Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Too much BSOD in few days!


  • Please log in to reply

#1
Maleece

Maleece

    New Member

  • Member
  • Pip
  • 1 posts
Hi there!

I've got theses problem recently on my computer :

"Thread tried to release a resource it did not own"
"Page fault in non page area "

And many more. I've run an OTL and give me this.

Thanks a lot!

Computer :
Windows 7 Family Premium Edition
Processor Intel® Core™2 Quad CPU Q6600 @ 2.40GHz 2.40GHz
RAM: 6.00Go
System: 64 bits
Graphic Card : NVIDIA GeForce GTX 560 Ti



OTL logfile created on: 2013-08-03 14:22:21 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Annie\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000c0c | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

6,00 Gb Total Physical Memory | 4,30 Gb Available Physical Memory | 71,61% Memory free
11,99 Gb Paging File | 10,13 Gb Available in Paging File | 84,42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 266,70 Gb Total Space | 100,52 Gb Free Space | 37,69% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 3,94 Gb Free Space | 39,38% Space Free | Partition Type: NTFS
Drive F: | 21,34 Gb Total Space | 21,21 Gb Free Space | 99,40% Space Free | Partition Type: NTFS

Computer Name: ANNIE-PC | User Name: Annie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Annie\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe (Aeria Games & Entertainment)
PRC - C:\Users\Annie\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\BBSvc.EXE (Microsoft Corporation.)
PRC - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
PRC - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe ()
PRC - C:\Program Files\Tablet\Pen\WacomHost.exe (Wacom Technology)
PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ffmpegsumo.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\9a5879b4dd5bbfb9ddf7b3c3557705d8\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\3bd9827250aa3b940842ad88faeea546\System.EnterpriseServices.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\3bd9827250aa3b940842ad88faeea546\System.EnterpriseServices.Wrapper.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\e530f142251fb9ed307b2c680bc3e59c\System.Transactions.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\a6c1bfa66e0c02057bd59138e48db3ad\System.Runtime.Serialization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\cb4cf75e03a2ece5f14766e9175f47e6\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\88b9d1c2090f7f3e0e61833ec101923c\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\860349acf665c9efa5de11e159a8bb8a\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\203d9fcb7dfa54b7923d01ca8bfea8d0\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\67dd6be3025ef27a6c035a656ae85b63\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\ec4178796e7d9e9b088b26997a6dc866\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b9d6e1198b5cf137fc0d97f0930fd3e4\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\02309fbbabbd12cfb07d79a684f4c821\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\6af6587a49ca918291917ca318dabbbc\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\af542b07d5ab8851604628f895888336\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\fbd506dcd9a25540d1e5bf95c7bcd896\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\1c0a3dbd8b8c2033b811036ff7043ef3\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c799474a067f07ef3a167d75029fa012\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
MOD - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (WTabletServiceCon) -- C:\Program Files\Tablet\Pen\WTabletServiceCon.exe (Wacom Technology, Corp.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\SeaPort.EXE (Microsoft Corporation.)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\BBSvc.EXE (Microsoft Corporation.)
SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe (McAfee, Inc.)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (WacHidRouter) -- C:\Windows\SysNative\drivers\wachidrouter.sys (Wacom Technology)
DRV:64bit: - (hidkmdf) -- C:\Windows\SysNative\drivers\hidkmdf.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (wacomrouterfilter) -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys (Wacom Technology)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (slb) -- C:\AeriaGames\ScarletBlade\avital\scarlb64.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certif...&st=home&tid=77
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certif...&st=home&tid=77
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certif...&st=home&tid=77
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certif...&st=home&tid=77
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.certif...&st=home&tid=77
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/de....aspx?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-ca
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D0 A8 80 C8 83 B8 CD 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certif...&st=home&tid=77
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certif...&st=home&tid=77
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Annie\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)


[2013-07-27 15:39:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Annie\AppData\Roaming\mozilla\Extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://search.certif...&st=home&tid=77
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Annie\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.138\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Annie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\npSkypeChromePlugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U10 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: WacomTabletPlugin (Enabled) = C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files (x86)\TabletPlugins\npwacom.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Java Deployment Toolkit 7.0.100.18 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Documents Google = C:\Users\Annie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google\u00A0Drive = C:\Users\Annie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Annie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Recherche Google = C:\Users\Annie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Skype Click to Call = C:\Users\Annie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\
CHR - Extension: Gmail = C:\Users\Annie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009-06-10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\BingExt.dll (Microsoft Corporation.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Aeria Ignite] C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe (Aeria Games & Entertainment)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe ()
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Annie\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: aeriagames.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: aeriagames.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.200.243.189 24.200.210.241 24.200.228.113
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5B7058EA-D870-40C2-A57F-1C7CBCA80211}: DhcpNameServer = 24.200.243.189 24.200.210.241 24.200.228.113
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013-07-29 21:46:53 | 000,000,000 | ---D | C] -- C:\Users\Annie\AppData\Roaming\Nekobolt
[2013-07-29 21:46:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XNA
[2013-07-29 21:45:10 | 000,000,000 | ---D | C] -- C:\Users\Annie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baking Success
[2013-07-29 21:45:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baking Success
[2013-07-29 21:45:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Baking Success
[2013-07-29 21:43:37 | 000,000,000 | ---D | C] -- C:\BigFishCache
[2013-07-28 04:27:08 | 000,000,000 | ---D | C] -- C:\Users\Annie\AppData\Local\SecondLife
[2013-07-28 04:26:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Second Life Viewer
[2013-07-28 04:25:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SecondLifeViewer
[2013-07-27 15:39:51 | 000,000,000 | ---D | C] -- C:\Users\Annie\AppData\Roaming\Mozilla
[2013-07-27 15:39:25 | 000,000,000 | ---D | C] -- C:\Users\Annie\AppData\Local\Conduit
[2013-07-27 15:39:07 | 000,000,000 | ---D | C] -- C:\Users\Annie\AppData\Local\CRE
[2013-07-27 15:39:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2013-07-23 16:51:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
[2013-07-23 16:51:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aeria Games
[2013-07-22 14:31:48 | 000,000,000 | ---D | C] -- C:\Users\Annie\AppData\Local\NVIDIA
[2013-07-22 14:29:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013-07-22 12:55:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firestorm-Release
[2013-07-22 12:54:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Firestorm-Release
[2013-07-21 20:04:04 | 000,000,000 | ---D | C] -- C:\Users\Annie\AppData\Local\SingularityViewer
[2013-07-21 20:04:04 | 000,000,000 | ---D | C] -- C:\Users\Annie\AppData\Roaming\SecondLife
[2013-07-21 20:03:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Singularity Viewer
[2013-07-21 20:03:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Singularity
[2013-07-04 18:54:47 | 000,000,000 | ---D | C] -- C:\Users\Annie\Documents\Toxic Template
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013-08-03 14:24:42 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-08-03 14:24:42 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-08-03 14:16:25 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-08-03 14:16:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-08-03 14:16:05 | 534,880,255 | -HS- | M] () -- C:\hiberfil.sys
[2013-08-03 13:56:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-08-03 13:16:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013-08-03 10:08:59 | 004,901,224 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013-08-03 03:36:20 | 000,000,132 | ---- | M] () -- C:\Users\Annie\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2013-08-02 22:20:00 | 459,217,270 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013-07-29 21:45:27 | 000,001,957 | ---- | M] () -- C:\Users\Public\Desktop\Play Baking Success.lnk
[2013-07-29 21:45:27 | 000,001,258 | ---- | M] () -- C:\Users\Public\Desktop\More Great Games.lnk
[2013-07-28 04:26:51 | 000,001,129 | ---- | M] () -- C:\Users\Public\Desktop\Second Life Viewer.lnk
[2013-07-23 21:45:36 | 001,639,496 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013-07-23 21:45:36 | 000,745,100 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2013-07-23 21:45:36 | 000,651,982 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013-07-23 21:45:36 | 000,148,618 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2013-07-23 21:45:36 | 000,120,914 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013-07-23 21:45:27 | 001,639,496 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013-07-23 19:10:14 | 003,145,746 | ---- | M] () -- C:\Users\Annie\AZ_FrontWall.tga
[2013-07-23 16:51:28 | 000,002,028 | ---- | M] () -- C:\Users\Public\Desktop\Aeria Ignite.lnk
[2013-07-22 12:55:31 | 000,001,321 | ---- | M] () -- C:\Users\Public\Desktop\Firestorm-Release.lnk
[2013-07-21 20:04:03 | 000,001,249 | ---- | M] () -- C:\Users\Public\Desktop\Singularity Viewer.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013-07-29 21:45:27 | 000,001,957 | ---- | C] () -- C:\Users\Public\Desktop\Play Baking Success.lnk
[2013-07-29 21:45:27 | 000,001,258 | ---- | C] () -- C:\Users\Public\Desktop\More Great Games.lnk
[2013-07-28 04:26:51 | 000,001,129 | ---- | C] () -- C:\Users\Public\Desktop\Second Life Viewer.lnk
[2013-07-23 19:10:13 | 003,145,746 | ---- | C] () -- C:\Users\Annie\AZ_FrontWall.tga
[2013-07-23 16:51:28 | 000,002,028 | ---- | C] () -- C:\Users\Public\Desktop\Aeria Ignite.lnk
[2013-07-22 14:27:06 | 001,639,496 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013-07-22 12:55:31 | 000,001,321 | ---- | C] () -- C:\Users\Public\Desktop\Firestorm-Release.lnk
[2013-07-21 20:04:03 | 000,001,249 | ---- | C] () -- C:\Users\Public\Desktop\Singularity Viewer.lnk
[2013-05-19 02:03:59 | 000,000,017 | ---- | C] () -- C:\Users\Annie\AppData\Local\resmon.resmoncfg
[2013-02-02 16:14:38 | 000,034,815 | ---- | C] () -- C:\Program Files (x86)\Common Files\plugin.crx
[2013-02-02 16:14:16 | 000,015,360 | ---- | C] () -- C:\Windows\Launcher.exe
[2012-11-11 22:15:11 | 000,000,132 | ---- | C] () -- C:\Users\Annie\AppData\Roaming\Adobe PNG Format CS5 Prefs

========== ZeroAccess Check ==========

[2009-07-14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013-02-27 01:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013-02-27 00:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013-05-25 14:31:33 | 000,000,000 | ---D | M] -- C:\Users\Annie\AppData\Roaming\.rainbowmachine
[2013-05-01 20:04:19 | 000,000,000 | ---D | M] -- C:\Users\Annie\AppData\Roaming\A2 Entertainment
[2013-01-01 13:02:21 | 000,000,000 | ---D | M] -- C:\Users\Annie\AppData\Roaming\Aeria Games & Entertainment
[2013-06-03 21:50:39 | 000,000,000 | ---D | M] -- C:\Users\Annie\AppData\Roaming\AlawarEntertainment
[2013-04-12 18:16:36 | 000,000,000 | ---D | M] -- C:\Users\Annie\AppData\Roaming\AlawarSouthpoint
[2012-12-31 13:16:02 | 000,000,000 | ---D | M] -- C:\Users\Annie\AppData\Roaming\AlderGames
[2013-04-01 21:49:18 | 000,000,000 | ---D | M] -- C:\Users\Annie\AppData\Roaming\Anino Games
[2012-12-17 15:51:44 | 000,000,000 | ---D | M] -- C:\Users\Annie\AppData\Roaming\anngames
[2013-01-28 10:57:21 | 000,000,000 | ---D | M] -- C:\Users\Annie\AppData\Roaming\Anuman
[2013-05-05 14:23:03 | 000,000,000 | ---D | M] -- C:\Users\Annie\AppData\Roaming\Awesomium
[2013-04-22 23:37:39 | 000,000,000 | ---D | M] -- C:\Users\Annie\AppData\Roaming\Big Fish Games
[2013-05-25 14:51:35 | 000,000,000 | ---D | M] -- C:\Users\Annie\AppData\Roaming\cerasus.media
[2012-11-11 15:48:48 | 000,000,000 | ---D | M] -- C:\Users\Annie\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012-11-17 22:00:35 | 000,000,000 | ---D | M] -- C:\Users\Annie\AppData\Roaming\com.gugga.radiomini
[2013-01-15 21:31:26 | 000,000,000 | ---D | M] -- C:\Users\Annie\AppData\Roaming\DAZ 3D
[2013-04-07 22:14:08 | 000,000,000 | ---D | M] -- C:\Users\Annie\AppData\Roaming\ERS Game Studios
[2013-01-19 10:48:07 | 000,000,000 | ---D | M] -- C:\Users\Annie\AppData\Roaming\Farm Mania 2.1
[2013-04-24 06:24:14 | 000,000,000 | ---D | M] -- C:\Users\Annie\AppData\Roaming\Firestorm
[2013-04-29 16:35:37 | 000,000,000 | ---D | M] -- C:\Users\Annie\AppData\Roaming\GameInvest
[2013-05-13 22:11:52 | 000,000,000 | ---D | M] -- C:\Users\Annie\AppData\Roaming\GameMill Entertainment
[2013-04-22 23:39:58 | 000,000,000 | ---D | M] -- C:\Users\Annie\AppData\Roaming\GOA
[2013-05-09 21:16:39 | 000,000,000 | ---D | M] -- C:\Users\Annie\AppData\Roaming\Happy Artist Studio
[2013-04-19 22:21:46 | 000,000,000 | ---D | M] -- C:\Users\Annie\AppData\Roaming\Ludia
[2012-12-25 17:58:01 | 000,000,000 | ---D | M] -- C:\Users\Annie\AppData\Roaming\Meridian93
[2013-05-30 21:30:39 | 000,000,000 | ---D | M] -- C:\Users\Annie\AppData\Roaming\Mumble
[2013-07-29 21:46:53 | 000,000,000 | ---D | M] -- C:\Users\Annie\AppData\Roaming\Nekobolt
[2012-12-22 19:11:25 | 000,000,000 | ---D | M] -- C:\Users\Annie\AppData\Roaming\NGSLtd
[2012-12-30 10:36:34 | 000,000,000 | ---D | M] -- C:\Users\Annie\AppData\Roaming\Oberon Games
[2013-04-29 17:05:18 | 000,000,000 | ---D | M] -- C:\Users\Annie\AppData\Roaming\PlayFirst
[2013-05-08 21:38:13 | 000,000,000 | ---D | M] -- C:\Users\Annie\AppData\Roaming\Playrix Entertainment
[2013-07-21 20:07:33 | 000,000,000 | ---D | M] -- C:\Users\Annie\AppData\Roaming\SecondLife
[2013-04-28 09:58:44 | 000,000,000 | ---D | M] -- C:\Users\Annie\AppData\Roaming\Sidewalk Games
[2013-04-28 01:10:39 | 000,000,000 | ---D | M] -- C:\Users\Annie\AppData\Roaming\SulusGames
[2013-04-28 10:21:16 | 000,000,000 | ---D | M] -- C:\Users\Annie\AppData\Roaming\TERA
[2013-04-15 01:39:46 | 000,000,000 | ---D | M] -- C:\Users\Annie\AppData\Roaming\UClick
[2013-05-12 09:27:15 | 000,000,000 | ---D | M] -- C:\Users\Annie\AppData\Roaming\Unity
[2013-06-09 00:24:43 | 000,000,000 | ---D | M] -- C:\Users\Annie\AppData\Roaming\ViquaSoft
[2012-12-12 21:10:45 | 000,000,000 | ---D | M] -- C:\Users\Annie\AppData\Roaming\Wacom
[2012-11-12 19:39:34 | 000,000,000 | ---D | M] -- C:\Users\Annie\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 244 bytes -> C:\ProgramData\TEMP:413E2927
@Alternate Data Stream - 243 bytes -> C:\ProgramData\TEMP:CAF8DAC8
@Alternate Data Stream - 242 bytes -> C:\ProgramData\TEMP:8E9C9E8F
@Alternate Data Stream - 240 bytes -> C:\ProgramData\TEMP:5EC3C304
@Alternate Data Stream - 232 bytes -> C:\ProgramData\TEMP:3790BACD
@Alternate Data Stream - 231 bytes -> C:\ProgramData\TEMP:22741C1F
@Alternate Data Stream - 226 bytes -> C:\ProgramData\TEMP:E11EAB84
@Alternate Data Stream - 226 bytes -> C:\ProgramData\TEMP:0E8117B1
@Alternate Data Stream - 223 bytes -> C:\ProgramData\TEMP:80E965A3
@Alternate Data Stream - 223 bytes -> C:\ProgramData\TEMP:5F1019FF
@Alternate Data Stream - 222 bytes -> C:\ProgramData\TEMP:6F55EB66
@Alternate Data Stream - 221 bytes -> C:\ProgramData\TEMP:ADFAD95A
@Alternate Data Stream - 220 bytes -> C:\ProgramData\TEMP:971DCCE2
@Alternate Data Stream - 218 bytes -> C:\ProgramData\TEMP:169E7AC5
@Alternate Data Stream - 198 bytes -> C:\ProgramData\TEMP:A688EF17
@Alternate Data Stream - 198 bytes -> C:\ProgramData\TEMP:538B96B5
@Alternate Data Stream - 166 bytes -> C:\ProgramData\TEMP:CB959782
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:1ADC4BD5
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:AE289451
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:9110335E
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:426D1496
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:2640C43F
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:640DDEFF
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:896FF808
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:A4AF8D0D
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:38A0E181
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:271E16B0
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:A2B3764A
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:B317D7ED
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:2CB9631F
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:9CF728A6
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:165AF2C6
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:3ADE134E
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:A69FAA24
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:DCB27118
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:993185CB
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:B01EC114
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:19C541B5
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:D61EB62D
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:B87050B0
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:4B325725
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:217A2A36
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:1011DA7C
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:1D4A17AE
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:97CA3B9E
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:28819F45
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:8B69E3C3
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:6677D85A
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:490BCC52

< End of report >
  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,007 posts
  • MVP
Did you get an Extras log when you ran OTL? IF so please copy and pste it into a reply.

If not:

Copy the text in the code box:

DRIVES
nnetsvcs
%SYSTEMDRIVE%\*.exe
%systemroot%\assembly\GAC_32\*.ini
%systemroot%\assembly\GAC_64\*.ini
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.exe
%APPDATA%\*.
/md5start
rsvpsp.dll
pnrpnsp.dll 
nwprovau.dll
nlaapi.dll
napinsp.dll
mswsock.dll
winrnr.dll
wshelper.dll
services.exe
atapi.sys
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
csrss.exe
PrintIsolationHost.exe
consrv.dll
user32.dll
/md5stop
C:\Windows\assembly\tmp\U\*.* /s
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%ProgramFiles%\WINDOWS NT\*.* /s
%systemroot%\system32\drivers\*.sys /lockedfiles
CREATERESTOREPOINT

Run OTL (Vista or Win 7 => right click and Run As Administrator)

Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes

Select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.



Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.

Reboot.

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).
sfc  /scannow

(This will check your critical system files. Does this finish without complaint? IF it says it couldn't fix everything then:

Copy the next two lines:

findstr /c:"[SR]" \windows\logs\cbs\cbs.log > \windows\logs\cbs\junk.txt
notepad \windows\logs\cbs\junk.txt

Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue. Right click and Paste or Edit then Paste and the copied line should appear.
Hit Enter. Copy and paste the text from notepad or if it is too big, just attach the file.)


1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.



Download BlueScreenView
http://www.nirsoft.n...creen_view.html

Double click on BlueScreenView.exe file to run the program.
When scanning is done, go Edit, Select All.

Go File, Save Selected Items, and save the report as BSOD.txt.
Open BSOD.txt in Notepad, copy all content, and paste it into your next reply.

Ron
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP