 13:43:58 | 000,125,376 | ---- | C] (Power Software Ltd) -- C:\Windows\SysNative\drivers\scdemu.sys
[2011/12/06 13:43:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PowerISO
[2011/12/06 13:29:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Pro
[2011/12/06 13:20:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinMount
[2011/12/06 13:05:25 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Roaming\WinMount
[2011/12/06 13:05:12 | 000,000,000 | ---D | C] -- C:\Program Files\WinMount
[2011/12/06 13:05:10 | 000,092,536 | ---- | C] (WinMount International Inc) -- C:\Windows\SysWow64\drivers\WMDrive.sys
[2011/12/06 12:51:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elaborate Bytes
[2011/12/05 22:44:45 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{D6C77101-ECC4-49DE-B9B7-0152AD635623}
[2011/12/05 22:44:32 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{B11B6864-B06A-4ACD-929B-6BF17D54E32F}
[2011/12/05 19:02:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2011/12/05 19:02:47 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Roaming\SystemRequirementsLab
[2011/12/05 16:11:08 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\Deployment
[2011/12/05 16:11:08 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\Apps
[2011/12/05 16:10:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Easy
[2011/12/05 16:10:41 | 000,000,000 | ---D | C] -- C:\Program Files\Registry Easy
[2011/12/03 17:32:55 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Roaming\dll-files.com
[2011/12/03 17:32:46 | 000,352,256 | ---- | C] (Firelight Technologies Pty, Ltd) -- C:\Windows\SysWow64\fmod.dll
[2011/12/03 17:32:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dll-Files.com Fixer
[2011/12/03 17:22:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahtzee Deluxe
[2011/12/03 17:22:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahtzee Deluxe
[2011/12/03 17:14:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Zylom
[2011/12/03 17:05:47 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Roaming\Zylom
[2011/12/03 17:05:41 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\Zylom Games
[2011/12/03 13:53:04 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{2C2B46F6-B8AE-4E74-93A5-70DB62A32C16}
[2011/12/03 13:52:52 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{252275E6-84A4-4453-80D2-BBEA5C4C9D7C}
[2011/12/01 12:09:10 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{AAD80C78-74B0-4754-A48C-3F84CE4E3B0A}
[2011/12/01 12:08:58 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{992CBEC5-252A-471F-9797-F193AA0C769C}
[2011/12/01 11:59:00 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{94FC7D80-6D10-4E06-B5C7-5FBCD7B8C39F}
[2011/12/01 11:35:41 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{BB5E8E09-355E-4553-B216-1B37926593BA}
[2011/12/01 11:31:06 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AC3Filter
[2011/12/01 11:31:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter
[2011/12/01 11:31:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AC3Filter
[2011/11/30 18:06:10 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{5D86A4F6-0E56-4AF5-8AEA-2EE557179E5F}
[2011/11/30 17:23:13 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{FD5B4ADB-02D2-48EE-B0FC-29FB3246610D}
[2011/11/30 11:29:02 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{CC5D5C33-9CDA-4FAB-A228-B3B24280143E}
[2011/11/30 11:28:45 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{DA9A1DDE-E674-4475-834B-07150CF02CF7}
[2011/11/29 12:24:09 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{CDA7460E-AAAC-4F25-9C64-B78C101BE62C}
[2011/11/29 12:23:58 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{764EE4F3-7AE0-44A1-A0D2-6D0F86318962}
[2011/11/28 16:56:12 | 000,000,000 | ---D | C] -- C:\Windows\.jagex_cache_32
[2011/11/28 16:52:22 | 000,000,000 | ---D | C] -- C:\Users\Ryan\jagexcache1
[2011/11/28 16:47:38 | 000,000,000 | ---D | C] -- C:\Users\Ryan\jagexcache
[2011/11/28 11:21:37 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{2B1120E5-CAA9-4BED-ACD7-E825EEC6D0FF}
[2011/11/28 11:21:25 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{A361FC95-6CCF-4C5D-AF50-9FD8866EF830}
[2011/11/27 13:38:57 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{D44EED08-C78F-4626-A69D-1BE1ADC6825C}
[2011/11/27 13:38:45 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{8DB5F62F-3EA5-4620-B2CF-A50DBE88C8F4}
[2011/11/27 00:53:36 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{5C64F2A4-D835-4D5A-8979-346113D24D9C}
[2011/11/27 00:53:24 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{3B402C46-2B47-405A-8A93-0CBC0ACE73DB}
[2011/11/26 00:14:09 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{AFB9DAB5-785A-4607-97F7-30CD477C3047}
[2011/11/26 00:13:57 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{86D812D4-AC93-44C5-A6FC-A06DB363258B}
[2011/11/24 22:24:54 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{68368392-2CA6-411B-9439-324CBD3BC98C}
[2011/11/24 22:24:42 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{E50E2E80-AC48-4797-9309-74DFA20101C4}
[2011/11/24 13:55:50 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{48222C59-1B37-49C6-9F0D-8AB1137A947B}
[2011/11/24 13:55:38 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{3C5FB32C-B227-4782-B22A-B7F2E144B3E3}
[2011/11/24 13:39:29 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{0F763BC7-5526-4009-B6CC-26F590F3F82E}
[2011/11/24 13:38:33 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{F2E37A69-FFCD-4E10-AC1A-F51B04EC4549}
[2011/11/23 20:26:17 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{2D7CB676-F284-43C2-BCB5-F4FD60033539}
[2011/11/23 20:26:05 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{9FB12AF4-33AE-4415-9C3E-E26C3BBA4A18}
[2011/11/23 19:24:45 | 000,000,000 | ---D | C] -- C:\Microgaming
[2011/11/23 19:24:45 | 000,000,000 | ---D | C] -- C:\ProgramData\MGS
[2011/11/22 00:05:18 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{7397633D-A816-4838-91CE-1EA6932D137D}
[2011/11/22 00:05:06 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{2769EB7E-F924-4CC7-AD73-A7EDF624A9C6}
[2011/11/20 23:38:48 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2011/11/20 23:38:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2011/11/16 18:34:54 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011/11/15 13:14:04 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Roaming\PeaZip
[2011/11/14 21:00:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riding Star
[2011/11/14 20:59:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Riding Star
[2011/11/14 20:58:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\directx
[2011/11/14 20:57:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Equestriad 2001
[2011/11/14 20:56:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Equestriad 2001
[2011/11/13 20:26:24 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{AB39EFC0-5712-42A1-A749-8E12CAD03996}
[2011/11/13 20:26:12 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{40641CC6-CDF5-445D-BF13-98BDA2EDA423}
[2011/11/11 10:01:00 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{C92A9EAB-04D1-4D46-9AA6-B5C2B9077180}
[2011/11/11 10:00:48 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{4B9F6D12-29EE-4CE0-A4C7-FC9A01666D83}
[2011/11/10 19:48:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011/11/10 12:07:04 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{6DAE3D2C-EF2E-4B17-B975-410F88295ADD}
[2011/11/10 12:06:52 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{E9FB3044-1009-400A-ACB2-B81EE7F92EF9}
[2011/11/10 10:28:04 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2011/11/10 10:28:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2011/11/10 10:28:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/12/09 16:45:49 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/09 16:45:49 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/09 16:11:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2011/12/09 15:51:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/09 15:10:03 | 000,000,024 | ---- | M] () -- C:\Users\Ryan\random.dat
[2011/12/09 14:56:17 | 000,000,043 | ---- | M] () -- C:\Users\Ryan\jagex_cl_runescape_LIVE.dat
[2011/12/09 14:51:00 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/08 09:35:16 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/12/08 09:35:16 | 000,628,024 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/12/08 09:35:16 | 000,110,208 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/12/08 09:30:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/12/08 09:30:41 | 3019,399,168 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/07 11:02:50 | 000,413,312 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/12/07 02:15:30 | 000,000,064 | ---- | M] () -- C:\Windows\GPlrLanc.dat
[2011/12/06 13:43:59 | 000,001,015 | ---- | M] () -- C:\Users\Public\Desktop\PowerISO.lnk
[2011/12/06 13:05:10 | 000,092,536 | ---- | M] (WinMount International Inc) -- C:\Windows\SysWow64\drivers\WMDrive.sys
[2011/12/05 16:10:42 | 000,000,815 | ---- | M] () -- C:\Users\Ryan\Desktop\Registry Easy.lnk
[2011/12/05 16:09:05 | 000,001,047 | ---- | M] () -- C:\Users\Ryan\Desktop\Yahtzee.exe - Shortcut.lnk
[2011/12/03 18:20:50 | 000,000,042 | ---- | M] () -- C:\Windows\SysWow64\FixHelpmate.lie
[2011/12/03 13:42:43 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/12/02 10:11:14 | 000,543,528 | ---- | M] (BitDefender) -- C:\Windows\SysNative\drivers\avckf.sys
[2011/12/02 10:11:13 | 000,685,192 | ---- | M] (BitDefender) -- C:\Windows\SysNative\drivers\avc3.sys
[2011/12/02 10:11:13 | 000,258,736 | ---- | M] (BitDefender) -- C:\Windows\SysNative\drivers\avchv.sys
[2011/11/28 18:02:10 | 000,000,044 | ---- | M] () -- C:\Users\Ryan\jagex_cl_runescape_LIVE1.dat
[2011/11/20 23:39:46 | 000,002,084 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2011/11/20 23:39:46 | 000,001,613 | ---- | M] () -- C:\Users\Ryan\Desktop\DivX Movies.lnk
[2011/11/20 23:39:19 | 000,001,080 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2011/11/19 12:29:48 | 000,001,158 | ---- | M] () -- C:\Windows\wininit.ini
[2011/11/16 18:34:56 | 000,002,312 | ---- | M] () -- C:\Users\Ryan\Desktop\Google Chrome.lnk
[2011/11/15 17:30:52 | 000,166,400 | ---- | M] () -- C:\Users\Ryan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/14 22:50:14 | 000,125,376 | ---- | M] (Power Software Ltd) -- C:\Windows\SysNative\drivers\scdemu.sys
[2011/11/14 21:00:47 | 000,002,519 | ---- | M] () -- C:\Users\Public\Desktop\Riding Star.lnk
[2011/11/13 20:26:28 | 000,082,946 | ---- | M] () -- C:\Users\Ryan\Documents\Sarnia Skating Schedule.pdf
[2011/11/11 16:25:00 | 000,000,093 | ---- | M] () -- C:\Windows\popcinfo.dat
[2011/11/10 19:48:29 | 000,001,983 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/12/07 11:02:40 | 000,413,312 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/12/07 10:43:25 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2011/12/07 02:15:30 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2011/12/06 13:43:59 | 000,001,015 | ---- | C] () -- C:\Users\Public\Desktop\PowerISO.lnk
[2011/12/05 16:10:42 | 000,000,815 | ---- | C] () -- C:\Users\Ryan\Desktop\Registry Easy.lnk
[2011/12/04 02:09:09 | 000,001,047 | ---- | C] () -- C:\Users\Ryan\Desktop\Yahtzee.exe - Shortcut.lnk
[2011/12/03 18:20:50 | 000,000,042 | ---- | C] () -- C:\Windows\SysWow64\FixHelpmate.lie
[2011/11/28 16:52:22 | 000,000,044 | ---- | C] () -- C:\Users\Ryan\jagex_cl_runescape_LIVE1.dat
[2011/11/28 16:47:38 | 000,000,043 | ---- | C] () -- C:\Users\Ryan\jagex_cl_runescape_LIVE.dat
[2011/11/28 16:47:38 | 000,000,024 | ---- | C] () -- C:\Users\Ryan\random.dat
[2011/11/20 23:39:46 | 000,001,613 | ---- | C] () -- C:\Users\Ryan\Desktop\DivX Movies.lnk
[2011/11/20 23:39:19 | 000,001,080 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2011/11/20 23:38:55 | 000,002,084 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2011/11/16 18:34:56 | 000,002,312 | ---- | C] () -- C:\Users\Ryan\Desktop\Google Chrome.lnk
[2011/11/15 13:14:07 | 022,026,383 | ---- | C] () -- C:\Users\Ryan\Documents\Oblivion Game Guide.pdf
[2011/11/14 21:00:47 | 000,002,519 | ---- | C] () -- C:\Users\Public\Desktop\Riding Star.lnk
[2011/11/13 20:26:27 | 000,082,946 | ---- | C] () -- C:\Users\Ryan\Documents\Sarnia Skating Schedule.pdf
[2011/11/10 19:48:29 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011/11/10 19:48:29 | 000,001,983 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/11/04 11:54:42 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll
[2011/10/17 15:03:03 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2011/10/12 20:52:13 | 000,001,158 | ---- | C] () -- C:\Windows\wininit.ini
[2011/09/26 15:41:18 | 000,249,239 | ---- | C] () -- C:\ProgramData\1317068741.bdinstall.bin
[2011/09/25 19:11:26 | 000,000,093 | ---- | C] () -- C:\Windows\popcinfo.dat
[2011/09/24 23:45:12 | 000,000,239 | ---- | C] () -- C:\Windows\PowerReg.dat
[2011/09/17 21:09:32 | 000,166,400 | ---- | C] () -- C:\Users\Ryan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2011/09/20 06:39:42 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\Atari
[2011/09/26 15:32:55 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\Bitdefender
[2011/09/16 08:55:34 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\com.warnerbros.DigitalCopyManager.449F66ACC381FDC604DC2AA255FEECEEBBBEE1E5.1
[2011/11/06 23:40:33 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\DAEMON Tools Lite
[2011/12/06 13:35:48 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\DAEMON Tools Pro
[2011/12/03 17:32:55 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\dll-files.com
[2011/10/05 10:21:33 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\Foxit Software
[2011/11/04 13:22:14 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\Kalypso Media
[2011/09/20 06:39:02 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\Leadertech
[2011/09/15 18:50:10 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\Namco
[2011/09/16 07:24:45 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\National Instruments
[2011/09/15 18:08:54 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\OEM
[2011/11/15 13:14:06 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\PeaZip
[2011/09/16 07:34:20 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\Philipp Winterberg
[2011/10/26 14:36:49 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\PopCapv1000
[2011/10/26 14:55:30 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\PopCapv1001
[2011/10/26 14:53:00 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\PopCapv1002
[2011/10/26 14:21:10 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\PopCapv1003
[2011/10/26 14:56:00 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\PopCapv1004
[2011/10/26 17:05:10 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\PopCapv1006
[2011/09/26 15:26:08 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\QuickScan
[2011/09/17 21:08:27 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\Research In Motion
[2011/10/30 15:57:34 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\Songbird2
[2011/10/26 14:55:06 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\SpinTop Games
[2011/12/05 19:02:47 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\SystemRequirementsLab
[2011/12/09 16:28:55 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\uTorrent
[2011/09/25 18:16:00 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\ValuSoft
[2011/09/20 18:46:28 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\Windows Live Writer
[2011/12/06 13:08:11 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\WinMount
[2011/12/03 17:13:57 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\Zylom
[2009/07/14 00:08:49 | 000,029,654 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 99 bytes -> C:\ProgramData\Temp:1663E41B
@Alternate Data Stream - 16 bytes -> C:\Users\Ryan\Desktop\Google Chrome.lnk:BDU
@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:7C60A173

< End of report >

Attached Files


  • 0

Advertisements

#2
Jintan
Posted 11 December 2011 - 07:50 PM

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
Welcome to GeeksToGo RyanMcDonald,

Rundll32 usually suggest some display or panel, such as what shows when you right click a Taskbar icon, and open it's display. I see a Conduit folder, which is adware/spyware/search hijacking software, but nothing that suggests it is currently installed. Also the log shows you have a McAfee remnant active, so let's address that for now, then check things behind what OTL might show to be sure.


The system is Windows 7, so when running any of the scan files we use, be sure to right click the file, then select "Run as administrator" to start the scan/tool.

And To make sure you have an accurate view of files there, make sure you can View Hidden Files. Also uncheck "Hide Extensions for Known File Types"



To keep them from interfering with the repairs, be sure to temporarily disable all antivirus/anti-spyware softwares while these steps are being completed. This can usually be done through right clicking the software's Taskbar icons, or accessing each software through Start - Programs. Here are some antivirus disable tips if needed.

-------

Go here and follow the steps under:

Step 2 - Download and run MCPR.exe

Be sure to reboot after running that.

-------

Click here and download the installer for Gmer to your desktop, then click that file to run Gmer.


Once the opening scan finishes, click on Scan (again, before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan).

When completed, click on the Copy button and rightclick on your Desktop, choose "New" > Text document. Once the file is created, open it and rightclick again and choose Paste. Copy the information and post it here please.

Note - If Gmer shows it has located infection once it's opening scan completes, do not click the Scan button. We don't want hidden malware settings to cause any problems. Instead, just click on the Copy button and rightclick on your Desktop, choose "New" > Text document. Once the file is created, open it and rightclick again and choose Paste. Copy the information and post it here please.

-----------

Download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Decline a download of avast itself if offered
  • If avast! antivirus is already installed, go to the dropdown next to AV engine: and select (none)
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP