Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

2 days ago, computer went completely unstable and is running a few unk


  • Please log in to reply

#1
th1nker

th1nker

    Member

  • Member
  • PipPip
  • 38 posts
Description:

So this is my sister's work computer, but I've been tasked with fixing it for her. The issue started a few days ago while she was running photoshop. The computer would freeze to the point that the task manager couldn't even start, and would remain nonreactive until reboot. Upon reboot, the photoshop file that was being worked on would be completely corrupt, as would any copy of it that she made for back-up. This trashed several of my sister's files which obviously isn't good for an illustrator. Aside from crashing during photoshop, it crashes basically any time she would try to multitask. In any case, when my computer seemed to be completely and utterly on the fritz, you guys came through and helped me fix it in less than two hours. For that, I thank you, and I hope that you can help me again :) OTL log at the bottom of this post.

I noticed a few unrecognized processes running. One was alarmclock.exe which seemed to be related to gigabyte after research, the other was related to AMD (external events utility). I assumed that the files were infected by something. I attempted a fix which I described below, but that might have messed things up a bit more than before. Now, the computer is running but it is too unstable to work on anything for prolonged periods. It can barely handle browsing the internet and seems to freeze or blue screen abruptly. It even froze while I was creating this thread.

This is definitely not related to the computer being underspec'd because the thing is running an i7 2600k, 16gb ram, a recent/modern gpu, and has been a beast at running any program until a few days ago.

Attempted fix:

After some research, it looked like other people were having similar problems and solved them by going into computer > manage > services > and disabling the amd external events utility. That got rid of one of the unknown processes (I don't recall the .exe name atm) but didn't fix the stability. I wasn't able to find out anything about alarmclock.exe except that other people who saw it in the task manager also had similar problems to mine. I wasn't able to disable it or end task it. Next, I ran malware bytes, MSI, and ccleaner. The first two found nothing. I ran a registry fix using ccleaner because I thought the registry might have been damaged. It found roughly 100+ errors and fixed them, so the computer is much more stable but still crashes very often. I'm not sure how much of this is my fault, but hopefully I didn't do too much damage.



OTL Log:

OTL logfile created on: 4/5/2013 7:35:30 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Izabella\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16521)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

15.92 Gb Total Physical Memory | 13.74 Gb Available Physical Memory | 86.33% Memory free
31.84 Gb Paging File | 29.38 Gb Available in Paging File | 92.29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119.14 Gb Total Space | 35.25 Gb Free Space | 29.58% Space Free | Partition Type: NTFS
Drive X: | 931.51 Gb Total Space | 818.57 Gb Free Space | 87.88% Space Free | Partition Type: NTFS

Computer Name: WINTOSH-PRO | User Name: Izabella | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/04/05 19:35:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Izabella\Desktop\OTL.exe
PRC - [2013/04/03 12:49:45 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/03/16 15:53:44 | 000,035,008 | ---- | M] (Starfield Technologies) -- C:\Users\Izabella\AppData\Local\Workspace\workspaceupdate.exe
PRC - [2013/03/12 22:02:23 | 001,822,424 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
PRC - [2013/03/06 04:59:12 | 002,569,168 | ---- | M] () -- C:\ProgramData\Browser Manager\2.6.1125.80\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
PRC - [2013/02/28 15:15:34 | 001,183,456 | ---- | M] (Starfield Technologies) -- C:\Program Files (x86)\Workspace\offSyncService.exe
PRC - [2012/12/18 10:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/11/13 14:07:24 | 000,168,384 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2012/11/13 14:07:20 | 001,369,624 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2012/11/13 14:07:16 | 001,103,392 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2011/04/30 01:32:54 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/04/30 01:32:50 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/10/12 14:56:40 | 000,979,328 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
PRC - [2010/06/22 03:48:30 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\CustoPackTools\utils\RocketDock\RocketDock.exe
PRC - [2010/04/22 16:05:26 | 001,011,712 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Program Files (x86)\GIGABYTE\smart6\timelock\AlarmClock.exe
PRC - [2009/10/13 17:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe
PRC - [2009/06/17 17:13:06 | 000,068,136 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
PRC - [2009/05/21 19:09:04 | 000,172,032 | ---- | M] () -- C:\Program Files (x86)\ASUS\WLAN Card Utilities\ASWLCCSVC.exe
PRC - [2006/12/19 19:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe


========== Modules (No Company Name) ==========

MOD - [2013/04/03 12:49:39 | 003,143,576 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/03/12 22:02:22 | 014,717,144 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
MOD - [2013/03/06 04:59:12 | 002,569,168 | ---- | M] () -- C:\ProgramData\Browser Manager\2.6.1125.80\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
MOD - [2013/03/06 04:57:59 | 002,232,272 | ---- | M] () -- c:\ProgramData\Browser Manager\2.6.1125.80\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll
MOD - [2013/02/19 01:11:00 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
MOD - [2013/01/10 10:07:17 | 000,492,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\4cae4b1b6c8423f80d1f86eae7fd8203\IAStorUtil.ni.dll
MOD - [2013/01/10 10:07:17 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\6fd278018f0cf369362fc810f8aefcb5\IAStorCommon.ni.dll
MOD - [2013/01/10 10:04:14 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013/01/10 10:03:57 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/01/10 10:03:50 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
MOD - [2013/01/10 10:03:47 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/01/10 10:03:45 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/01/10 10:03:45 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013/01/10 10:03:42 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2011/03/17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 16:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/06/22 03:48:30 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\CustoPackTools\utils\RocketDock\RocketDock.exe
MOD - [2010/06/22 03:48:30 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\CustoPackTools\utils\RocketDock\RocketDock.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/01/27 12:34:32 | 000,379,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/01/27 12:34:32 | 000,022,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2012/12/19 15:56:00 | 000,240,640 | ---- | M] (AMD) [Disabled | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/08/05 12:53:12 | 000,467,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV:64bit: - [2011/08/05 12:53:12 | 000,306,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV:64bit: - [2011/08/05 12:53:06 | 008,277,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV:64bit: - [2011/03/17 19:03:44 | 000,552,832 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe -- (EpsonCustomerParticipation)
SRV:64bit: - [2010/11/30 14:27:58 | 000,336,824 | ---- | M] (arvato digital services llc) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2_x64)
SRV:64bit: - [2010/04/06 17:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2010/03/08 20:47:06 | 006,245,744 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Windows\SysNative\Wacom_Tablet.exe -- (TabletServiceWacom)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/04/03 12:49:44 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/03/12 22:02:23 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/03/06 04:59:12 | 002,569,168 | ---- | M] () [Auto | Running] -- C:\ProgramData\Browser Manager\2.6.1125.80\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe -- (Browser Manager)
SRV - [2013/02/28 15:15:34 | 001,183,456 | ---- | M] (Starfield Technologies) [Auto | Running] -- C:\Program Files (x86)\Workspace\offSyncService.exe -- (File Backup)
SRV - [2013/01/18 13:27:32 | 000,541,608 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/12/18 10:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/04/30 01:32:54 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/10/13 17:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) [Auto | Running] -- C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe -- (Smart TimeLock)
SRV - [2009/06/17 17:13:06 | 000,068,136 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe -- (DES2 Service)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/05/21 19:09:04 | 000,172,032 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\WLAN Card Utilities\ASWLCCSVC.exe -- (ASWLCCSvc)
SRV - [2006/12/19 19:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/01/20 16:59:04 | 000,130,008 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/12/19 16:48:48 | 011,278,336 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/12/19 15:32:54 | 000,552,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/11/06 07:11:52 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/21 21:30:04 | 012,310,112 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/04/26 12:07:36 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/03/14 05:29:46 | 000,313,136 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mvs91xx.sys -- (mvs91xx)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/07 05:22:00 | 000,065,280 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2011/03/07 05:22:00 | 000,040,832 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2011/01/15 12:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2011/01/13 07:58:00 | 000,413,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/01/10 19:16:08 | 000,021,104 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2010/12/16 18:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 07:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/10/20 00:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/02/12 21:42:28 | 001,104,672 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2010/01/24 19:32:24 | 000,018,216 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV:64bit: - [2009/10/28 14:59:08 | 000,045,752 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PCASp50.sys -- (PCASp50)
DRV:64bit: - [2009/09/21 19:29:22 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007/04/09 14:09:46 | 000,012,288 | ---- | M] (Waytech Development, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UsbFltr.sys -- (UsbFltr)
DRV:64bit: - [2007/02/16 15:12:36 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2013/04/05 18:59:53 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2009/10/28 14:59:08 | 000,045,752 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\PCASp50.sys -- (PCASp50)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2801948

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.babylo...00014dae9b09bd0
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = http://search.babylo...00014dae9b09bd0
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT2801948
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?rd=1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 38 B2 78 65 0F C6 CC 01 [binary data]
IE - HKCU\..\URLSearchHook: {37483b40-c254-4a72-bda4-22ee90182c1e} - No CLSID value found
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...=SPLBR1&pc=SPLH
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...00014dae9b09bd0
IE - HKCU\..\SearchScopes\{3B4970A3-98D3-4726-A793-75830D35DEA5}: "URL" = http://websearch.ask...FA-A0CCD1328A26
IE - HKCU\..\SearchScopes\{3C3AD6AF-32B1-435A-B0F6-EE08E7D819F2}: "URL" = http://search.yahoo....p={SearchTerms}
IE - HKCU\..\SearchScopes\{3D8A4D33-D13C-4a4f-8F7A-0AF57E301E00}: "URL" = http://search.yahoo....evm&type=IEBDSV
IE - HKCU\..\SearchScopes\{A63AEAE4-2798-4772-BBBB-EB953FD3BD2D}: "URL" = http://www.google.co...q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2801948
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incre...6R8kQ4D1a8&i=26
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "NCH EN Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.145
FF - prefs.js..extensions.enabledAddons: %7Ba7c6cf7f-112c-4500-a7ea-39801a327e5f%7D:2.0.13
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0
FF - prefs.js..keyword.URL: "http://search.yahoo....h?fr=mcafee&p="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Search the web (Babylon)"


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@starfield.com/off: C:\Users\Izabella\AppData\Roaming\Mozilla\Plugins\npoff.dll ( Starfield Technologies, LLC.)
FF - HKCU\Software\MozillaPlugins\@starfield.com/off64: C:\Users\Izabella\AppData\Roaming\Mozilla\Plugins\npoff64.dll ( Starfield Technologies, LLC.)
FF - HKCU\Software\MozillaPlugins\@starfield.com/wbe: C:\Users\Izabella\AppData\Roaming\Mozilla\Plugins\npwbe.dll (Starfield Technology, LLC)
FF - HKCU\Software\MozillaPlugins\@starfield.com/wbe64: C:\Users\Izabella\AppData\Roaming\Mozilla\Plugins\npwbe64.dll (Starfield Technology, LLC)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Izabella\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Izabella\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Izabella\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Izabella\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Izabella\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/02/17 00:46:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/03 12:49:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/01/17 16:07:37 | 000,000,000 | ---D | M]

[2013/03/16 15:54:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Izabella\AppData\Roaming\Mozilla\Extensions
[2012/05/27 17:03:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Izabella\AppData\Roaming\Mozilla\Extensions\[email protected]
[2013/03/04 00:39:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Izabella\AppData\Roaming\Mozilla\Firefox\Profiles\sx8ay3nc.default\extensions
[2013/02/19 01:24:23 | 000,000,000 | ---D | M] (FireFTP) -- C:\Users\Izabella\AppData\Roaming\Mozilla\Firefox\Profiles\sx8ay3nc.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2013/02/18 21:29:27 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Izabella\AppData\Roaming\Mozilla\Firefox\Profiles\sx8ay3nc.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2013/01/04 01:39:14 | 000,000,000 | ---D | M] (Reddit Enhancement Suite) -- C:\Users\Izabella\AppData\Roaming\Mozilla\Firefox\Profiles\sx8ay3nc.default\extensions\[email protected]
[2013/03/04 00:39:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Izabella\AppData\Roaming\Mozilla\Firefox\Profiles\sx8ay3nc.default\extensions\staged
[2013/01/04 01:39:10 | 000,423,679 | ---- | M] () (No name found) -- C:\Users\Izabella\AppData\Roaming\Mozilla\Firefox\Profiles\sx8ay3nc.default\extensions\[email protected]
[2013/03/04 00:39:06 | 000,872,587 | ---- | M] () (No name found) -- C:\Users\Izabella\AppData\Roaming\Mozilla\Firefox\Profiles\sx8ay3nc.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi
[2013/02/18 21:29:25 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Izabella\AppData\Roaming\Mozilla\Firefox\Profiles\sx8ay3nc.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/09/08 02:27:05 | 000,002,343 | ---- | M] () -- C:\Users\Izabella\AppData\Roaming\Mozilla\Firefox\Profiles\sx8ay3nc.default\searchplugins\askcom.xml
[2012/09/19 16:37:46 | 000,002,223 | ---- | M] () -- C:\Users\Izabella\AppData\Roaming\Mozilla\Firefox\Profiles\sx8ay3nc.default\searchplugins\BabylonMngr.xml
[2012/05/30 08:46:12 | 000,000,915 | ---- | M] () -- C:\Users\Izabella\AppData\Roaming\Mozilla\Firefox\Profiles\sx8ay3nc.default\searchplugins\conduit.xml
[2012/02/23 17:00:35 | 000,002,203 | ---- | M] () -- C:\Users\Izabella\AppData\Roaming\Mozilla\Firefox\Profiles\sx8ay3nc.default\searchplugins\MyStart Search.xml
[2012/05/30 15:11:05 | 000,002,057 | ---- | M] () -- C:\Users\Izabella\AppData\Roaming\Mozilla\Firefox\Profiles\sx8ay3nc.default\searchplugins\youtube-video-search.xml
[2012/09/07 17:41:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/02/17 00:46:10 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2013/04/03 12:49:45 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/09/19 16:37:40 | 000,002,360 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012/08/30 02:20:38 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/09/19 17:15:18 | 000,002,024 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2013/03/04 04:05:02 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = http://www.google.co...q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - homepage: http://search.babylo...00014dae9b09bd0
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Izabella\AppData\Local\Google\Chrome\Application\26.0.1410.43\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Izabella\AppData\Local\Google\Chrome\Application\26.0.1410.43\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Izabella\AppData\Local\Google\Chrome\Application\26.0.1410.43\gcswf32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Izabella\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Izabella\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google Search = C:\Users\Izabella\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Yulia Brodskaya = C:\Users\Izabella\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlgdloilieclkegafohackmhffbmdpko\2_0\
CHR - Extension: Better Pop Up Blocker = C:\Users\Izabella\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmpeeekfhbmikbdhlpjbfmnpgcbeggic\2.1.6_0\
CHR - Extension: BrowserProtect = C:\Users\Izabella\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_1\
CHR - Extension: Gmail = C:\Users\Izabella\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2011/01/27 16:00:57 | 000,001,211 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
O1 - Hosts: 127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
O1 - Hosts: 127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {37483B40-C254-4A72-BDA4-22EE90182C1E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [Artisan 730(Network)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHQA.EXE /FU "C:\Users\Izabella\AppData\Local\Temp\E_S9CC.tmp" /EF "HKCU" File not found
O4 - HKCU..\Run: [EPSON Artisan 730 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHQA.EXE /FU "C:\Users\Izabella\AppData\Local\Temp\E_S99D.tmp" /EF "HKCU" File not found
O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\CustoPackTools\utils\RocketDock\RocketDock.exe ()
O4 - HKCU..\Run: [Spybot-S&D Cleaning] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [Starfield Updater] C:\Users\Izabella\AppData\Local\Workspace\WorkspaceUpdate.exe (Starfield Technologies)
O4:64bit: - HKLM..\RunOnce: [RPMKickstart] C:\Program Files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe (Gigabyte Technology CO., LTD.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O8:64bit: - Extra context menu item: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O8 - Extra context menu item: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{655CB665-AB99-4C80-8364-D606EEBA4014}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\261125~1.80\{16cdf~1\browse~1.dll) - c:\ProgramData\Browser Manager\2.6.1125.80\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/12/31 20:45:44 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/04/05 19:34:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Izabella\Desktop\OTL.exe
[2013/04/04 16:57:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2013/04/04 16:57:51 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2013/04/04 00:01:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013/04/04 00:01:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013/04/04 00:01:17 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2013/04/04 00:01:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2013/03/24 00:30:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/03/24 00:30:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013/03/24 00:30:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013/03/17 11:43:17 | 000,000,000 | ---D | C] -- C:\Users\Izabella\AppData\Local\offsync
[2013/03/16 15:55:07 | 000,000,000 | ---D | C] -- C:\Users\Izabella\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Workspace
[2013/03/16 15:55:04 | 000,000,000 | ---D | C] -- X:\Izabella\Workspace Logs
[2013/03/16 15:55:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Workspace
[2013/03/16 15:53:41 | 000,000,000 | ---D | C] -- C:\Users\Izabella\AppData\Local\Workspace
[2013/03/12 13:12:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/03/12 13:12:03 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Plugins
[2013/03/12 13:12:02 | 000,000,000 | ---D | C] -- C:\Program Files\iTunesHelper.Resources
[2013/03/12 13:11:55 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes.Resources
[2013/03/12 13:11:55 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/03/12 13:11:54 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/03/12 13:11:54 | 000,000,000 | ---D | C] -- C:\Program Files\CD Configuration
[2013/03/12 13:11:54 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013/02/20 13:16:00 | 000,112,968 | ---- | C] (Apple Inc.) -- C:\Program Files\ITDetector.ocx
[2013/02/20 12:35:30 | 000,293,192 | ---- | C] (Apple Inc.) -- C:\Program Files\iTunesOutlookAddIn.dll
[2013/02/20 12:35:28 | 000,152,392 | ---- | C] (Apple Inc.) -- C:\Program Files\iTunesHelper.exe
[2013/02/20 12:35:26 | 000,412,488 | ---- | C] (Apple Inc.) -- C:\Program Files\iTunesAdmin.dll
[2013/02/20 12:35:26 | 000,148,808 | ---- | C] (Apple Inc.) -- C:\Program Files\iTunesHelper.dll
[2013/02/20 12:35:24 | 009,789,256 | ---- | C] (Apple Inc.) -- C:\Program Files\iTunes.exe
[2013/02/20 12:35:08 | 022,970,184 | ---- | C] (Apple Inc.) -- C:\Program Files\iTunes.dll
[2013/02/20 12:35:04 | 003,015,008 | ---- | C] (Gracenote, Inc.) -- C:\Program Files\gnsdk_dsp.dll
[2013/02/20 12:35:04 | 000,782,688 | ---- | C] (Gracenote, Inc.) -- C:\Program Files\gnsdk_sdkmanager.dll
[2013/02/20 12:35:04 | 000,269,152 | ---- | C] (Gracenote, Inc.) -- C:\Program Files\gnsdk_submit.dll
[2013/02/20 12:35:04 | 000,226,144 | ---- | C] (Gracenote, Inc.) -- C:\Program Files\gnsdk_musicid.dll

========== Files - Modified Within 30 Days ==========

[2013/04/05 19:35:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Izabella\Desktop\OTL.exe
[2013/04/05 19:23:00 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1525621531-1438105479-2784798899-1000UA.job
[2013/04/05 19:06:58 | 000,021,200 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/05 19:06:58 | 000,021,200 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/05 19:06:49 | 000,726,444 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/04/05 19:06:49 | 000,624,162 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/04/05 19:06:49 | 000,106,538 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/04/05 19:02:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/04/05 18:59:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/04/05 18:59:49 | 4229,779,454 | -HS- | M] () -- C:\hiberfil.sys
[2013/04/05 01:59:42 | 078,313,856 | ---- | M] () -- C:\Users\Izabella\Desktop\BL copy.psd
[2013/04/05 01:59:26 | 003,765,623 | ---- | M] () -- C:\Users\Izabella\Desktop\BL2.jpg
[2013/04/05 01:59:14 | 078,312,962 | ---- | M] () -- C:\Users\Izabella\Desktop\BL.psd
[2013/04/04 17:23:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1525621531-1438105479-2784798899-1000Core.job
[2013/04/04 16:57:51 | 000,000,930 | ---- | M] () -- C:\Users\Public\Desktop\CPUID HWMonitor.lnk
[2013/04/04 16:57:13 | 004,157,552 | ---- | M] ( ) -- C:\Users\Izabella\Desktop\hwmonitor_1.21-setup.exe
[2013/04/04 16:03:20 | 000,039,652 | ---- | M] () -- C:\Users\Izabella\Desktop\cc_20130404_160259.reg
[2013/04/04 00:14:49 | 000,000,121 | ---- | M] () -- C:\Windows\wininit.ini
[2013/04/03 03:01:34 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/04/03 03:01:34 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/03/29 11:18:09 | 000,000,988 | ---- | M] () -- C:\Users\Izabella\Desktop\Dropbox.lnk
[2013/03/16 15:55:07 | 000,001,076 | ---- | M] () -- C:\Users\Izabella\Desktop\desktoptools.lnk
[2013/03/12 13:12:05 | 000,001,652 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

========== Files Created - No Company Name ==========

[2013/04/05 01:50:29 | 003,765,623 | ---- | C] () -- C:\Users\Izabella\Desktop\BL2.jpg
[2013/04/04 16:57:51 | 000,000,930 | ---- | C] () -- C:\Users\Public\Desktop\CPUID HWMonitor.lnk
[2013/04/04 16:57:12 | 004,157,552 | ---- | C] ( ) -- C:\Users\Izabella\Desktop\hwmonitor_1.21-setup.exe
[2013/04/04 16:03:08 | 000,039,652 | ---- | C] () -- C:\Users\Izabella\Desktop\cc_20130404_160259.reg
[2013/04/04 01:15:16 | 078,313,856 | ---- | C] () -- C:\Users\Izabella\Desktop\BL copy.psd
[2013/04/04 00:14:49 | 000,000,121 | ---- | C] () -- C:\Windows\wininit.ini
[2013/04/04 00:01:21 | 000,002,189 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013/04/03 19:38:55 | 078,312,962 | ---- | C] () -- C:\Users\Izabella\Desktop\BL.psd
[2013/04/03 03:01:34 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/04/03 03:01:34 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/03/16 15:55:07 | 000,001,076 | ---- | C] () -- C:\Users\Izabella\Desktop\desktoptools.lnk
[2013/03/12 13:12:05 | 000,001,652 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/02/20 13:15:56 | 000,122,375 | ---- | C] () -- C:\Program Files\Acknowledgements.rtf
[2012/09/01 14:51:32 | 000,000,132 | ---- | C] () -- C:\Users\Izabella\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2012/05/30 15:42:28 | 000,000,132 | ---- | C] () -- C:\Users\Izabella\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012/05/02 14:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012/04/10 16:05:34 | 000,000,132 | ---- | C] () -- C:\Users\Izabella\AppData\Roaming\Adobe IllExport Filter CS5 Prefs
[2012/04/05 21:29:34 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/04/05 21:29:34 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/03/07 14:24:08 | 000,000,026 | -H-- | C] () -- C:\ProgramData\.811261211181235583101118113995
[2012/02/17 14:53:02 | 000,001,456 | ---- | C] () -- C:\Users\Izabella\AppData\Local\Adobe Save for Web 12.0 Prefs
[2012/01/19 23:38:32 | 000,000,077 | ---- | C] () -- C:\Windows\EART730.ini
[2011/12/31 20:09:49 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2011/12/29 03:31:59 | 000,743,538 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/12/28 22:07:36 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/10/21 21:27:54 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/10/21 21:27:54 | 000,217,536 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/10/21 21:27:54 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/10/21 21:22:54 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011/10/21 21:03:04 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/09/12 19:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

========== ZeroAccess Check ==========

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010/11/20 09:27:25 | 014,161,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010/11/20 08:21:19 | 012,859,904 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2011/12/31 20:47:38 | 000,000,000 | ---D | M] -- C:\Users\Izabella\AppData\Roaming\Autodesk
[2012/01/06 00:39:39 | 000,000,000 | ---D | M] -- C:\Users\Izabella\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013/04/03 23:31:08 | 000,000,000 | ---D | M] -- C:\Users\Izabella\AppData\Roaming\Dropbox
[2013/02/12 20:28:10 | 000,000,000 | ---D | M] -- C:\Users\Izabella\AppData\Roaming\Epson
[2012/05/30 22:10:21 | 000,000,000 | ---D | M] -- C:\Users\Izabella\AppData\Roaming\FileZilla
[2012/02/27 14:29:46 | 000,000,000 | ---D | M] -- C:\Users\Izabella\AppData\Roaming\Final Draft
[2012/01/09 15:00:28 | 000,000,000 | ---D | M] -- C:\Users\Izabella\AppData\Roaming\Foxit Software
[2012/05/27 17:03:05 | 000,000,000 | ---D | M] -- C:\Users\Izabella\AppData\Roaming\Greyfirst
[2012/01/20 13:04:35 | 000,000,000 | ---D | M] -- C:\Users\Izabella\AppData\Roaming\Leader Technologies
[2012/01/19 23:47:32 | 000,000,000 | ---D | M] -- C:\Users\Izabella\AppData\Roaming\Leadertech
[2013/01/18 16:20:48 | 000,000,000 | ---D | M] -- C:\Users\Izabella\AppData\Roaming\Nitro PDF
[2012/05/26 00:09:55 | 000,000,000 | ---D | M] -- C:\Users\Izabella\AppData\Roaming\OpenCandy
[2012/05/26 00:12:37 | 000,000,000 | ---D | M] -- C:\Users\Izabella\AppData\Roaming\PrimoPDF
[2013/02/07 00:36:57 | 000,000,000 | ---D | M] -- C:\Users\Izabella\AppData\Roaming\SendSpace Wizard
[2012/01/01 21:18:55 | 000,000,000 | ---D | M] -- C:\Users\Izabella\AppData\Roaming\Splashtop
[2012/02/25 14:29:33 | 000,000,000 | ---D | M] -- C:\Users\Izabella\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013/04/04 13:46:04 | 000,000,000 | ---D | M] -- C:\Users\Izabella\AppData\Roaming\uTorrent

========== Purity Check ==========



< End of report >
  • 0

Advertisements


#2
th1nker

th1nker

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts
I just realized that I tried to use a title that is too long and the shortened result is incomprehensible. Is it possible to alter the thread title? If not, then sad =(

Oh never mind. I'm just overthinking things. Will stick to this title.

Edited by th1nker, 06 April 2013 - 11:12 AM.

  • 0

#3
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi I cannot see a great deal there apart from adware. If this does not improve it we will look at the system

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image
:OTL
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2801948
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.babylo...00014dae9b09bd0
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = http://search.babylo...00014dae9b09bd0
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT2801948
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...00014dae9b09bd0
IE - HKCU\..\SearchScopes\{3B4970A3-98D3-4726-A793-75830D35DEA5}: "URL" = http://websearch.ask...FA-A0CCD1328A26
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2801948
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incre...6R8kQ4D1a8&i=26
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2801948&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Search the web (Babylon)"
[2012/09/19 16:37:46 | 000,002,223 | ---- | M] () -- C:\Users\Izabella\AppData\Roaming\Mozilla\Firefox\Profiles\sx8ay3nc.default\searchplugins\BabylonMngr.xml
[2012/05/30 08:46:12 | 000,000,915 | ---- | M] () -- C:\Users\Izabella\AppData\Roaming\Mozilla\Firefox\Profiles\sx8ay3nc.default\searchplugins\conduit.xml
[2012/02/23 17:00:35 | 000,002,203 | ---- | M] () -- C:\Users\Izabella\AppData\Roaming\Mozilla\Firefox\Profiles\sx8ay3nc.default\searchplugins\MyStart Search.xml
[2012/09/19 16:37:40 | 000,002,360 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {37483B40-C254-4A72-BDA4-22EE90182C1E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
[2012/03/07 14:24:08 | 000,000,026 | -H-- | C] () -- C:\ProgramData\.811261211181235583101118113995
[2012/05/26 00:09:55 | 000,000,000 | ---D | M] -- C:\Users\Izabella\AppData\Roaming\OpenCandy

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete

Posted Image

Once done it will ask to reboot, allow this
On reboot a log will be produced please attach that
  • 0

#4
th1nker

th1nker

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts
My sister and I became a little impatient (our fault) and started thinking that we weren't going to get a reply. Well, we ended up reinstalling windows 7 after formatting the main drive, and the problems are still occurring and began pretty much immediately. I'm worried that it might be due to hardware damage. I would run your fix, but I think that the reinstall might have changed the circumstances - correct me if you still want me to run it. I'm sorry for deviating from your plan, should I post a new OTL log?
  • 0

#5
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Not a problem .. Run a fresh OTL scan

Although I think your thoughts about hardware may be correct
  • 0

#6
th1nker

th1nker

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts
Okay, so here's an updated OTL and Extras. This is after a format and reinstall of Win7. I still have an unformatted drive I used to store music and other things so I'm just hoping that has nothing to do with it. If it is a hardware issue, do you have any idea how to isolate which component it is? I'm kind of leaning between PSU, mobo, and ram, but I have no idea how to find out which it is. OTL and Extras below:

OTL

OTL logfile created on: 4/7/2013 4:24:14 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Izabelle\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

15.92 Gb Total Physical Memory | 13.80 Gb Available Physical Memory | 86.67% Memory free
31.84 Gb Paging File | 29.38 Gb Available in Paging File | 92.30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119.14 Gb Total Space | 46.01 Gb Free Space | 38.62% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 810.62 Gb Free Space | 87.02% Space Free | Partition Type: NTFS
Drive E: | 170.84 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 931.51 Gb Total Space | 739.25 Gb Free Space | 79.36% Space Free | Partition Type: NTFS

Computer Name: IZZIPICS | User Name: Izabelle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/04/07 16:24:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Izabelle\Desktop\OTL.exe
PRC - [2013/03/26 22:18:14 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/04/30 00:32:54 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/04/30 00:32:50 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2011/01/13 09:42:54 | 001,799,168 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\Program Files (x86)\ASUS\WLAN Card Utilities\Center.exe
PRC - [2010/10/12 13:56:40 | 000,979,328 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
PRC - [2010/10/05 21:04:12 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/10/05 21:04:08 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/04/22 15:05:26 | 001,011,712 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Program Files (x86)\GIGABYTE\smart6\timelock\AlarmClock.exe
PRC - [2009/10/13 16:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe
PRC - [2009/06/17 16:13:06 | 000,068,136 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
PRC - [2009/05/21 15:09:04 | 000,172,032 | ---- | M] () -- C:\Program Files (x86)\ASUS\WLAN Card Utilities\ASWLCCSVC.exe


========== Modules (No Company Name) ==========

MOD - [2013/04/07 03:38:45 | 000,492,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\e7e3902987fea327bf0cd6e25ef958c0\IAStorUtil.ni.dll
MOD - [2013/04/07 03:38:45 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\7087986a1294e20a2372a0c9a6ce1488\IAStorCommon.ni.dll
MOD - [2013/03/26 22:18:17 | 003,143,576 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/01/28 13:08:56 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013/01/28 13:08:28 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/11/20 23:49:13 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\5cae93d923c8378370758489e5535820\System.Runtime.Remoting.ni.dll
MOD - [2010/11/20 23:48:49 | 012,432,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3afcd5168c7a6cb02eab99d7fd71e102\System.Windows.Forms.ni.dll
MOD - [2010/11/20 23:48:42 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dbfe8642a8ed7b2b103ad28e0c96418a\System.Drawing.ni.dll
MOD - [2010/11/20 23:48:30 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf293040f3a93afa1ea782487acae816\WindowsBase.ni.dll
MOD - [2010/11/20 23:48:25 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\461d3b6b3f43e6fbe6c897d5936e17e4\System.Xml.ni.dll
MOD - [2010/11/20 23:48:22 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bc09ad2d49d8535371845cd7532f9271\System.Configuration.ni.dll
MOD - [2010/11/20 23:48:21 | 007,963,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\System.ni.dll
MOD - [2010/11/20 23:48:14 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/01/27 11:34:32 | 000,379,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/01/27 11:34:32 | 000,022,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011/10/12 16:09:44 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/03/17 18:03:44 | 000,552,832 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe -- (EpsonCustomerParticipation)
SRV:64bit: - [2010/04/06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/03/26 22:18:15 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2011/04/30 00:32:54 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/10/05 21:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/10/05 21:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/10/13 16:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) [Auto | Running] -- C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe -- (Smart TimeLock)
SRV - [2009/06/17 16:13:06 | 000,068,136 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe -- (DES2 Service)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/05/21 15:09:04 | 000,172,032 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\WLAN Card Utilities\ASWLCCSVC.exe -- (ASWLCCSvc)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/01/20 15:59:04 | 000,130,008 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2011/10/12 16:56:18 | 010,207,232 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/10/12 15:30:42 | 000,317,952 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/06/06 18:07:00 | 000,231,440 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011/04/26 11:07:36 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/04/09 23:51:06 | 012,223,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/03/14 05:29:46 | 000,313,136 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mvs91xx.sys -- (mvs91xx)
DRV:64bit: - [2011/03/07 05:22:00 | 000,065,280 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2011/03/07 05:22:00 | 000,040,832 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2011/01/13 07:58:00 | 000,413,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/01/10 18:16:08 | 000,021,104 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2010/11/20 23:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 23:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010/11/20 23:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010/11/20 23:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/20 23:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010/11/20 23:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/20 23:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/10/14 13:28:16 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/09/21 09:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/02/12 17:42:28 | 001,104,672 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009/10/28 10:59:08 | 000,045,752 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PCASp50.sys -- (PCASp50)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013/04/07 16:13:11 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2013/04/07 03:48:55 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2009/10/28 10:59:08 | 000,045,752 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\PCASp50.sys -- (PCASp50)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?r...opt=0&ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 33 D7 AF 64 33 CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/07 03:52:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013/04/07 03:52:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Izabelle\AppData\Roaming\Mozilla\Extensions
[2013/04/07 03:52:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/03/26 22:18:33 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013/03/26 22:17:52 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/03/26 22:17:52 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2011/04/24 22:58:29 | 000,001,211 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
O1 - Hosts: 127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
O1 - Hosts: 127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Control Center] C:\Program Files (x86)\ASUS\WLAN Card Utilities\CenterAgent.exe ()
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LTCM Client] C:\Program Files (x86)\LTCM Client\ltcmClient.exe (Leader Technologies Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHQA.EXE /EPT "EPLTarget\P0000000000000000" /M "Artisan 730" File not found
O4:64bit: - HKLM..\RunOnce: [RPMKickstart] C:\Program Files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe (Gigabyte Technology CO., LTD.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DBA20337-9B35-4AB3-826D-22B4B0FF52E3}: DhcpNameServer = 192.168.0.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/01/18 13:58:36 | 000,000,041 | RH-- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{17382fb3-9f59-11e2-a72b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{17382fb3-9f59-11e2-a72b-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Setup.exe -- [2009/01/04 23:17:24 | 000,377,648 | R--- | M] (EPSON America Inc.)
O33 - MountPoints2\{35ffea93-9f6d-11e2-a05b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{35ffea93-9f6d-11e2-a05b-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Run.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/04/07 16:23:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Izabelle\Desktop\OTL.exe
[2013/04/07 13:16:50 | 000,000,000 | ---D | C] -- C:\Users\Izabelle\AppData\Roaming\Leader Technologies
[2013/04/07 13:16:50 | 000,000,000 | ---D | C] -- C:\Users\Izabelle\AppData\Roaming\Epson
[2013/04/07 12:59:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/04/07 12:59:22 | 000,000,000 | ---D | C] -- C:\Users\Izabelle\AppData\Roaming\Apple Computer
[2013/04/07 12:59:22 | 000,000,000 | ---D | C] -- C:\Users\Izabelle\AppData\Local\Apple Computer
[2013/04/07 12:59:21 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2013/04/07 12:59:11 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/04/07 12:59:10 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/04/07 12:59:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013/04/07 12:59:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2013/04/07 12:59:10 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013/04/07 12:59:00 | 000,000,000 | ---D | C] -- C:\Users\Izabelle\AppData\Local\Apple
[2013/04/07 12:58:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2013/04/07 12:58:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2013/04/07 12:58:51 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2013/04/07 12:58:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2013/04/07 12:58:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2013/04/07 12:58:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2013/04/07 12:54:22 | 000,000,000 | ---D | C] -- C:\Users\Izabelle\AppData\Roaming\Leadertech
[2013/04/07 12:53:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LTCM Client
[2013/04/07 12:49:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EPSON
[2013/04/07 12:48:32 | 000,000,000 | ---D | C] -- C:\Users\Izabelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EPSON Software
[2013/04/07 12:48:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Epson America Inc
[2013/04/07 12:48:17 | 000,000,000 | ---D | C] -- C:\Program Files\EPSON
[2013/04/07 12:48:04 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON
[2013/04/07 12:48:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
[2013/04/07 12:47:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Epson Software
[2013/04/07 12:47:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
[2013/04/07 12:47:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\epson
[2013/04/07 12:43:43 | 000,000,000 | ---D | C] -- C:\Users\Izabelle\Documents\RESUMES
[2013/04/07 12:42:58 | 000,000,000 | ---D | C] -- C:\Users\Izabelle\Documents\PORTFOLIO
[2013/04/07 12:42:48 | 000,000,000 | ---D | C] -- C:\Users\Izabelle\Documents\MY SHORTS
[2013/04/07 12:42:34 | 000,000,000 | ---D | C] -- C:\Users\Izabelle\Documents\MY SCRIPTS
[2013/04/07 12:41:58 | 000,000,000 | ---D | C] -- C:\Users\Izabelle\Documents\MY MANUSCRIPTS
[2013/04/07 12:40:44 | 000,000,000 | ---D | C] -- C:\Users\Izabelle\Documents\MERCHANDISE
[2013/04/07 12:40:35 | 000,000,000 | ---D | C] -- C:\Users\Izabelle\Documents\LITERATURE
[2013/04/07 12:39:58 | 000,000,000 | ---D | C] -- C:\Users\Izabelle\Documents\FILM PROJECTS
[2013/04/07 12:38:25 | 000,000,000 | R--D | C] -- C:\Users\Izabelle\Documents\Downloads
[2013/04/07 12:36:51 | 000,000,000 | ---D | C] -- C:\Users\Izabelle\Documents\BOOK PROJECTS
[2013/04/07 12:30:02 | 000,000,000 | ---D | C] -- C:\Users\Izabelle\Documents\MY ART
[2013/04/07 12:27:47 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2013/04/07 12:27:10 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013/04/07 12:27:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013/04/07 12:25:40 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2013/04/07 12:25:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2013/04/07 12:25:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2013/04/07 12:18:04 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Photoshop CS5.1 Extended Edition
[2013/04/07 12:09:11 | 000,000,000 | ---D | C] -- C:\Users\Izabelle\AppData\Roaming\Macromedia
[2013/04/07 12:08:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2013/04/07 12:08:11 | 000,000,000 | ---D | C] -- C:\Users\Izabelle\AppData\Roaming\Adobe
[2013/04/07 12:08:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2013/04/07 12:07:37 | 000,000,000 | ---D | C] -- C:\Users\Izabelle\AppData\Local\Adobe
[2013/04/07 07:23:14 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2013/04/07 06:23:47 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2013/04/07 06:23:39 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2013/04/07 04:04:00 | 000,000,000 | ---D | C] -- C:\Users\Izabelle\AppData\Roaming\Malwarebytes
[2013/04/07 04:03:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/04/07 04:03:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/04/07 04:03:50 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/04/07 04:03:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/04/07 04:03:43 | 000,000,000 | ---D | C] -- C:\Users\Izabelle\AppData\Local\Programs
[2013/04/07 04:02:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2013/04/07 04:02:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2013/04/07 03:52:20 | 000,000,000 | ---D | C] -- C:\Users\Izabelle\AppData\Roaming\Mozilla
[2013/04/07 03:52:20 | 000,000,000 | ---D | C] -- C:\Users\Izabelle\AppData\Local\Mozilla
[2013/04/07 03:52:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013/04/07 03:52:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/04/07 03:52:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013/04/07 03:49:38 | 000,000,000 | R--D | C] -- C:\Users\Izabelle\Desktop\Security & Maintenance
[2013/04/07 03:48:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Ralink
[2013/04/07 03:47:50 | 000,045,752 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\Windows\SysNative\drivers\PCASp50.sys
[2013/04/07 03:47:35 | 001,104,672 | ---- | C] (Ralink Technology Corp.) -- C:\Windows\SysNative\drivers\netr28ux.sys
[2013/04/07 03:47:35 | 000,311,072 | ---- | C] (Ralink Technology, Inc.) -- C:\Windows\SysNative\RaCoInstx.dll
[2013/04/07 03:47:35 | 000,061,440 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\Windows\SysWow64\ASUSW32N50.dll
[2013/04/07 03:47:35 | 000,045,752 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\Windows\SysWow64\drivers\PCASp50.sys
[2013/04/07 03:47:35 | 000,016,269 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\Windows\SysWow64\ASNDIS5.sys
[2013/04/07 03:47:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASUS
[2013/04/07 03:47:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation
[2013/04/07 03:44:08 | 000,000,000 | ---D | C] -- C:\Users\Izabelle\AppData\Roaming\Intel Corporation
[2013/04/07 03:44:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2013/04/07 03:42:00 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2013/04/07 03:40:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
[2013/04/07 03:40:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD
[2013/04/07 03:39:38 | 000,000,000 | ---D | C] -- C:\Program Files\GIGABYTE
[2013/04/07 03:39:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIGABYTE
[2013/04/07 03:39:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2013/04/07 03:39:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Etron Technology
[2013/04/07 03:38:48 | 000,000,000 | ---D | C] -- C:\Users\Izabelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Marvell
[2013/04/07 03:38:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Marvell
[2013/04/07 03:38:41 | 000,000,000 | ---D | C] -- C:\Users\Izabelle\AppData\Roaming\InstallShield
[2013/04/07 03:37:25 | 000,413,800 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2013/04/07 03:37:25 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2013/04/07 03:37:25 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2013/04/07 03:37:19 | 002,578,576 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2013/04/07 03:37:18 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2013/04/07 03:37:18 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2013/04/07 03:37:18 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2013/04/07 03:37:18 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2013/04/07 03:37:16 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2013/04/07 03:37:16 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2013/04/07 03:37:16 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2013/04/07 03:37:16 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2013/04/07 03:37:15 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2013/04/07 03:37:15 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2013/04/07 03:37:10 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2013/04/07 03:37:09 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2013/04/07 03:36:52 | 001,943,616 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2013/04/07 03:36:50 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2013/04/07 03:36:50 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2013/04/07 03:36:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2013/04/07 03:36:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2013/04/07 03:36:45 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2013/04/07 03:36:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2013/04/07 03:36:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2013/04/07 03:35:50 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2013/04/07 03:35:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2013/04/07 03:35:46 | 000,000,000 | ---D | C] -- C:\Intel
[2013/04/07 03:33:48 | 000,000,000 | ---D | C] -- C:\Users\Izabelle\AppData\Roaming\ATI
[2013/04/07 03:33:48 | 000,000,000 | ---D | C] -- C:\Users\Izabelle\AppData\Local\ATI
[2013/04/07 03:33:48 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013/04/07 03:33:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2013/04/07 03:32:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2013/04/07 03:32:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2013/04/07 03:32:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2013/04/07 03:32:31 | 000,058,880 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst.dll
[2013/04/07 03:32:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2013/04/07 03:32:05 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2013/04/07 03:31:40 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2013/04/07 03:31:32 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2013/04/07 03:29:11 | 000,000,000 | R--D | C] -- C:\Users\Izabelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/04/07 03:29:11 | 000,000,000 | R--D | C] -- C:\Users\Izabelle\Searches
[2013/04/07 03:29:11 | 000,000,000 | R--D | C] -- C:\Users\Izabelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/04/07 03:29:11 | 000,000,000 | -H-D | C] -- C:\Users\Izabelle\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2013/04/07 03:29:06 | 000,000,000 | ---D | C] -- C:\Users\Izabelle\AppData\Roaming\Identities
[2013/04/07 03:29:05 | 000,000,000 | R--D | C] -- C:\Users\Izabelle\Contacts
[2013/04/07 03:29:04 | 000,000,000 | ---D | C] -- C:\Users\Izabelle\AppData\Local\VirtualStore
[2013/04/07 03:29:03 | 000,000,000 | -HSD | C] -- C:\Users\Izabelle\AppData\Local\Temporary Internet Files
[2013/04/07 03:29:03 | 000,000,000 | -HSD | C] -- C:\Users\Izabelle\Templates
[2013/04/07 03:29:03 | 000,000,000 | -HSD | C] -- C:\Users\Izabelle\Start Menu
[2013/04/07 03:29:03 | 000,000,000 | -HSD | C] -- C:\Users\Izabelle\SendTo
[2013/04/07 03:29:03 | 000,000,000 | -HSD | C] -- C:\Users\Izabelle\Recent
[2013/04/07 03:29:03 | 000,000,000 | -HSD | C] -- C:\Users\Izabelle\PrintHood
[2013/04/07 03:29:03 | 000,000,000 | -HSD | C] -- C:\Users\Izabelle\NetHood
[2013/04/07 03:29:03 | 000,000,000 | -HSD | C] -- C:\Users\Izabelle\Documents\My Videos
[2013/04/07 03:29:03 | 000,000,000 | -HSD | C] -- C:\Users\Izabelle\Documents\My Pictures
[2013/04/07 03:29:03 | 000,000,000 | -HSD | C] -- C:\Users\Izabelle\Documents\My Music
[2013/04/07 03:29:03 | 000,000,000 | -HSD | C] -- C:\Users\Izabelle\My Documents
[2013/04/07 03:29:03 | 000,000,000 | -HSD | C] -- C:\Users\Izabelle\Local Settings
[2013/04/07 03:29:03 | 000,000,000 | -HSD | C] -- C:\Users\Izabelle\AppData\Local\History
[2013/04/07 03:29:03 | 000,000,000 | -HSD | C] -- C:\Users\Izabelle\Cookies
[2013/04/07 03:29:03 | 000,000,000 | -HSD | C] -- C:\Users\Izabelle\Application Data
[2013/04/07 03:29:03 | 000,000,000 | -HSD | C] -- C:\Users\Izabelle\AppData\Local\Application Data
[2013/04/07 03:29:03 | 000,000,000 | ---D | C] -- C:\Users\Izabelle\AppData\Local\Temp
[2013/04/07 03:29:03 | 000,000,000 | ---D | C] -- C:\Users\Izabelle\AppData\Local\Microsoft
[2013/04/07 03:29:03 | 000,000,000 | ---D | C] -- C:\Users\Izabelle\AppData\Roaming\Media Center Programs
[2013/04/07 03:29:02 | 000,000,000 | --SD | C] -- C:\Users\Izabelle\AppData\Roaming\Microsoft
[2013/04/07 03:29:02 | 000,000,000 | R--D | C] -- C:\Users\Izabelle\Videos
[2013/04/07 03:29:02 | 000,000,000 | R--D | C] -- C:\Users\Izabelle\Saved Games
[2013/04/07 03:29:02 | 000,000,000 | R--D | C] -- C:\Users\Izabelle\Pictures
[2013/04/07 03:29:02 | 000,000,000 | R--D | C] -- C:\Users\Izabelle\Music
[2013/04/07 03:29:02 | 000,000,000 | R--D | C] -- C:\Users\Izabelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/04/07 03:29:02 | 000,000,000 | R--D | C] -- C:\Users\Izabelle\Links
[2013/04/07 03:29:02 | 000,000,000 | R--D | C] -- C:\Users\Izabelle\Favorites
[2013/04/07 03:29:02 | 000,000,000 | R--D | C] -- C:\Users\Izabelle\Downloads
[2013/04/07 03:29:02 | 000,000,000 | R--D | C] -- C:\Users\Izabelle\Documents
[2013/04/07 03:29:02 | 000,000,000 | R--D | C] -- C:\Users\Izabelle\Desktop
[2013/04/07 03:29:02 | 000,000,000 | R--D | C] -- C:\Users\Izabelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/04/07 03:29:02 | 000,000,000 | -H-D | C] -- C:\Users\Izabelle\AppData
[2013/04/07 03:29:00 | 000,000,000 | -HSD | C] -- C:\Recovery
[2013/04/07 03:28:58 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution

========== Files - Modified Within 30 Days ==========

[2013/04/07 16:24:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Izabelle\Desktop\OTL.exe
[2013/04/07 16:20:05 | 000,713,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/04/07 16:20:05 | 000,615,122 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/04/07 16:20:05 | 000,103,496 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/04/07 16:13:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/04/07 16:13:04 | 4229,779,454 | -HS- | M] () -- C:\hiberfil.sys
[2013/04/07 13:18:38 | 000,019,264 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/07 13:18:38 | 000,019,264 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/07 13:16:37 | 004,826,928 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/04/07 13:05:09 | 000,000,094 | ---- | M] () -- C:\Windows\EART730.ini
[2013/04/07 12:59:22 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/04/07 12:53:17 | 000,002,057 | ---- | M] () -- C:\Users\Public\Desktop\Artisan 730 User's Guide.lnk
[2013/04/07 12:52:44 | 000,000,850 | ---- | M] () -- C:\Users\Public\Desktop\Print CD.lnk
[2013/04/07 12:47:34 | 000,000,926 | ---- | M] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[2013/04/07 12:36:18 | 000,001,745 | ---- | M] () -- C:\Users\Izabelle\Desktop\Photoshop - Shortcut.lnk
[2013/04/07 12:08:09 | 000,001,514 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Application Manager.lnk
[2013/04/07 06:24:57 | 000,116,385 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2013/04/07 06:24:57 | 000,116,385 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2013/04/07 04:04:48 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013/04/07 04:02:11 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/04/07 03:51:14 | 000,001,433 | ---- | M] () -- C:\Users\Izabelle\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/04/07 03:48:55 | 000,030,528 | ---- | M] () -- C:\Windows\GVTDrv64.sys
[2013/04/07 03:48:55 | 000,000,004 | ---- | M] () -- C:\Windows\SysWow64\GVTunner.ref
[2013/04/07 03:34:44 | 000,000,010 | ---- | M] () -- C:\Windows\GSetup.ini
[2013/04/07 03:33:46 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin

========== Files Created - No Company Name ==========

[2013/04/07 12:59:22 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/04/07 12:59:00 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013/04/07 12:53:17 | 000,002,057 | ---- | C] () -- C:\Users\Public\Desktop\Artisan 730 User's Guide.lnk
[2013/04/07 12:53:17 | 000,001,958 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LTCM Client.lnk
[2013/04/07 12:52:44 | 000,000,850 | ---- | C] () -- C:\Users\Public\Desktop\Print CD.lnk
[2013/04/07 12:47:34 | 000,000,926 | ---- | C] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[2013/04/07 12:46:42 | 000,000,094 | ---- | C] () -- C:\Windows\EART730.ini
[2013/04/07 12:36:18 | 000,001,745 | ---- | C] () -- C:\Users\Izabelle\Desktop\Photoshop - Shortcut.lnk
[2013/04/07 12:27:42 | 000,001,093 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.1 (64 Bit).lnk
[2013/04/07 12:27:31 | 000,001,219 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.1.lnk
[2013/04/07 12:27:02 | 000,001,181 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.1.lnk
[2013/04/07 12:26:54 | 000,001,274 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.5.lnk
[2013/04/07 12:25:53 | 000,001,375 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.5.lnk
[2013/04/07 12:25:50 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.5.lnk
[2013/04/07 12:25:37 | 000,000,997 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2013/04/07 12:08:09 | 000,001,526 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
[2013/04/07 12:08:09 | 000,001,514 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Application Manager.lnk
[2013/04/07 06:24:52 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2013/04/07 06:24:50 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2013/04/07 06:23:39 | 4229,779,454 | -HS- | C] () -- C:\hiberfil.sys
[2013/04/07 04:04:48 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013/04/07 04:02:11 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2013/04/07 04:02:06 | 000,002,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2013/04/07 03:52:18 | 000,001,155 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/04/07 03:51:14 | 000,001,433 | ---- | C] () -- C:\Users\Izabelle\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/04/07 03:47:35 | 000,015,577 | ---- | C] () -- C:\Windows\SysWow64\ASNDIS3.vxd
[2013/04/07 03:47:35 | 000,013,931 | ---- | C] () -- C:\Windows\SysNative\RaCoInst.dat
[2013/04/07 03:44:18 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2013/04/07 03:44:18 | 000,000,004 | ---- | C] () -- C:\Windows\SysWow64\GVTunner.ref
[2013/04/07 03:39:39 | 000,031,272 | ---- | C] () -- C:\Windows\SysNative\AppleChargerSrv.exe
[2013/04/07 03:39:39 | 000,021,104 | ---- | C] () -- C:\Windows\SysNative\drivers\AppleCharger.sys
[2013/04/07 03:39:36 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2013/04/07 03:39:36 | 000,008,192 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2013/04/07 03:37:25 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2013/04/07 03:36:27 | 013,356,032 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2013/04/07 03:36:27 | 001,981,696 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.cpa
[2013/04/07 03:36:27 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2013/04/07 03:36:27 | 000,963,116 | ---- | C] () -- C:\Windows\SysNative\igkrng600.bin
[2013/04/07 03:36:27 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2013/04/07 03:36:27 | 000,218,304 | ---- | C] () -- C:\Windows\SysNative\igfcg600m.bin
[2013/04/07 03:36:27 | 000,211,082 | ---- | C] () -- C:\Windows\SysNative\Gfxres.th-TH.resources
[2013/04/07 03:36:27 | 000,197,902 | ---- | C] () -- C:\Windows\SysNative\Gfxres.el-GR.resources
[2013/04/07 03:36:27 | 000,182,514 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources
[2013/04/07 03:36:27 | 000,179,992 | ---- | C] () -- C:\Windows\SysNative\difx64.exe
[2013/04/07 03:36:27 | 000,156,057 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources
[2013/04/07 03:36:27 | 000,152,994 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ja-JP.resources
[2013/04/07 03:36:27 | 000,148,846 | ---- | C] () -- C:\Windows\SysNative\Gfxres.he-IL.resources
[2013/04/07 03:36:27 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2013/04/07 03:36:27 | 000,145,804 | ---- | C] () -- C:\Windows\SysNative\igcompkrng600.bin
[2013/04/07 03:36:27 | 000,140,077 | ---- | C] () -- C:\Windows\SysNative\Gfxres.it-IT.resources
[2013/04/07 03:36:27 | 000,138,572 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ko-KR.resources
[2013/04/07 03:36:27 | 000,137,705 | ---- | C] () -- C:\Windows\SysNative\Gfxres.de-DE.resources
[2013/04/07 03:36:27 | 000,137,506 | ---- | C] () -- C:\Windows\SysNative\Gfxres.es-ES.resources
[2013/04/07 03:36:27 | 000,136,449 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ro-RO.resources
[2013/04/07 03:36:27 | 000,135,519 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources
[2013/04/07 03:36:27 | 000,135,222 | ---- | C] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources
[2013/04/07 03:36:27 | 000,134,686 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources
[2013/04/07 03:36:27 | 000,134,272 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources
[2013/04/07 03:36:27 | 000,134,238 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources
[2013/04/07 03:36:27 | 000,133,706 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources
[2013/04/07 03:36:27 | 000,133,548 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources
[2013/04/07 03:36:27 | 000,133,246 | ---- | C] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources
[2013/04/07 03:36:27 | 000,133,014 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources
[2013/04/07 03:36:27 | 000,132,752 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources
[2013/04/07 03:36:27 | 000,132,650 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources
[2013/04/07 03:36:27 | 000,131,705 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hr-HR.resources
[2013/04/07 03:36:27 | 000,128,863 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources
[2013/04/07 03:36:27 | 000,128,667 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources
[2013/04/07 03:36:27 | 000,128,407 | ---- | C] () -- C:\Windows\SysNative\Gfxres.da-DK.resources
[2013/04/07 03:36:27 | 000,123,921 | ---- | C] () -- C:\Windows\SysNative\Gfxres.en-US.resources
[2013/04/07 03:36:27 | 000,117,522 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources
[2013/04/07 03:36:27 | 000,116,233 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources
[2013/04/07 03:36:27 | 000,094,208 | ---- | C] () -- C:\Windows\SysNative\IccLibDll_x64.dll
[2013/04/07 03:36:27 | 000,075,776 | ---- | C] () -- C:\Windows\SysNative\igdde64.dll
[2013/04/07 03:36:27 | 000,059,243 | ---- | C] () -- C:\Windows\SysNative\iglhxo64.vp
[2013/04/07 03:36:27 | 000,059,174 | ---- | C] () -- C:\Windows\SysNative\iglhxg64.vp
[2013/04/07 03:36:27 | 000,059,062 | ---- | C] () -- C:\Windows\SysNative\iglhxc64.vp
[2013/04/07 03:36:27 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2013/04/07 03:36:27 | 000,017,272 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp
[2013/04/07 03:36:27 | 000,004,096 | ---- | C] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll
[2013/04/07 03:36:27 | 000,000,151 | ---- | C] () -- C:\Windows\SysNative\GfxUI.exe.config
[2013/04/07 03:34:44 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2013/04/07 03:33:46 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013/04/07 03:32:31 | 000,198,664 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2013/04/07 03:32:31 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2013/04/07 03:32:31 | 000,003,929 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat
[2013/04/07 03:32:15 | 000,035,707 | ---- | C] () -- C:\Windows\atiogl.xml
[2013/04/07 03:29:29 | 000,001,405 | ---- | C] () -- C:\Users\Izabelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2013/04/07 03:29:28 | 000,001,439 | ---- | C] () -- C:\Users\Izabelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/04/07 03:29:03 | 000,000,290 | ---- | C] () -- C:\Users\Izabelle\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/04/07 03:29:03 | 000,000,272 | ---- | C] () -- C:\Users\Izabelle\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/10/12 16:16:30 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll

========== ZeroAccess Check ==========

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010/11/20 23:23:55 | 014,174,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010/11/20 23:24:02 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/04/07 13:16:50 | 000,000,000 | ---D | M] -- C:\Users\Izabelle\AppData\Roaming\Epson
[2013/04/07 13:16:50 | 000,000,000 | ---D | M] -- C:\Users\Izabelle\AppData\Roaming\Leader Technologies
[2013/04/07 12:54:22 | 000,000,000 | ---D | M] -- C:\Users\Izabelle\AppData\Roaming\Leadertech

========== Purity Check ==========



< End of report >


Extras

OTL Extras logfile created on: 4/7/2013 4:24:14 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Izabelle\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

15.92 Gb Total Physical Memory | 13.80 Gb Available Physical Memory | 86.67% Memory free
31.84 Gb Paging File | 29.38 Gb Available in Paging File | 92.30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119.14 Gb Total Space | 46.01 Gb Free Space | 38.62% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 810.62 Gb Free Space | 87.02% Space Free | Partition Type: NTFS
Drive E: | 170.84 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 931.51 Gb Total Space | 739.25 Gb Free Space | 79.36% Space Free | Partition Type: NTFS

Computer Name: IZZIPICS | User Name: Izabelle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04CD09BC-A6E8-4085-8E40-E18689F55EB3}" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"{2D218EA4-2EB8-411D-80E2-A85EF626029C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2F13C43B-BB30-47C0-BAD1-117E7DF8C2B3}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{3C843C41-FD4D-48CE-BF3C-8E772A8D216F}" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"{61F1C64C-ECBA-423A-B2FE-725333AFABFB}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{716C151D-42A9-4DC9-9E51-674C85DFC81E}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{858099C0-1D87-488B-9ED7-551E4A77F941}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F8F5FECA-E413-4497-AD62-458BE5CB2E8F}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0210B563-198E-5A4B-E757-7BC4AC7677F8}" = AMD AVIVO64 Codecs
"{0225AD21-F3E2-4916-BFF3-65D3F9052582}" = iTunes
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4667346F-97F1-4012-B454-A3FF46BE738D}" = AMD Media Foundation Decoders
"{49384799-E541-8F8D-B376-4F8AD3AACC24}" = AMD Drag and Drop Transcoding
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{814FA673-A085-403C-9545-747FC1495069}" = Epson Customer Participation
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CCE9E238-0912-1D72-C1AA-0CE3B30EA5E0}" = AMD Catalyst Install Manager
"{D954C6C2-544B-4091-A47F-11E77162883E}" = Microsoft Security Client
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E88BF02C-A112-EFE3-23DC-68901A56C647}" = ccc-utility64
"EPSON Artisan 730 Series" = EPSON Artisan 730 Series Printer Uninstall
"Microsoft Security Client" = Microsoft Security Essentials

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01755517-95CC-18BA-7946-947F61BA72BF}" = CCC Help Spanish
"{01E1040A-9DE6-0B93-A219-7EF7B0199FC6}" = CCC Help Norwegian
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08761EEC-E058-0991-016E-7CC297BD0E39}" = CCC Help Portuguese
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{10F63395-157F-4B93-AB4D-702A2FF11942}" = Epson Download Navigator
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{1F340F0F-BC84-B83C-F913-E3C403B21528}" = CCC Help English
"{20D2E763-524F-37DB-A942-71B303A5AE48}" = CCC Help Italian
"{2379CBAE-CB0F-1A86-65CF-F93F50B97926}" = CCC Help Danish
"{2F8F271F-320F-1034-F773-91944715F291}" = CCC Help Chinese Traditional
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{3575A82F-0492-F581-78A5-0C597CB021E3}" = CCC Help Hungarian
"{36205E88-3A30-4C99-4DB5-64D6A773F37E}" = CCC Help French
"{391DA956-B5BE-DD07-0FF0-3154DFA5D2C7}" = CCC Help Dutch
"{3AA676C0-4497-FD46-1FB2-E033B7BE7259}" = CCC Help Turkish
"{3B35725F-C623-4A1E-B5CC-99C0868679E3}" = Smart 6 B11.0512.1
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.0110.1
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{41BE0C50-7E18-CB63-9AA2-48645FDBDE95}" = CCC Help Thai
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B11.0512.1
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4C98EE93-7E6E-C89C-582E-DA9BFB86FFA7}" = CCC Help Chinese Standard
"{5733100B-19AC-9DBF-6EB6-8E3114B1D04D}" = CCC Help German
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{64BA551C-9AF6-495C-93F3-D1270E0045FC}" = Epson Connect
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{675F86A8-E093-4002-87D5-915CC2C45571}" = DES 2.0
"{679C52D8-E5BB-5C41-3531-C4AF49F10704}" = CCC Help Czech
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}" = Epson Event Manager
"{8F722FA9-B994-4C9B-B292-FD32D6206EDF}" = ASUS WLAN Card Utilities/Driver
"{9158FF30-78D7-40EF-B83E-451AC5334640}" = Adobe Photoshop CS5.1
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9919CA95-65AC-A53D-EA91-144AE8C6E418}" = Catalyst Control Center InstallProxy
"{9A0CE116-AA9B-3B2A-7B11-89B9AEEBA49C}" = CCC Help Polish
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{B1D19875-7F88-1C4A-311F-143FD3A7E5B1}" = CCC Help Russian
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B3F0744A-0DD0-402D-9B95-B78D376363D5}" = CCC Help Greek
"{B4CC847C-FE70-0139-A04E-79DC639AE320}" = CCC Help Swedish
"{B55967A7-7E8F-158E-42FB-390E930C2FE3}" = CCC Help Korean
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B10.1021.1
"{D16A31F9-276D-4968-A753-FFEAC56995D0}" = Epson Print CD
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D6D46D46-9ED3-5238-D36A-B8A7F7F290A3}" = CCC Help Finnish
"{D6D62F1D-E3D6-E982-48B4-A20663B1FB7D}" = HydraVision
"{D8AA9719-3734-3AF0-6275-1F658C30F8BC}" = Catalyst Control Center Graphics Previews Common
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{E95FB039-009E-7927-F0F1-28037D857110}" = Catalyst Control Center
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F7B5069A-8F13-B423-D6D7-A3A2E97E9DB7}" = Catalyst Control Center Localization All
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{F9612AA5-0B25-24A2-2D3E-5B64C6339E34}" = CCC Help Japanese
"Adobe AIR" = Adobe AIR
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"EPSON Scanner" = EPSON Scan
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B11.0512.1
"InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B10.1021.1
"InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"LTCM Client" = LTCM Client
"MagniDriver" = marvell 91xx driver
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100
"Mozilla Firefox 20.0 (x86 en-US)" = Mozilla Firefox 20.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 4/7/2013 3:10:55 PM | Computer Name = IzziPics | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 4/7/2013 3:10:55 PM | Computer Name = IzziPics | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 4/7/2013 3:11:15 PM | Computer Name = IzziPics | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 4/7/2013 3:12:28 PM | Computer Name = IzziPics | Source = WinMgmt | ID = 10
Description =

Error - 4/7/2013 4:13:27 PM | Computer Name = IzziPics | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 4/7/2013 4:13:27 PM | Computer Name = IzziPics | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 4/7/2013 4:13:48 PM | Computer Name = IzziPics | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 4/7/2013 4:15:00 PM | Computer Name = IzziPics | Source = WinMgmt | ID = 10
Description =

Error - 4/7/2013 4:26:22 PM | Computer Name = IzziPics | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 4/7/2013 4:26:22 PM | Computer Name = IzziPics | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

[ System Events ]
Error - 4/7/2013 3:41:26 AM | Computer Name = IzziPics | Source = Service Control Manager | ID = 7030
Description = The Smart TimeLock Service service is marked as an interactive service.
However, the system is configured to not allow interactive services. This service
may not function properly.

Error - 4/7/2013 3:42:07 AM | Computer Name = IzziPics | Source = Service Control Manager | ID = 7030
Description = The DES2 Service for Energy Saving. service is marked as an interactive
service. However, the system is configured to not allow interactive services.
This service may not function properly.

Error - 4/7/2013 3:43:54 AM | Computer Name = IzziPics | Source = EventLog | ID = 6008
Description = The previous system shutdown at 3:42:45 AM on ?4/?7/?2013 was unexpected.

Error - 4/7/2013 3:47:47 AM | Computer Name = IzziPics | Source = Service Control Manager | ID = 7000
Description = The ASNDIS4 Protocol Driver service failed to start due to the following
error: %%2

Error - 4/7/2013 12:13:53 PM | Computer Name = IzziPics | Source = EventLog | ID = 6008
Description = The previous system shutdown at 12:09:54 PM on ?4/?7/?2013 was unexpected.

Error - 4/7/2013 1:16:34 PM | Computer Name = IzziPics | Source = EventLog | ID = 6008
Description = The previous system shutdown at 1:12:48 PM on ?4/?7/?2013 was unexpected.

Error - 4/7/2013 3:10:38 PM | Computer Name = IzziPics | Source = EventLog | ID = 6008
Description = The previous system shutdown at 2:15:27 PM on ?4/?7/?2013 was unexpected.

Error - 4/7/2013 4:13:10 PM | Computer Name = IzziPics | Source = EventLog | ID = 6008
Description = The previous system shutdown at 4:09:31 PM on ?4/?7/?2013 was unexpected.


< End of report >
  • 0

#7
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Log looks clean, OK lets check the memory first

1. Open Memory Diagnostics Tool by clicking the Start button, and then clicking Control Panel.
2. In the search box, type Memory, and then click Diagnose your computer's memory problems.‌ Administrator permission required If you're prompted for an administrator password or confirmation, type the password or provide confirmation.
3..Choose when to run the tool.


  • 0

#8
th1nker

th1nker

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts
We ran the memory test as you showed. The test completed and the computer restarted. Is that a good thing?
  • 0

#9
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Did it report any errors ?

Next would be a chk disc
There is a step by step guide here

These are the two easiest elements to check
  • 0

#10
th1nker

th1nker

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts
Memory test did not report any errors, it just automatically restarted the computer when it was done. I started working on Photoshop, came back to this page to check your reply and it froze again... I clicked to reboot and it made a long jerking sound (I was playing music) and then it restarted. This happened before, the freeze and the sound. I ran the disc check and the computer restarted automatically as well. I didn't see it report any errors or anything... How are we standing?
  • 0

Advertisements


#11
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

. I started working on Photoshop, came back to this page to check your reply and it froze again... I clicked to reboot and it made a long jerking sound

Ensure all you data is backed up as the HSDD could be going

What is the make and model of your computer ? As there may be a drive diagnostic for it
  • 0

#12
th1nker

th1nker

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts
It is a custom built computer. I know all of the parts for it. Should I tell you the make/model of the drive?

Data is already backed up. What do you mean by HSDD?
  • 0

#13
th1nker

th1nker

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts
Was working in Photoshop and I just got the blue screen of death... Happened before, took a photo if you want to see it...
  • 0

#14
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Oops bad spelling on my part I meant HDD (hard disc drive)

Yes a piccy may help
  • 0

#15
th1nker

th1nker

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts
Copy that.

Attaching blue screen pic.

When I shut down last night it uploaded about 97 updates, kept loading until morning then froze, I had to restart again... Just installed Windows 7 on it 2 days ago, so maybe that's why.

Hung two more times this morning.

Edited by th1nker, 08 April 2013 - 12:12 PM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP