Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Computer freezes. Odd Solution Center pop-up on starting. crss.exe and

Started by Nikki2012 , May 25 2012 07:34 PM

  • Please log in to reply

#1
Nikki2012
Posted 25 May 2012 - 07:34 PM

Nikki2012

    New Member

  • Member
  • Pip
  • 6 posts
My computer has frequently been freezing when I am doing something simple like surfing webpages or watching videos on vlc. It freezes one program at a time (msn always seems to be last) and task manager (or anything else) will not open once this starts. I have a lot of problems using my cd drive. If there is anything in there on start-up it freezes immediately. When I start my computer up (and log-in) there is a pop-up that says solution center and it kind of scans across the screen and then it will pop up and say that it is not working and I need to insert a cd-rom. When I close it another pop-up about closing it comes up (basically asking if I am sure.) I have noticed that crss.exe and ati2vxx.exe are constantly running since this started and if they were running that much before I have never noticed.

Here is my OTL log:

OTL logfile created on: 5/25/2012 10:57:20 PM - Run 5
OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\Nikki\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.86 Gb Available Physical Memory | 62.23% Memory free
6.19 Gb Paging File | 5.15 Gb Available in Paging File | 83.24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 98.15 Gb Free Space | 42.15% Space Free | Partition Type: NTFS
Drive D: | 2.29 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: NIKKI-PC | User Name: Nikki | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/05/25 22:56:39 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Nikki\Downloads\OTL.exe
PRC - [2012/05/02 10:14:45 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/03/26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2012/01/03 10:40:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010/04/05 17:46:08 | 000,288,040 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2010/03/23 14:22:26 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2010/02/26 03:03:00 | 000,495,708 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2010/02/26 03:03:00 | 000,229,458 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\stacsv.exe
PRC - [2010/02/17 16:34:40 | 000,054,568 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2009/03/03 03:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\AEstSrv.exe
PRC - [2009/01/31 23:43:30 | 000,049,250 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2008/10/29 03:59:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/05/07 18:41:14 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/05/07 18:41:12 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe


========== Modules (No Company Name) ==========

MOD - [2012/05/06 03:04:20 | 008,797,856 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_2_202_235.dll
MOD - [2012/05/02 10:14:44 | 001,952,696 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/02/07 04:37:44 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\1ba19f8efcff8ad7f972aa38ab9a15f5\System.Runtime.Remoting.ni.dll
MOD - [2012/02/07 04:37:40 | 011,800,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\0a1195c6b5fab213527364c9e8b26ef0\System.Web.ni.dll
MOD - [2012/02/07 04:32:42 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dff86a62a525ec8dc827fe9f50298b7\System.ni.dll
MOD - [2012/02/07 04:32:32 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2008/12/10 18:05:52 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2008/11/17 08:29:10 | 000,054,784 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll


========== Win32 Services (SafeList) ==========

SRV - [2012/05/24 16:09:42 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/05/06 03:04:22 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/05/02 10:14:45 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/03/26 17:03:40 | 000,214,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/01/03 10:40:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/02/26 03:03:00 | 000,229,458 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\stacsv.exe -- (STacSV)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/03/03 03:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\AEstSrv.exe -- (AESTFilters)
SRV - [2008/05/07 18:41:14 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2008/01/20 23:53:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012/03/20 20:44:12 | 000,074,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2012/03/04 02:06:38 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\44022633.sys -- (44022633)
DRV - [2010/04/15 14:36:40 | 000,252,536 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2010/02/26 03:03:00 | 000,423,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2009/03/19 18:02:00 | 000,271,552 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA009Vid.sys -- (OA009Vid)
DRV - [2009/03/06 08:30:08 | 000,133,632 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA009Ufd.sys -- (OA009Ufd)
DRV - [2008/12/10 19:30:58 | 004,172,288 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/11/17 08:29:08 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/05/02 10:14:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012/02/05 01:25:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nikki\AppData\Roaming\Mozilla\Extensions
[2012/05/02 01:24:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nikki\AppData\Roaming\Mozilla\Firefox\Profiles\fghh76ve.default\extensions
[2012/02/12 16:24:00 | 000,012,703 | ---- | M] () -- C:\Users\Nikki\AppData\Roaming\Mozilla\Firefox\Profiles\fghh76ve.default\searchplugins\imdb.xml
[2012/02/06 02:20:10 | 000,002,057 | ---- | M] () -- C:\Users\Nikki\AppData\Roaming\Mozilla\Firefox\Profiles\fghh76ve.default\searchplugins\youtube-video-search.xml
[2012/03/18 00:04:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/02/14 03:35:13 | 000,550,833 | ---- | M] () (No name found) -- C:\USERS\NIKKI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FGHH76VE.DEFAULT\EXTENSIONS\[email protected]
[2012/05/02 10:14:45 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/01/29 11:06:35 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/01/29 11:06:35 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2012/04/17 13:13:40 | 000,001,794 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 adobe.activate.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 125.252.224.90
O1 - Hosts: 127.0.0.1 125.252.224.91
O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [BitTorrent] C:\Program Files\BitTorrent\BitTorrent.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - Startup: C:\Users\Nikki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O4 - Startup: C:\Users\Nikki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_44022633.lnk = C:\Users\Nikki\AppData\Local\Temp\_uninst_44022633.bat ()
O9 - Extra Button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{69CC0513-0734-4C21-8E96-E8FD5B881585}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Nikki\Downloads\aa7ea_1071898.jpg
O24 - Desktop BackupWallPaper: C:\Users\Nikki\Downloads\aa7ea_1071898.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 19:13:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2012/03/27 20:17:10 | 000,000,036 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{133b577e-50cc-11e1-8ccd-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{133b577e-50cc-11e1-8ccd-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Setup.exe -- [2012/03/27 20:18:38 | 000,044,576 | R--- | M] (Her Interactive, Inc.)
O33 - MountPoints2\{666d8bd9-4fcb-11e1-82d4-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{666d8bd9-4fcb-11e1-82d4-806e6f6e6963}\Shell\AutoRun\command - "" = D:\install.EXE id= ver=1.0.0.0
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/05/25 01:29:44 | 000,000,000 | ---D | C] -- C:\Users\Nikki\Documents\Tomb of the Lost Queen
[2012/05/25 01:13:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nancy Drew Prerequisites
[2012/05/25 01:13:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nancy Drew
[2012/05/25 01:13:10 | 000,000,000 | ---D | C] -- C:\Program Files\Nancy Drew
[2012/05/17 21:46:50 | 000,000,000 | R--D | C] -- C:\Users\Nikki\Videos
[2012/05/12 01:47:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2012/05/04 14:11:07 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\Nikki\Desktop\OTL.exe
[2012/05/02 10:14:47 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/05/02 10:14:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/04/27 11:48:42 | 000,000,000 | ---D | C] -- C:\Users\Nikki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
[2012/04/27 11:47:45 | 000,000,000 | ---D | C] -- C:\Users\Nikki\AppData\Local\Deployment
[2012/04/26 13:25:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2012/04/26 02:01:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2012/04/26 02:01:29 | 000,000,000 | ---D | C] -- C:\Users\Nikki\Desktop\What the...
[2012/04/26 01:13:51 | 000,000,000 | ---D | C] -- C:\Users\Nikki\Desktop\World of Warcraft

========== Files - Modified Within 30 Days ==========

[2012/05/25 22:51:22 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/25 22:51:22 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/25 22:51:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/25 22:51:11 | 3217,416,192 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/25 22:04:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/05/25 01:29:32 | 000,001,843 | ---- | M] () -- C:\Users\Public\Desktop\Play Tomb of the Lost Queen.lnk
[2012/05/24 23:58:44 | 000,089,088 | ---- | M] () -- C:\Users\Nikki\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/05/24 16:08:39 | 000,000,680 | ---- | M] () -- C:\Users\Nikki\AppData\Local\d3d9caps.dat
[2012/05/22 22:13:14 | 000,609,506 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/05/22 22:13:14 | 000,106,014 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/05/04 14:11:41 | 000,000,796 | ---- | M] () -- C:\Users\Nikki\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
[2012/05/04 14:11:41 | 000,000,772 | ---- | M] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2012/05/04 14:11:10 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Nikki\Desktop\OTL.exe
[2012/04/27 11:48:59 | 000,000,000 | ---- | M] () -- C:\Users\Nikki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
[2012/04/27 11:48:42 | 000,000,312 | ---- | M] () -- C:\Users\Nikki\Desktop\Curse Client.appref-ms
[2012/04/26 03:02:36 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif

========== Files Created - No Company Name ==========

[2012/05/25 01:29:32 | 000,001,843 | ---- | C] () -- C:\Users\Public\Desktop\Play Tomb of the Lost Queen.lnk
[2012/05/04 14:11:41 | 000,000,796 | ---- | C] () -- C:\Users\Nikki\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
[2012/05/04 14:11:41 | 000,000,772 | ---- | C] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2012/04/27 11:48:59 | 000,000,000 | ---- | C] () -- C:\Users\Nikki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
[2012/04/27 11:48:42 | 000,000,312 | ---- | C] () -- C:\Users\Nikki\Desktop\Curse Client.appref-ms
[2012/04/26 03:02:35 | 000,001,826 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/04/26 01:13:58 | 000,000,589 | ---- | C] () -- C:\Users\Nikki\Desktop\Launcher - Shortcut.lnk
[2012/04/17 21:46:23 | 000,000,132 | ---- | C] () -- C:\Users\Nikki\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012/02/23 00:06:58 | 000,137,623 | ---- | C] () -- C:\Windows\HPHins15.dat
[2012/02/06 03:18:00 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2012/02/06 03:18:00 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2012/02/05 03:36:24 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/02/05 01:34:21 | 000,089,088 | ---- | C] () -- C:\Users\Nikki\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/02/05 01:23:53 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll
[2012/02/05 01:23:47 | 000,054,784 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2012/02/05 01:23:44 | 000,026,112 | ---- | C] () -- C:\Windows\System32\WLTRYSVC.EXE
[2012/02/05 01:01:00 | 000,000,680 | ---- | C] () -- C:\Users\Nikki\AppData\Local\d3d9caps.dat
[2011/04/26 20:56:34 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2011/04/26 20:56:34 | 000,180,720 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011/04/26 20:56:34 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2011/04/26 20:56:34 | 000,081,920 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2011/04/26 20:56:34 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe

========== LOP Check ==========

[2012/05/25 22:52:00 | 000,000,000 | ---D | M] -- C:\Users\Nikki\AppData\Roaming\BitTorrent
[2012/02/06 15:39:18 | 000,000,000 | ---D | M] -- C:\Users\Nikki\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/03/21 19:13:45 | 000,000,000 | ---D | M] -- C:\Users\Nikki\AppData\Roaming\Elluminate
[2012/05/13 01:40:29 | 000,027,806 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
  • 0

Advertisements

#2
Crowbar
Posted 31 May 2012 - 05:50 AM

Crowbar

    Teacher

  • GeekU Moderator
  • 4,798 posts
Hello USER and welcome to Geeks To Go !!

My name is Crowbar and I'll be the malware removal Geek that will be helping you remove any infections you may have on your computer.
Please be patient with me as I am currently in training, and all of my responses to you have to be reviewed by my instructor before I post them.
You get an advantage as you have 2 people examining your issue.
  • Please read all of my response through at least once before attempting to follow the procedures described.
  • Please save my instructions as a text file on your desktop, or print them out, as you may not be able to access this thread at times.
  • Please follow the steps exactly as written, in the same order.
  • If there's anything you don't understand or isn't totally clear, please ask me any questions that you may have.
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you.
  • This process is not an instant process - please stick with me until I tell you that your machine is clean. If you don't see any symptoms it does not mean your system is clear of malware
  • Please don't run any other scans or other software unless I ask you to, as it will make this repair more difficult.

Sorry about the delay with your topic, Are you still having problems?
If so, please do the following:

Step 1
Since it's been over 5 days, I need to see a fresh set of logs, please delete your copy of OTL and
Download OTL to your Desktop

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select All Users
  • Under the Custom Scan box paste this in
netsvcs
msconfig
safebootminimal
safebootnetwork
%SYSTEMDRIVE%\*.exe
/md5start
consrv.dll
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
C:\Windows\assembly\tmp\U\*.* /s
C:\Program Files\Common Files\ComObjects\*.* /s
C:\windows\*. /RP /s
%Temp%\smtmp\1\*.*
%Temp%\smtmp\2\*.*
%Temp%\smtmp\3\*.*
%Temp%\smtmp\4\*.*
>C:\commands.txt echo list vol /raw /hide /c
/wait
>C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c
/wait
type c:\diskreport.txt /c
/wait
erase c:\commands.txt /hide /c
/wait
erase c:\diskreport.txt /hide /c
CREATERESTOREPOINT

  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs in your next response

Step 2
Download aswMBR.exe to your desktop.

Double click the aswMBR.exe to run it
Posted Image

Click the [Scan] button to start scan
Posted Image

On completion of the scan click [Save log], save it to your desktop and post in your next reply

In your next reply I would like to see:
  • new OTL log
  • Your original Extras.txt log (it will be located in C:\Users\Nikki\Downloads)
  • aswMBR log

  • 0

#3
Essexboy
Posted 04 June 2012 - 05:41 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0

#4
Crowbar
Posted 10 June 2012 - 05:15 AM

Crowbar

    Teacher

  • GeekU Moderator
  • 4,798 posts
Hello Nikki2012,
Please follow the instructions in post #2 and post the logs for me to review.
  • 0

#5
Nikki2012
Posted 10 June 2012 - 06:45 AM

Nikki2012

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
OTL logfile created on: 6/9/2012 10:55:43 PM - Run 6
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\Nikki\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.88 Gb Available Physical Memory | 62.62% Memory free
6.19 Gb Paging File | 5.11 Gb Available in Paging File | 82.59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 58.03 Gb Free Space | 24.92% Space Free | Partition Type: NTFS

Computer Name: NIKKI-PC | User Name: Nikki | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/09 22:53:40 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Nikki\Downloads\OTL(1).exe
PRC - [2012/05/02 10:14:45 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/04/09 11:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/03/26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2012/01/03 10:40:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010/04/05 17:46:08 | 000,288,040 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2010/03/23 14:22:26 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2010/02/26 03:03:00 | 000,495,708 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2010/02/26 03:03:00 | 000,229,458 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\stacsv.exe
PRC - [2010/02/17 16:34:40 | 000,054,568 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2009/03/03 03:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\AEstSrv.exe
PRC - [2009/01/31 23:43:30 | 000,049,250 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2008/10/29 03:59:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/05/07 18:41:14 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/05/07 18:41:12 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe


========== Modules (No Company Name) ==========

MOD - [2012/05/02 10:14:44 | 001,952,696 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/02/07 04:37:46 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d9228d58804dfd75fd92a4d12ffac8af\Accessibility.ni.dll
MOD - [2012/02/07 04:37:44 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\1ba19f8efcff8ad7f972aa38ab9a15f5\System.Runtime.Remoting.ni.dll
MOD - [2012/02/07 04:37:40 | 011,800,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\0a1195c6b5fab213527364c9e8b26ef0\System.Web.ni.dll
MOD - [2012/02/07 04:37:25 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\aa3e053d433c48e1e8c3f436b4de1ed3\System.Configuration.ni.dll
MOD - [2012/02/07 04:34:08 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cfb60f99da570cc494e27e0e8ee747e2\System.Xml.ni.dll
MOD - [2012/02/07 04:33:52 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\381fb23cb39e1a61e13b8770eb9800ba\System.Windows.Forms.ni.dll
MOD - [2012/02/07 04:33:43 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f1aa2385c0109f3059e0e6ba8b58ff68\System.Drawing.ni.dll
MOD - [2012/02/07 04:32:42 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dff86a62a525ec8dc827fe9f50298b7\System.ni.dll
MOD - [2012/02/07 04:32:32 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
MOD - [2012/02/05 01:15:13 | 001,691,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3266.29383__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2012/02/05 01:15:13 | 000,278,528 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3266.29368__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2012/02/05 01:15:13 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3266.29384__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2012/02/05 01:15:13 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3266.29380__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2012/02/05 01:15:13 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3266.29375__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2012/02/05 01:15:12 | 000,466,944 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3266.29459__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2012/02/05 01:15:12 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3266.29460__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2012/02/05 01:15:12 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3266.29438__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2012/02/05 01:15:12 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3266.29374__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2012/02/05 01:15:12 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3266.29418__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2012/02/05 01:15:12 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3266.29405__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2012/02/05 01:15:11 | 000,344,064 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3266.29424__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2012/02/05 01:15:11 | 000,147,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3266.29459__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll
MOD - [2012/02/05 01:15:11 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3266.29424__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2012/02/05 01:15:11 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3266.29423__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2012/02/05 01:15:10 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3266.29458__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2012/02/05 01:15:08 | 000,811,008 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3266.29408__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2012/02/05 01:15:08 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3266.29433__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2012/02/05 01:15:08 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3266.29407__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2012/02/05 01:15:07 | 000,716,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3266.29376__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2012/02/05 01:15:07 | 000,589,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3266.29385__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2012/02/05 01:15:07 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3266.29417__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2012/02/05 01:15:07 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3266.29388__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2012/02/05 01:15:07 | 000,225,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3266.29385__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2012/02/05 01:15:07 | 000,122,880 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3266.29416__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2012/02/05 01:15:07 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3266.29388__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2012/02/05 01:15:07 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3266.29415__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2012/02/05 01:15:07 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3266.29417__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2012/02/05 01:15:06 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3266.29406__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2012/02/05 01:15:06 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3266.29406__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2012/02/05 01:15:06 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3266.29407__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2012/02/05 01:15:06 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3218.28677__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2012/02/05 01:15:06 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3218.28672__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2012/02/05 01:15:06 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3218.28683__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2012/02/05 01:15:06 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3218.28705__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2012/02/05 01:15:06 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3218.28685__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2012/02/05 01:15:06 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3218.28705__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2012/02/05 01:15:05 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2012/02/05 01:15:04 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3218.28664__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2012/02/05 01:15:04 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3218.28665__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2012/02/05 01:15:04 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3218.28686__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2012/02/05 01:15:03 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2012/02/05 01:15:03 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3218.28687__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2012/02/05 01:15:03 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3218.28687__90ba9c70f846762e\DEM.OS.dll
MOD - [2012/02/05 01:15:03 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2012/02/05 01:15:03 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3218.28688__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2012/02/05 01:15:03 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2012/02/05 01:15:02 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3218.28666__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2012/02/05 01:15:02 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3218.28678__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2012/02/05 01:15:02 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3218.28694__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2012/02/05 01:15:02 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3218.28702__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2012/02/05 01:15:02 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3218.28727__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2012/02/05 01:15:02 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3218.28681__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2012/02/05 01:15:02 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3218.28678__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2012/02/05 01:15:02 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3218.28672__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2012/02/05 01:15:02 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3218.28676__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2012/02/05 01:15:02 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3218.28690__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2012/02/05 01:15:02 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3218.28688__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2012/02/05 01:15:01 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3218.28693__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2012/02/05 01:15:01 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3218.28701__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2012/02/05 01:15:01 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3218.28689__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2012/02/05 01:15:00 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3218.28694__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2012/02/05 01:15:00 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3218.28692__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2012/02/05 01:15:00 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3218.28692__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2012/02/05 01:15:00 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3218.28694__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2012/02/05 01:15:00 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3218.28685__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2012/02/05 01:15:00 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3218.28690__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2012/02/05 01:15:00 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3218.28688__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2012/02/05 01:15:00 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3218.28686__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2012/02/05 01:15:00 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3218.28693__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2012/02/05 01:15:00 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3218.28685__90ba9c70f846762e\APM.Foundation.dll
MOD - [2012/02/05 01:14:59 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3266.29453__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2012/02/05 01:14:59 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3266.29468__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2012/02/05 01:14:59 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3218.28672__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2012/02/05 01:14:59 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2012/02/05 01:14:59 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3218.28686__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2012/02/05 01:14:59 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.3218.28670__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2012/02/05 01:14:59 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3218.28678__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2012/02/05 01:14:59 | 000,014,848 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2012/02/05 01:14:59 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2012/02/05 01:14:59 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.3266.29476__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll
MOD - [2012/02/05 01:14:59 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3266.29366__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2012/02/05 01:14:58 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3266.29451__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2012/02/05 01:14:58 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3218.28670__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2012/02/05 01:14:57 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3266.29379__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2012/02/05 01:14:57 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3218.28681__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2012/02/05 01:14:56 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3266.29366__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2012/02/05 01:14:56 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3266.29368__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2012/02/05 01:14:56 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3218.28682__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2012/02/05 01:14:53 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3218.28682__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2012/02/05 01:14:52 | 001,073,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3266.29372__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2012/02/05 01:14:52 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3218.28675__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2012/02/05 01:14:52 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3218.28695__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2012/02/05 01:14:51 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3266.29367__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2012/02/05 01:14:51 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2012/02/05 01:14:51 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3266.29452__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2012/02/05 01:14:50 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3266.29365__90ba9c70f846762e\APM.Server.dll
MOD - [2012/02/05 01:14:50 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3266.29366__90ba9c70f846762e\AEM.Server.dll
MOD - [2012/01/09 20:44:20 | 000,166,912 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2008/12/10 18:05:52 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2008/11/17 08:29:10 | 000,054,784 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll


========== Win32 Services (SafeList) ==========

SRV - [2012/05/24 16:09:42 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/05/06 03:04:22 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/05/03 08:31:10 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/02 10:14:45 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/04/09 11:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/03/26 17:03:40 | 000,214,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/01/03 10:40:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/02/26 03:03:00 | 000,229,458 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\stacsv.exe -- (STacSV)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/03/03 03:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_0145da1d\AEstSrv.exe -- (AESTFilters)
SRV - [2008/05/07 18:41:14 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2008/01/20 23:53:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012/03/20 20:44:12 | 000,074,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2012/03/04 02:06:38 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\44022633.sys -- (44022633)
DRV - [2010/04/15 14:36:40 | 000,252,536 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2010/02/26 03:03:00 | 000,423,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2009/03/19 18:02:00 | 000,271,552 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA009Vid.sys -- (OA009Vid)
DRV - [2009/03/06 08:30:08 | 000,133,632 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA009Ufd.sys -- (OA009Ufd)
DRV - [2008/12/10 19:30:58 | 004,172,288 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/11/17 08:29:08 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3710531815-1547149420-105203629-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3710531815-1547149420-105203629-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3710531815-1547149420-105203629-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKU\S-1-5-21-3710531815-1547149420-105203629-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/05/02 10:14:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012/02/05 01:25:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nikki\AppData\Roaming\Mozilla\Extensions
[2012/05/02 01:24:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nikki\AppData\Roaming\Mozilla\Firefox\Profiles\fghh76ve.default\extensions
[2012/02/12 16:24:00 | 000,012,703 | ---- | M] () -- C:\Users\Nikki\AppData\Roaming\Mozilla\Firefox\Profiles\fghh76ve.default\searchplugins\imdb.xml
[2012/02/06 02:20:10 | 000,002,057 | ---- | M] () -- C:\Users\Nikki\AppData\Roaming\Mozilla\Firefox\Profiles\fghh76ve.default\searchplugins\youtube-video-search.xml
[2012/05/27 04:44:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/05/27 04:44:02 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/02/14 03:35:13 | 000,550,833 | ---- | M] () (No name found) -- C:\USERS\NIKKI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FGHH76VE.DEFAULT\EXTENSIONS\[email protected]
[2012/05/02 10:14:45 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/01/29 11:06:35 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/01/29 11:06:35 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2012/04/17 13:13:40 | 000,001,794 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 adobe.activate.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 125.252.224.90
O1 - Hosts: 127.0.0.1 125.252.224.91
O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3710531815-1547149420-105203629-1000..\Run: [BitTorrent] C:\Program Files\BitTorrent\BitTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-3710531815-1547149420-105203629-1000..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-3710531815-1547149420-105203629-1000..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - Startup: C:\Users\Nikki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O4 - Startup: C:\Users\Nikki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_44022633.lnk = C:\Users\Nikki\AppData\Local\Temp\_uninst_44022633.bat ()
O9 - Extra Button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{69CC0513-0734-4C21-8E96-E8FD5B881585}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Nikki\Downloads\aa7ea_1071898.jpg
O24 - Desktop BackupWallPaper: C:\Users\Nikki\Downloads\aa7ea_1071898.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 19:13:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{133b577e-50cc-11e1-8ccd-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{133b577e-50cc-11e1-8ccd-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Setup.exe
O33 - MountPoints2\{666d8bd9-4fcb-11e1-82d4-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{666d8bd9-4fcb-11e1-82d4-806e6f6e6963}\Shell\AutoRun\command - "" = D:\install.EXE id= ver=1.0.0.0
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found


SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MsMpSvc - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: MsMpSvc - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/05/27 04:44:03 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2012/05/27 04:43:45 | 000,000,000 | ---D | C] -- C:\Users\Nikki\AppData\Roaming\Skype
[2012/05/27 04:43:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/05/27 04:43:35 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012/05/27 04:43:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012/05/27 04:43:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012/05/25 01:29:44 | 000,000,000 | ---D | C] -- C:\Users\Nikki\Documents\Tomb of the Lost Queen
[2012/05/25 01:13:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nancy Drew Prerequisites
[2012/05/25 01:13:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nancy Drew
[2012/05/25 01:13:10 | 000,000,000 | ---D | C] -- C:\Program Files\Nancy Drew
[2012/05/17 21:46:50 | 000,000,000 | R--D | C] -- C:\Users\Nikki\Videos
[2012/05/12 01:47:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders

========== Files - Modified Within 30 Days ==========

[2012/06/09 22:54:12 | 000,002,339 | ---- | M] () -- C:\Users\Nikki\Documents\Document.rtf
[2012/06/09 22:46:31 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/09 22:46:30 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/09 22:46:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/09 22:46:20 | 3215,335,424 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/09 21:04:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/06/03 23:47:23 | 000,112,128 | ---- | M] () -- C:\Users\Nikki\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/05/31 23:34:25 | 000,609,506 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/05/31 23:34:25 | 000,106,014 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/05/27 04:43:36 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/05/25 01:29:32 | 000,001,843 | ---- | M] () -- C:\Users\Public\Desktop\Play Tomb of the Lost Queen.lnk
[2012/05/24 16:08:39 | 000,000,680 | ---- | M] () -- C:\Users\Nikki\AppData\Local\d3d9caps.dat

========== Files Created - No Company Name ==========

[2012/06/09 22:54:12 | 000,002,339 | ---- | C] () -- C:\Users\Nikki\Documents\Document.rtf
[2012/05/27 04:43:36 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/05/25 01:29:32 | 000,001,843 | ---- | C] () -- C:\Users\Public\Desktop\Play Tomb of the Lost Queen.lnk
[2012/04/17 21:46:23 | 000,000,132 | ---- | C] () -- C:\Users\Nikki\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012/02/23 00:06:58 | 000,137,623 | ---- | C] () -- C:\Windows\HPHins15.dat
[2012/02/06 03:18:00 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2012/02/06 03:18:00 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2012/02/05 03:36:24 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/02/05 01:34:21 | 000,112,128 | ---- | C] () -- C:\Users\Nikki\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/02/05 01:23:53 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll
[2012/02/05 01:23:47 | 000,054,784 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2012/02/05 01:23:44 | 000,026,112 | ---- | C] () -- C:\Windows\System32\WLTRYSVC.EXE
[2012/02/05 01:01:00 | 000,000,680 | ---- | C] () -- C:\Users\Nikki\AppData\Local\d3d9caps.dat
[2011/04/26 20:56:34 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2011/04/26 20:56:34 | 000,180,720 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011/04/26 20:56:34 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2011/04/26 20:56:34 | 000,081,920 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2011/04/26 20:56:34 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe

========== LOP Check ==========

[2012/06/09 22:52:03 | 000,000,000 | ---D | M] -- C:\Users\Nikki\AppData\Roaming\BitTorrent
[2012/02/06 15:39:18 | 000,000,000 | ---D | M] -- C:\Users\Nikki\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/03/21 19:13:45 | 000,000,000 | ---D | M] -- C:\Users\Nikki\AppData\Roaming\Elluminate
[2012/05/30 22:25:55 | 000,032,602 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >
[2007/11/07 09:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< MD5 for: EXPLORER.EXE >
[2008/10/29 03:50:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 03:59:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\explorer.exe
[2008/10/29 03:59:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/30 01:29:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 03:57:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SoftwareDistribution\Download\bcfed137e95e2bc1b83ef80262a82b16\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/27 23:45:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/20 23:54:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: SVCHOST.EXE >
[2008/01/20 23:53:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/20 23:53:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: USERINIT.EXE >
[2008/01/20 23:54:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/20 23:54:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/04/11 03:58:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\bcfed137e95e2bc1b83ef80262a82b16\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/20 23:54:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe
[2008/01/20 23:54:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT /s >
"DisplayName" = NETBT
"Group" = PNP_TDI
"ImagePath" = System32\DRIVERS\netbt.sys -- [2008/01/20 23:54:59 | 000,184,320 | ---- | M] (Microsoft Corporation)
"Description" = This service implements NetBios over TCP/IP.
"ErrorControl" = 1
"Start" = 1
"Type" = 1
"DependOnService" = Tdxtcpip [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Linkage]
"OtherDependencies" = Tcpip [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters]
"BcastNameQueryCount" = 3
"BcastQueryTimeout" = 750
"CacheTimeout" = 600000
"EnableLMHOSTS" = 1
"NameServerPort" = 137
"NameSrvQueryCount" = 3
"NameSrvQueryTimeout" = 1500
"NbProvider" = _tcp
"SessionKeepAlive" = 3600000
"Size/Small/Medium/Large" = 1
"TransportBindName" = \Device\
"UseNewSmb" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{69CC0513-0734-4C21-8E96-E8FD5B881585}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Security]
"Security" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Enum]
"0" = Root\LEGACY_NETBT\0000
"Count" = 1
"NextInstance" = 1

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS /s >
"Type" = 2
"Start" = 1
"ErrorControl" = 1
"Tag" = 2
"ImagePath" = system32\DRIVERS\netbios.sys -- [2008/01/20 23:54:20 | 000,035,840 | ---- | M] (Microsoft Corporation)
"DisplayName" = NetBIOS Interface
"Group" = NetBIOSGroup
"Description" = NetBIOS Interface
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage]
"LanaMap" = 01 01 01 00 01 03 01 02 [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Parameters]
"MaxLana" = 3
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Parameters\Winsock]
"HelperDllName" = %SystemRoot%\System32\wshnetbs.dll -- [2006/11/02 07:16:14 | 000,011,264 | ---- | M] (Microsoft Corporation)
"MaxSockAddrLength" = 20
"MinSockAddrLength" = 20
"Mapping" = 02 00 00 00 03 00 00 00 11 00 00 00 05 00 00 00 00 00 00 00 11 00 00 00 02 00 00 00 00 00 00 00 [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Enum]
"0" = Root\LEGACY_NETBIOS\0000
"Count" = 1
"NextInstance" = 1

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/05/02 10:14:42 | 000,866,992 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/05/02 10:14:42 | 000,866,992 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/05/02 10:14:42 | 000,866,992 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/05/02 10:14:45 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/05/02 10:14:45 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/05/02 10:14:45 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2008/01/20 23:54:17 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2008/01/20 23:54:17 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2008/01/20 23:54:17 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/04/21 12:32:30 | 000,634,648 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/05/02 10:14:42 | 000,866,992 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/05/02 10:14:42 | 000,866,992 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/05/02 10:14:42 | 000,866,992 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/05/02 10:14:45 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/05/02 10:14:45 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/05/02 10:14:45 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2008/01/20 23:54:17 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2008/01/20 23:54:17 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2008/01/20 23:54:17 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/04/21 12:32:30 | 000,634,648 | ---- | M] (Microsoft Corporation)

< C:\Windows\assembly\tmp\U\*.* /s >

< C:\Program Files\Common Files\ComObjects\*.* /s >

< C:\windows\*. /RP /s >

< %Temp%\smtmp\1\*.* >

< %Temp%\smtmp\2\*.* >

< %Temp%\smtmp\3\*.* >

< %Temp%\smtmp\4\*.* >

< type c:\diskreport.txt /c >
Microsoft DiskPart version 6.0.6001
Copyright © 1999-2007 Microsoft Corporation.
On computer: NIKKI-PC
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
Volume 0 D DVD-ROM 0 B No Media
Volume 1 C NTFS Partition 233 GB Healthy System

< End of report >



aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-09 23:12:43
-----------------------------
23:12:43.988 OS Version: Windows 6.0.6001 Service Pack 1
23:12:43.989 Number of processors: 2 586 0x170A
23:12:43.989 ComputerName: NIKKI-PC UserName: Nikki
23:12:45.044 Initialize success
23:13:21.435 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
23:13:21.437 Disk 0 Vendor: TOSHIBA_ GJ00 Size: 238475MB BusType: 3
23:13:21.490 Disk 0 MBR read successfully
23:13:21.492 Disk 0 MBR scan
23:13:21.494 Disk 0 Windows VISTA default MBR code
23:13:21.504 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 238473 MB offset 2048
23:13:21.508 Disk 0 scanning sectors +488394752
23:13:21.578 Disk 0 scanning C:\Windows\system32\drivers
23:13:30.546 Service scanning
23:13:43.843 Service MpKsl9cba7cf6 c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{02A815D3-779F-4921-941F-28F4B93691F0}\MpKsl9cba7cf6.sys **LOCKED** 32
23:14:02.041 Modules scanning
23:14:18.029 Scan finished successfully
23:15:50.964 Disk 0 MBR has been saved successfully to "C:\Users\Nikki\Desktop\MBR.dat"
23:15:50.995 The log file has been saved successfully to "C:\Users\Nikki\Desktop\aswMBR.txt"




The extras file did not appear when I ran OTL. I even did a search of my computer for it.
  • 0

#6
Crowbar
Posted 11 June 2012 - 10:06 AM

Crowbar

    Teacher

  • GeekU Moderator
  • 4,798 posts
Hello Nikki2012,

I am not seeing any malware in your logs, but I would like to run another scan to look at another part of your system

Step 1
Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


In your next reply I would like to see:
  • Result.txt

  • 0

#7
Nikki2012
Posted 12 June 2012 - 09:25 AM

Nikki2012

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
MiniToolBox by Farbar Version: 09-06-2012
Ran by Nikki (administrator) on 12-06-2012 at 12:52:35
Microsoft® Windows Vista™ Home Premium Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================

127.0.0.1 hl2rcv.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 adobe.activate.com
127.0.0.1 adobeereg.com
127.0.0.1 www.adobeereg.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 125.252.224.90

There are 1 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Dell Wireless 1397 WLAN Mini-Card = Wireless Network Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Nikki-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : phub.net.cable.rogers.com

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : phub.net.cable.rogers.com
Description . . . . . . . . . . . : Dell Wireless 1397 WLAN Mini-Card
Physical Address. . . . . . . . . : 00-25-56-31-A7-D8
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::9864:b6ea:5a15:371b%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.11(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, June 09, 2012 10:46:29 PM
Lease Expires . . . . . . . . . . : Monday, June 18, 2012 2:45:05 AM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : phub.net.cable.rogers.com
Description . . . . . . . . . . . : isatap.phub.net.cable.rogers.com
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:38e6:9f9:518b:e446(Preferred)
Link-local IPv6 Address . . . . . : fe80::38e6:9f9:518b:e446%11(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: phub.net.cable.rogers.com
Address: 192.168.0.1

Name: google.com
Addresses: 2607:f8b0:400b:801::1000
74.125.226.6
74.125.226.9
74.125.226.1
74.125.226.0
74.125.226.2
74.125.226.8
74.125.226.7
74.125.226.14
74.125.226.3
74.125.226.5
74.125.226.4



Pinging google.com [74.125.226.4] with 32 bytes of data:

Reply from 74.125.226.4: bytes=32 time=57ms TTL=55

Reply from 74.125.226.4: bytes=32 time=57ms TTL=55



Ping statistics for 74.125.226.4:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 57ms, Maximum = 57ms, Average = 57ms

Server: phub.net.cable.rogers.com
Address: 192.168.0.1

Name: yahoo.com
Addresses: 209.191.122.70
98.139.183.24
72.30.38.140



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:

Reply from 209.191.122.70: bytes=32 time=88ms TTL=52

Reply from 209.191.122.70: bytes=32 time=284ms TTL=52



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 88ms, Maximum = 284ms, Average = 186ms

Server: phub.net.cable.rogers.com
Address: 192.168.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
10 ...00 25 56 31 a7 d8 ...... Dell Wireless 1397 WLAN Mini-Card
1 ........................... Software Loopback Interface 1
12 ...00 00 00 00 00 00 00 e0 isatap.phub.net.cable.rogers.com
11 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.11 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.11 281
192.168.0.11 255.255.255.255 On-link 192.168.0.11 281
192.168.0.255 255.255.255.255 On-link 192.168.0.11 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.11 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.11 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
11 18 ::/0 On-link
1 306 ::1/128 On-link
11 18 2001::/32 On-link
11 266 2001:0:4137:9e76:38e6:9f9:518b:e446/128
On-link
10 281 fe80::/64 On-link
11 266 fe80::/64 On-link
11 266 fe80::38e6:9f9:518b:e446/128
On-link
10 281 fe80::9864:b6ea:5a15:371b/128
On-link
1 306 ff00::/8 On-link
11 266 ff00::/8 On-link
10 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/11/2012 11:52:00 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 7.0.6001.18639 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 12fc
Start Time: 01cd48415e100250
Termination Time: 15

Error: (06/11/2012 02:02:25 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\NIKKI\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\FGHH76VE.DEFAULT\CACHE\9> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (06/11/2012 02:02:25 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\NIKKI\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\FGHH76VE.DEFAULT\CACHE\9> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (06/11/2012 02:02:19 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\NIKKI\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\FGHH76VE.DEFAULT\CACHE\8> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (06/11/2012 02:02:19 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\NIKKI\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\FGHH76VE.DEFAULT\CACHE\8> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (06/11/2012 02:02:17 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\NIKKI\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\FGHH76VE.DEFAULT\CACHE\7> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (06/11/2012 02:02:17 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\NIKKI\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\FGHH76VE.DEFAULT\CACHE\7> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (06/11/2012 02:02:16 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\NIKKI\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\FGHH76VE.DEFAULT\CACHE\6> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (06/11/2012 02:02:16 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\NIKKI\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\FGHH76VE.DEFAULT\CACHE\6> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (06/11/2012 02:02:15 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\NIKKI\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\FGHH76VE.DEFAULT\CACHE\5> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)


System errors:
=============
Error: (06/09/2012 10:52:29 PM) (Source: Service Control Manager) (User: )
Description: Windows Update

Error: (06/09/2012 10:48:07 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (06/09/2012 10:46:27 PM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueueKerberos

Error: (06/09/2012 10:46:24 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 10:28:23 PM on 6/9/2012 was unexpected.

Error: (06/09/2012 10:26:54 PM) (Source: Service Control Manager) (User: )
Description: Windows Update

Error: (06/09/2012 10:22:13 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (06/09/2012 10:20:34 PM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueueKerberos

Error: (06/09/2012 10:20:31 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 9:59:55 PM on 6/9/2012 was unexpected.

Error: (06/09/2012 07:59:47 PM) (Source: Service Control Manager) (User: )
Description: Windows Update

Error: (06/09/2012 07:55:47 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Adobe AIR (Version: 3.1.0.4880)
Adobe Community Help (Version: 3.4.980)
Adobe Download Assistant (Version: 1.0.6)
Adobe Flash Player 11 ActiveX (Version: 11.2.202.235)
Adobe Flash Player 11 Plugin (Version: 11.2.202.235)
Adobe Media Player (Version: 1.8)
Adobe Photoshop CS5 (Version: 12.0)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Install Manager (Version: 3.0.704.0)
BitTorrent (Version: 7.6.1)
Blocks That Matter
Bonjour (Version: 3.0.0.10)
Braid
BufferChm (Version: 90.0.146.000)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2008.1210.1623.29379)
Catalyst Control Center Graphics Full Existing (Version: 2008.1210.1623.29379)
Catalyst Control Center Graphics Full New (Version: 2008.1210.1623.29379)
Catalyst Control Center Graphics Light (Version: 2008.1210.1623.29379)
Catalyst Control Center Graphics Previews Common (Version: 2008.1210.1623.29379)
Catalyst Control Center Graphics Previews Vista (Version: 2008.1210.1623.29379)
Catalyst Control Center InstallProxy (Version: 2008.1210.1623.29379)
ccc-core-static (Version: 2008.1210.1623.29379)
ccc-utility (Version: 2008.1210.1623.29379)
CCC Help English (Version: 2008.1210.1622.29379)
Cisco EAP-FAST Module (Version: 2.1.6)
Cisco LEAP Module (Version: 1.0.12)
Cisco PEAP Module (Version: 1.0.13)
Cogs
Crayon Physics Deluxe
Curse Client (Version: 4.0.1.260)
CustomerResearchQFolder (Version: 1.00.0000)
D2400 (Version: 90.0.200.000)
D2400_Help (Version: 90.0.200.000)
Dell Resource CD (Version: 1.00.0000)
Dell Touchpad (Version: 7.1007.115.102)
Dell Wireless WLAN Card Utility (Version: 5.10.38.30)
DeviceDiscovery (Version: 90.0.146.000)
DeviceManagementQFolder (Version: 1.00.0000)
dj_sf_ProductContext (Version: 90.0.200.000)
dj_sf_software (Version: 90.0.200.000)
dj_sf_software_req (Version: 90.0.200.000)
HP Customer Participation Program 9.0 (Version: 9.0)
HP Deskjet Printer Driver Software 9.0 (Version: 9.0)
HP Imaging Device Functions 9.0 (Version: 9.0)
HP Photosmart Essential 2.01 (Version: 2.01)
HP Photosmart Essential2.01 (Version: 1.01.0000)
HP Smart Web Printing (Version: 2.15.7.0)
HP Update (Version: 4.000.006.002)
HPSSupply (Version: 2.2.0.0000)
IceChat 7.70 (Build 20101031) (Version: 7.70)
IDT Audio (Version: 1.0.6272.0)
Integrated Webcam Driver (1.02.01.0320) (Version: 1.02.01.0320)
Intel® Matrix Storage Manager
InterActual Player
iTunes (Version: 10.6.1.7)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
MarketResearch (Version: 90.0.146.000)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
MSVCRT (Version: 14.0.1468.721)
Nancy Drew: Tomb of the Lost Queen (Version: 8.0.0.30162)
Osmos
PanoStandAlone (Version: 90.0.146.000)
PDF Settings CS5 (Version: 10.0)
Plants vs. Zombies: Game of the Year
PSSWCORE (Version: 2.01.0000)
Realtek USB 2.0 Card Reader (Version: 6.0.6000.20113)
Skins (Version: 2008.1210.1623.29379)
Skype Click to Call (Version: 5.11.9874)
Skype™ 5.9 (Version: 5.9.115)
Status (Version: 90.0.146.000)
Steam (Version: 1.0.0.0)
Super Meat Boy
Toolbox (Version: 90.0.146.000)
TrayApp (Version: 90.0.146.000)
Trine
UnloadSupport (Version: 9.0.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2598290) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VideoToolkit01 (Version: 90.0.146.000)
VLC media player 1.1.11 (Version: 1.1.11)
VVVVVV
Warnings at Waverly Academy Trailer
WebReg (Version: 90.0.146.000)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Upload Tool (Version: 14.0.8014.1029)
WinRAR 4.10 (32-bit) (Version: 4.10.0)
World of Goo

========================= Devices: ================================

Name: Ethernet Controller
Description: Ethernet Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SM Bus Controller
Description: SM Bus Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


========================= Memory info: ===================================

Percentage of memory in use: 36%
Total physical RAM: 3067.64 MB
Available physical RAM: 1952.3 MB
Total Pagefile: 6353.56 MB
Available Pagefile: 5116.79 MB
Total Virtual: 2047.88 MB
Available Virtual: 1949.04 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:232.88 GB) (Free:53.29 GB) NTFS

========================= Users: ========================================

User accounts for \\NIKKI-PC

Administrator Guest Nikki

========================= Minidump Files ==================================


**** End of log ****
  • 0

#8
Crowbar
Posted 18 June 2012 - 10:06 AM

Crowbar

    Teacher

  • GeekU Moderator
  • 4,798 posts
Hello Nikki2012,
Sorry about the delay, I somehow missed the notification that you answered my post.
Step 1
You are behind one service pack for Windows Vista, Service Pack 2 is available and you are at Service Pack 1, so I would like you to upgrade to SP2.
Please go here and download then install Service Pack 2

Step 2
Please make sure you have Windows Update turned on-
  • Open Windows Update by clicking the Start button Picture of the Start button, clicking All Programs, and then clicking Windows Update.
  • In the left pane, click Change settings
  • Under Important updates, please make sure that "Install updatea automatically (recommended)" is selected tjem.

Step 3
I see that you have 2 problem devices, can you please tell me make and model number of your computer so I can find the right drivers and fix those problem devices.
  • 0

#9
Nikki2012
Posted 18 June 2012 - 10:17 AM

Nikki2012

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Thanks, I have been trying to update my service pack but my computer tends to freeze up while I am doing it.
I have a Dell Inspiron 1545
  • 0

#10
Crowbar
Posted 18 June 2012 - 11:49 AM

Crowbar

    Teacher

  • GeekU Moderator
  • 4,798 posts
Are you sure it's freezing? The SP update can take a while to complete.

I would like to take a deeper look at your event logs:

  • Please download the Event Viewer Tool by Vino Rosso VEW and save it to your Desktop:
  • Double-click VEW.exe
  • Under 'Select log to query', select:
  • Application
  • System
Under 'Select type to list', select:
  • Error
  • Information

Click the radio button for 'Date of events'
  • In the From: boxes type 12 06 2012
    In the To: boxes type 18 06 2012
    Then click the Run button.
    Notepad will open with the output log.
Please post the Output log in your next reply

In the meantime I will be looking up your driver info.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP