Jump to content

ThreeSloth

Members
 View Profile  See their activity

  • Posts

    3

  • Joined

  • Last visited

 Content Type 

Everything posted by ThreeSloth

  1. ThreeSloth
    Ok, after babysitter the process I had to kill MSE a few times and the scan finished. OTL logfile created on: 7/1/2012 12:33:52 PM - Run 1 OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Goat\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 12.00 Gb Total Physical Memory | 10.58 Gb Available Physical Memory | 88.21% Memory free 35.99 Gb Paging File | 34.60 Gb Available in Paging File | 96.13% Paging File free Paging file location(s): c:\pagefile.sys 0 0l:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 179.45 Gb Total Space | 67.03 Gb Free Space | 37.35% Space Free | Partition Type: NTFS Drive D: | 14.53 Gb Total Space | 14.19 Gb Free Space | 97.66% Space Free | Partition Type: NTFS Drive E: | 3.00 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF Drive F: | 558.89 Gb Total Space | 331.74 Gb Free Space | 59.36% Space Free | Partition Type: NTFS Drive I: | 74.51 Gb Total Space | 0.41 Gb Free Space | 0.54% Space Free | Partition Type: FAT32 Drive K: | 1863.01 Gb Total Space | 96.93 Gb Free Space | 5.20% Space Free | Partition Type: NTFS Drive L: | 279.45 Gb Total Space | 7.59 Gb Free Space | 2.72% Space Free | Partition Type: NTFS Drive N: | 100.01 Gb Total Space | 18.45 Gb Free Space | 18.45% Space Free | Partition Type: NTFS Computer Name: BYZANTIUM | User Name: Goat | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/07/01 12:18:00 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Goat\Desktop\OTL.exe ========== Modules (No Company Name) ========== ========== Win32 Services (SafeList) ========== SRV:64bit: - [2012/04/05 21:57:34 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV:64bit: - [2012/04/05 19:16:02 | 000,236,544 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2012/03/26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV:64bit: - [2012/03/26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV:64bit: - [2010/11/20 06:25:18 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\snmp.exe -- (SNMP) SRV:64bit: - [2010/04/15 19:02:06 | 002,430,304 | ---- | M] (Diskeeper Corporation) [Auto | Stopped] -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe -- (Diskeeper) SRV:64bit: - [2010/04/06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv) SRV:64bit: - [2009/07/13 18:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\svchost.exe -- (wuauserv) SRV - [2012/06/26 20:24:06 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012/06/16 02:30:59 | 000,257,224 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/06/07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012/05/27 23:24:06 | 001,859,584 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\Mcx2Svc.dll -- (Mcx2Svc) SRV - [2011/10/25 00:03:21 | 000,075,136 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2010/11/20 05:17:42 | 000,047,616 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\snmp.exe -- (SNMP) SRV - [2010/07/01 04:45:02 | 000,136,616 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe -- (AODService) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/01/18 19:31:26 | 000,072,304 | R--- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\XSrvSetup.exe -- (JMB36X) SRV - [2009/08/24 14:38:06 | 000,068,136 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe -- (ES lite Service) SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009/06/10 03:57:56 | 000,605,976 | ---- | M] (Acronis) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012/04/05 22:22:40 | 011,174,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2012/04/05 18:10:44 | 000,343,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2012/03/20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:64bit: - [2012/03/05 16:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1) DRV:64bit: - [2012/03/05 16:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01) DRV:64bit: - [2012/03/05 16:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.0) DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012/02/23 05:32:04 | 000,095,760 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010/11/23 21:28:35 | 000,502,256 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/20 04:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010/06/01 16:32:34 | 000,711,712 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter) DRV:64bit: - [2010/06/01 16:32:34 | 000,081,952 | ---- | M] (Acronis) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\tifsfilt.sys -- (tifsfilter) DRV:64bit: - [2010/06/01 16:32:33 | 000,235,552 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman) DRV:64bit: - [2010/06/01 16:32:32 | 000,593,952 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpman.sys -- (tdrpman) DRV:64bit: - [2010/05/06 02:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:64bit: - [2010/04/21 15:59:16 | 000,073,216 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RzSynapse.sys -- (RzSynapse) DRV:64bit: - [2010/04/09 14:17:24 | 000,019,936 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio) DRV:64bit: - [2010/04/09 14:17:20 | 000,013,280 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio) DRV:64bit: - [2010/04/06 16:30:20 | 000,021,544 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger) DRV:64bit: - [2010/03/10 11:29:28 | 000,052,144 | ---- | M] (Diskeeper Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DKRtWrt.sys -- (DKRtWrt) DRV:64bit: - [2010/03/09 19:03:52 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie) AMD PCI Express (3GIO) DRV:64bit: - [2010/02/18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64) DRV:64bit: - [2010/01/27 01:58:38 | 000,115,312 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID) DRV:64bit: - [2009/12/21 12:56:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter) DRV:64bit: - [2009/11/20 04:16:02 | 000,177,152 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:64bit: - [2009/11/20 04:15:58 | 000,075,776 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:64bit: - [2009/11/11 17:44:26 | 000,034,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64k.sys -- (Point64) DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV - [2012/07/01 12:25:50 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv) DRV - [2010/08/15 13:35:51 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv) DRV - [2010/08/15 13:33:43 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64) DRV - [2010/07/01 04:44:34 | 000,052,352 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys -- (AODDriver2) DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1371545983-2961928761-602670508-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data over 100 bytes] IE - HKU\S-1-5-21-1371545983-2961928761-602670508-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ IE - HKU\S-1-5-21-1371545983-2961928761-602670508-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/ IE - HKU\S-1-5-21-1371545983-2961928761-602670508-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us IE - HKU\S-1-5-21-1371545983-2961928761-602670508-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 59 BD 00 2B 66 F9 CA 01 [binary data] IE - HKU\S-1-5-21-1371545983-2961928761-602670508-1001\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.6\youtubedownloaderToolbarIE.dll (Spigot, Inc.) IE - HKU\S-1-5-21-1371545983-2961928761-602670508-1001\..\SearchScopes,DefaultScope = {8203D70F-899F-4341-8996-3F850C354306} IE - HKU\S-1-5-21-1371545983-2961928761-602670508-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-1371545983-2961928761-602670508-1001\..\SearchScopes\{8203D70F-899F-4341-8996-3F850C354306}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=937811&p={searchTerms} IE - HKU\S-1-5-21-1371545983-2961928761-602670508-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1371545983-2961928761-602670508-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: G:\Program Files\iTunes\Mozilla Plugins\npitunes.dll File not found FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.3: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.3\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.96.0: C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll File not found FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files (x86)\Viewpoint\Viewpoint Media Player\npViewpoint.dll File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) ========== Chrome ========== CHR - default_search_provider: Bing (Enabled) CHR - default_search_provider: search_url = http://www.bing.com/search?setmkt=en-US&q={searchTerms} CHR - default_search_provider: suggest_url = http://api.bing.com/osjson.aspx?query={searchTerms}&language={language} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Goat\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.210.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java Platform SE 6 U21 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.3\npesnsonar.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll CHR - plugin: iTunes Application Detector (Enabled) = G:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - Extension: YouTube = C:\Users\Goat\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google Search = C:\Users\Goat\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: AdBlock = C:\Users\Goat\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.37_0\ CHR - Extension: Gmail = C:\Users\Goat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2012/06/30 21:27:54 | 000,000,808 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.) O2 - BHO: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.6\youtubedownloaderToolbarIE.dll (Spigot, Inc.) O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.) O3 - HKLM\..\Toolbar: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.6\youtubedownloaderToolbarIE.dll (Spigot, Inc.) O3 - HKU\S-1-5-21-1371545983-2961928761-602670508-1001\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.) O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis) O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis) O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [iTunesHelper] "G:\Program Files\iTunes\iTunesHelper.exe" File not found O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe () O4 - HKLM..\Run: [MSIAfterburner] C:\Program Files (x86)\MSI Afterburner\MSIAfterburnerWrapper.exe () O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation) O4 - HKLM..\Run: [Razer Naga Driver] C:\Program Files (x86)\Razer\Naga\NagaTray.exe (Razer USA Ltd) O4 - HKLM..\Run: [searchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.) O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre7\bin\jusched.exe" File not found O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis) O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1371545983-2961928761-602670508-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html () O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html () O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} http://download.gigabyte.com.tw/object/Dldrv.ocx (Dldrv2 Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 10.5.0) O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 1.7.0_05) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 1.7.0_05) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{090D488E-4431-402F-A819-E0BFE996257F}: DhcpNameServer = 75.75.75.75 75.75.76.76 O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30:64bit: - LSA: Authentication Packages - (relog_ap) - C:\Windows\SysNative\relog_ap.dll (Acronis) O30 - LSA: Authentication Packages - (relog_ap) - C:\Windows\SysWow64\relog_ap.dll (Acronis) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/07/14 02:29:38 | 000,000,122 | R--- | M] () - E:\autorun.inf -- [ UDF ] O33 - MountPoints2\{1c34b3df-655d-11df-8c97-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{1c34b3df-655d-11df-8c97-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe -- [2009/07/14 02:29:38 | 000,106,760 | R--- | M] (Microsoft Corporation) O33 - MountPoints2\{71e79002-7eb0-11df-9ccc-000fb5444cb4}\Shell - "" = AutoRun O33 - MountPoints2\{71e79002-7eb0-11df-9ccc-000fb5444cb4}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a O33 - MountPoints2\{bc374e2e-65d0-11df-8f9c-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{bc374e2e-65d0-11df-8f9c-806e6f6e6963}\Shell\AutoRun\command - "" = I:\Run.exe O33 - MountPoints2\{eab1ee37-f782-11df-966a-000fb5444cb4}\Shell\Option1\Command - "" = M:\HBCD\Wintools\Autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012/07/01 12:17:53 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Goat\Desktop\OTL.exe [2012/07/01 02:50:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client [2012/07/01 02:50:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client [2012/06/30 21:09:57 | 000,000,000 | ---D | C] -- C:\Users\Goat\DoctorWeb [2012/06/30 17:44:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012/06/26 15:16:58 | 000,000,000 | ---D | C] -- C:\Windows\Microsoft Antimalware [2012/06/19 19:43:12 | 000,167,696 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmcomm.sys [2012/06/14 13:25:56 | 000,000,000 | -HSD | C] -- C:\Windows\SysNative\%APPDATA% [2012/06/13 10:44:15 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2012/06/13 10:43:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT [2012/06/13 10:43:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP [2012/06/13 10:43:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center [2012/06/01 13:03:56 | 000,000,000 | ---D | C] -- C:\Users\Goat\Documents\Image Data Converter SR ========== Files - Modified Within 30 Days ========== [2012/07/01 12:32:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/07/01 12:32:02 | 1071,816,702 | -HS- | M] () -- C:\hiberfil.sys [2012/07/01 12:27:42 | 000,029,220 | ---- | M] () -- C:\Windows\SysWow64\jcsball.dat [2012/07/01 12:27:42 | 000,008,284 | ---- | M] () -- C:\Windows\SysWow64\jcsb.new [2012/07/01 12:27:42 | 000,005,365 | ---- | M] () -- C:\Windows\SysWow64\jerror.dat [2012/07/01 12:25:29 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/07/01 12:18:00 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Goat\Desktop\OTL.exe [2012/07/01 02:51:05 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif [2012/07/01 02:51:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/07/01 02:50:24 | 000,743,364 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012/07/01 02:50:24 | 000,626,290 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/07/01 02:50:24 | 000,107,566 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/07/01 02:49:21 | 000,013,456 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/07/01 02:49:21 | 000,013,456 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/07/01 02:47:32 | 000,729,706 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/07/01 02:45:35 | 000,000,000 | -HS- | M] () -- C:\DkHyperbootSync [2012/07/01 02:21:38 | 000,003,364 | ---- | M] () -- C:\Users\Goat\Desktop\firewall.reg [2012/07/01 02:20:38 | 000,001,495 | ---- | M] () -- C:\Users\Goat\Desktop\bfe.reg [2012/07/01 00:36:45 | 007,765,074 | ---- | M] () -- C:\Users\Goat\AppData\Local\census.cache [2012/07/01 00:36:34 | 000,116,348 | ---- | M] () -- C:\Users\Goat\AppData\Local\ars.cache [2012/07/01 00:00:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012/06/30 21:27:54 | 000,000,808 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2012/06/30 16:21:13 | 1771,309,135 | ---- | M] () -- C:\Windows\MEMORY.DMP [2012/06/30 15:58:19 | 088,285,672 | ---- | M] () -- C:\Users\Goat\Desktop\a22c2r2w.exe [2012/06/30 15:45:48 | 001,012,656 | ---- | M] () -- C:\Users\Goat\Desktop\rkill.exe [2012/06/30 14:55:00 | 000,849,902 | ---- | M] () -- C:\Users\Goat\Desktop\Sooooo Newer stuff.m3u [2012/06/30 00:52:38 | 000,002,340 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2012/06/29 02:16:56 | 000,001,901 | ---- | M] () -- C:\Users\Public\Desktop\LOL Recorder.lnk [2012/06/26 17:29:08 | 000,234,000 | ---- | M] () -- C:\Windows\RegBootClean64.exe [2012/06/13 07:29:59 | 000,277,656 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT ========== Files Created - No Company Name ========== [2012/07/01 12:25:56 | 000,029,220 | ---- | C] () -- C:\Windows\SysWow64\jcsball.dat [2012/07/01 12:25:56 | 000,008,284 | ---- | C] () -- C:\Windows\SysWow64\jcsb.new [2012/07/01 12:25:56 | 000,005,365 | ---- | C] () -- C:\Windows\SysWow64\jerror.dat [2012/07/01 02:50:26 | 000,001,915 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk [2012/07/01 02:44:34 | 000,000,000 | -HS- | C] () -- C:\DkHyperbootSync [2012/07/01 02:25:55 | 000,005,256 | ---- | C] () -- C:\Users\Goat\Desktop\wscsvc.reg [2012/07/01 02:21:38 | 000,003,364 | ---- | C] () -- C:\Users\Goat\Desktop\firewall.reg [2012/07/01 02:20:38 | 000,001,495 | ---- | C] () -- C:\Users\Goat\Desktop\bfe.reg [2012/06/30 21:31:49 | 000,001,696 | ---- | C] () -- C:\Users\Goat\AppData\Local\{4accc2e2-2579-6676-a460-8a10e4736a7d}\U\00000001.@ [2012/06/30 19:26:01 | 000,001,696 | ---- | C] () -- C:\Windows\Installer\{4accc2e2-2579-6676-a460-8a10e4736a7d}\U\00000001.@ [2012/06/30 16:21:13 | 1771,309,135 | ---- | C] () -- C:\Windows\MEMORY.DMP [2012/06/30 15:53:15 | 088,285,672 | ---- | C] () -- C:\Users\Goat\Desktop\a22c2r2w.exe [2012/06/30 15:45:48 | 001,012,656 | ---- | C] () -- C:\Users\Goat\Desktop\rkill.exe [2012/06/26 20:27:31 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif [2012/06/26 20:27:20 | 000,743,364 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012/06/26 17:29:08 | 000,234,000 | ---- | C] () -- C:\Windows\RegBootClean64.exe [2012/06/26 14:07:59 | 1071,816,702 | -HS- | C] () -- C:\hiberfil.sys [2012/06/22 16:37:19 | 000,001,901 | ---- | C] () -- C:\Users\Public\Desktop\LOL Recorder.lnk [2012/05/27 23:24:06 | 001,859,584 | ---- | C] () -- C:\Windows\SysWow64\Mcx2Svc.dll [2012/04/05 18:29:34 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012/04/05 18:29:34 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012/03/09 14:06:14 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2012/01/11 11:34:29 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{4accc2e2-2579-6676-a460-8a10e4736a7d}\@ [2012/01/11 11:34:29 | 000,002,048 | -HS- | C] () -- C:\Users\Goat\AppData\Local\{4accc2e2-2579-6676-a460-8a10e4736a7d}\@ [2011/10/25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll [2011/09/29 21:30:13 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011/09/29 21:30:12 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011/09/12 15:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2011/06/17 18:25:36 | 007,765,074 | ---- | C] () -- C:\Users\Goat\AppData\Local\census.cache [2011/06/17 18:25:29 | 000,116,348 | ---- | C] () -- C:\Users\Goat\AppData\Local\ars.cache [2011/01/11 17:39:06 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini [2010/10/16 11:51:22 | 000,000,241 | ---- | C] () -- C:\Windows\QSync.INI [2010/10/16 11:50:57 | 000,000,792 | ---- | C] () -- C:\Windows\_delis32.ini [2010/07/01 23:37:10 | 000,000,036 | ---- | C] () -- C:\Users\Goat\AppData\Local\housecall.guid.cache [2010/05/22 11:51:57 | 000,000,918 | ---- | C] () -- C:\Users\Goat\AppData\Roaming\coreavc.ini [2010/05/21 23:53:50 | 000,005,120 | ---- | C] () -- C:\Users\Goat\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/05/21 21:05:46 | 000,007,624 | ---- | C] () -- C:\Users\Goat\AppData\Local\Resmon.ResmonCfg ========== LOP Check ========== [2012/02/29 22:00:50 | 000,000,000 | ---D | M] -- C:\Users\Goat\AppData\Roaming\.minecraft [2010/05/21 22:51:33 | 000,000,000 | ---D | M] -- C:\Users\Goat\AppData\Roaming\Aim [2010/11/23 21:28:06 | 000,000,000 | ---D | M] -- C:\Users\Goat\AppData\Roaming\DAEMON Tools Lite [2012/04/30 14:41:37 | 000,000,000 | ---D | M] -- C:\Users\Goat\AppData\Roaming\dclogs [2010/08/21 23:23:45 | 000,000,000 | ---D | M] -- C:\Users\Goat\AppData\Roaming\GonVisor [2010/07/23 22:56:42 | 000,000,000 | ---D | M] -- C:\Users\Goat\AppData\Roaming\HD Tune Pro [2011/05/28 20:24:37 | 000,000,000 | ---D | M] -- C:\Users\Goat\AppData\Roaming\LolClient [2012/05/23 12:10:41 | 000,000,000 | ---D | M] -- C:\Users\Goat\AppData\Roaming\LolClient2 [2011/08/04 20:02:02 | 000,000,000 | ---D | M] -- C:\Users\Goat\AppData\Roaming\NCH Swift Sound [2010/11/07 17:44:37 | 000,000,000 | ---D | M] -- C:\Users\Goat\AppData\Roaming\Octoshape [2011/10/24 23:49:07 | 000,000,000 | ---D | M] -- C:\Users\Goat\AppData\Roaming\Origin [2012/04/26 20:21:09 | 000,000,000 | ---D | M] -- C:\Users\Goat\AppData\Roaming\Publish Providers [2010/10/25 18:51:29 | 000,000,000 | ---D | M] -- C:\Users\Goat\AppData\Roaming\RayV [2010/06/12 08:22:04 | 000,000,000 | ---D | M] -- C:\Users\Goat\AppData\Roaming\runic games [2012/04/26 20:45:28 | 000,000,000 | ---D | M] -- C:\Users\Goat\AppData\Roaming\Sony [2012/04/02 02:13:29 | 000,000,000 | ---D | M] -- C:\Users\Goat\AppData\Roaming\Stellarium [2010/05/21 22:03:48 | 000,000,000 | ---D | M] -- C:\Users\Goat\AppData\Roaming\SuperAdBlocker.com [2012/04/30 14:44:38 | 000,000,000 | -HSD | M] -- C:\Users\Goat\AppData\Roaming\System Services [2012/06/24 18:57:39 | 000,000,000 | ---D | M] -- C:\Users\Goat\AppData\Roaming\uTorrent [2012/04/26 19:23:44 | 000,000,000 | ---D | M] -- C:\Users\Goat\AppData\Roaming\Xilisoft [2011/01/22 14:55:52 | 000,032,540 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 88 bytes -> C:\Users\Goat\Desktop\NO A NEW ONE.m3u:SummaryInformation @Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:8CE646EE @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:1AAB2E68 < End of report > OTL Extras logfile created on: 7/1/2012 12:33:52 PM - Run 1 OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Goat\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 12.00 Gb Total Physical Memory | 10.58 Gb Available Physical Memory | 88.21% Memory free 35.99 Gb Paging File | 34.60 Gb Available in Paging File | 96.13% Paging File free Paging file location(s): c:\pagefile.sys 0 0l:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 179.45 Gb Total Space | 67.03 Gb Free Space | 37.35% Space Free | Partition Type: NTFS Drive D: | 14.53 Gb Total Space | 14.19 Gb Free Space | 97.66% Space Free | Partition Type: NTFS Drive E: | 3.00 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF Drive F: | 558.89 Gb Total Space | 331.74 Gb Free Space | 59.36% Space Free | Partition Type: NTFS Drive I: | 74.51 Gb Total Space | 0.41 Gb Free Space | 0.54% Space Free | Partition Type: FAT32 Drive K: | 1863.01 Gb Total Space | 96.93 Gb Free Space | 5.20% Space Free | Partition Type: NTFS Drive L: | 279.45 Gb Total Space | 7.59 Gb Free Space | 2.72% Space Free | Partition Type: NTFS Drive N: | 100.01 Gb Total Space | 18.45 Gb Free Space | 18.45% Space Free | Partition Type: NTFS Computer Name: BYZANTIUM | User Name: Goat | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0A54DE51-CD51-BF86-81EB-ED2D663FFBD1}" = ATI AVIVO64 Codecs "{0CC4F67D-D41D-8C1A-C605-39154DDEAC63}" = AMD Fuel "{119B2F5A-2A06-DB96-FF28-992EC2A10BDF}" = AMD Accelerated Video Transcoding "{2E8D6204-D656-8355-1ED3-2988AC52EB0F}" = ccc-utility64 "{3C5E60F1-0821-4B07-97EA-84EB5A927CF6}" = MobileMe Control Panel "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime "{5831C6D6-309D-DBB5-14F7-FEE57086CEE7}" = AMD Catalyst Install Manager "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{63CE6C32-1EB3-4C51-89FC-9FD96A661A9C}" = AMD Media Foundation Decoders "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{94BC2440-7087-47E7-885D-EB8E5F22C201}" = Diskeeper 2010 Home "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant "{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client "{D66F0C3C-24F2-4463-9E2F-4381E5C40A26}" = iTunes "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "{E6456858-8C0C-35CE-96B8-AFFCD205C9FC}" = AMD Drag and Drop Transcoding "{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{F97742F0-03A7-11E1-868F-F04DA23A5C58}" = Vegas Pro 11.0 (64-bit) "{FAE188FD-A941-49E9-A5E9-F6D88517EC40}" = Smart Recovery B09.1218.1 (x64) "{FE51C8DE-03A7-11E1-88F8-F04DA23A5C58}" = MSVCRT Redists "CrystalDiskMark_is1" = CrystalDiskMark 3.0.0e "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft Security Client" = Microsoft Security Essentials "SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set "Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software "SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software "SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software "WinRAR archiver" = WinRAR archiver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{03D4C700-2BFE-43E0-A0B4-9512B43C5B9F}" = Catalyst Control Center - Branding "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{07300F01-89CA-4CF8-92BD-2A605EB83C95}" = EasySaver B9.1214.1 "{19D614EB-D62A-AEE7-2391-E74126601D59}" = CCC Help Italian "{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 3.3 "{1C373820-B9C8-0F7F-8F84-FC1B76A85F27}" = CCC Help Portuguese "{2445981B-A23B-4A0E-AD15-3D391BDAEC3E}" = HDD Regenerator "{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java 7 Update 5 "{2D35BC33-7D08-D529-DF91-8A15FBF2600E}" = CCC Help Polish "{30F8B542-330F-4B99-9813-7A6C5283D212}_is1" = iCare Data Recovery Software3.7.1 "{337788D1-43D1-9A0F-9787-DD00DB512D41}" = Catalyst Control Center Localization All "{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support "{359FCAA7-B544-4147-AE3B-8C8A526E2427}" = Sony Image Data Suite "{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = Gigabyte Raid Configurer "{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B10.0409.1 "{45C8D17D-B5E0-4e93-8370-4329AB16D2A0}" = Battlefield 3™ Open Beta "{4725833D-4325-5C34-57D4-1FE23E5AE578}" = CCC Help Chinese Standard "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4B271648-43CB-DD31-FF24-E7B06D3EE72A}" = Catalyst Control Center InstallProxy "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{4DC37F33-7AEC-A4CB-56B1-69A402828763}" = CCC Help Japanese "{4E25C468-7745-4051-8B37-4A2C6635BA8B}" = Update Manager B09.1008.1 "{5710DAC2-8F2A-503C-CFC2-A973ADE0EA4C}" = CCC Help Czech "{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth "{5C763682-4C40-86DA-9C46-31924D7D2C34}" = CCC Help Thai "{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 "{60E5022D-FA4B-C6A2-1E80-B46EC39096F3}" = CCC Help Chinese Traditional "{60F34FDF-267C-408F-290E-EC90D841C8CB}" = CCC Help German "{652F3200-5E12-4CAD-BA2E-88EFE0113BCD}" = AMD OverDrive "{66B79AE1-C6E2-B958-689C-D0812DE86BAB}" = CCC Help Greek "{6B39BE0F-0F5E-A8FA-33E4-8481AE39D96C}" = CCC Help Russian "{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari "{6BF3C41E-F498-430A-A41E-EEDB5FA2A8B9}_is1" = Partition Wizard Professional Edition 5.0 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{71929EC1-FDB2-4A67-AAAD-936E4539FA84}_is1" = Driver Sweeper 2.1.0 "{72A7495B-18CD-4751-AC38-5DBED9C6B1E7}" = YouTube Downloader Toolbar v4.6 "{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™ "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7 "{8E19F2AF-7145-51DE-E395-7729A9374973}" = Catalyst Control Center Graphics Previews Common "{91CB5B8B-4EC8-DBA1-A88D-99FD480567B0}" = CCC Help English "{924FBAC4-60D2-7981-3C3E-979DF9CBB346}" = CCC Help Finnish "{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9DC939DC-B7A4-D0E2-C582-A442DF1B3EBE}" = CCC Help Spanish "{9F64A0D3-B0D2-4EE1-9A9D-452BD4459D09}" = Razer Naga "{A1BD938B-F006-6E6D-70B2-47E1DD56F7DE}" = CCC Help Swedish "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A94B49C7-7642-4A61-9BC6-DE823C61D17B}_is1" = DiskGetor Data Recovery V2.52 "{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.1 "{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS "{BABF7852-C2DD-6A8A-9956-101720C715C7}" = CCC Help Turkish "{BB7C2A56-9706-43B8-5A8C-210AF5816106}" = CCC Help French "{BEADA775-150E-F969-7ECC-23F9FDF9614D}" = MOTWizard "{C43E4B9C-14C8-4EB0-998B-85211B6EDD61}" = Acronis True Image WD Edition "{C88E49AA-41C5-4420-A08D-BE1B6C5A3A74}" = DAO "{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime "{CFC2CB60-5654-05A7-4D30-C661800A3A92}" = CCC Help Korean "{D04CE005-D1D2-80F3-84C8-B3524FCD39C3}" = CCC Help Norwegian "{D1725D54-279A-40C5-A70D-23C1785DB920}_is1" = AoA Audio Extractor "{D544AE4C-4152-225B-A897-6756C8986B14}" = AMD VISION Engine Control Center "{D56B0E27-4A3E-46C9-B5C1-D93D580C099C}" = NVIDIA PhysX v8.10.29 "{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver "{D81E9069-3CCC-4405-3751-71E4AFEACC52}" = CCC Help Hungarian "{DEAD48E5-E36C-431E-B83C-E61CE71AA13F}" = Livestream Procaster "{E93FF166-DF14-2537-8FB4-96BB5810A96C}" = CCC Help Danish "{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F8131A35-47FD-27AD-116D-0E79AF5DE5EE}" = Acrobat.com "{FA9827E1-8A8E-C176-4923-0840A67ED4DE}" = CCC Help Dutch "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Afterburner" = MSI Afterburner 1.6.1 "AOL Instant Messenger" = AOL Instant Messenger "Battlelog Web Plugins" = Battlelog Web Plugins "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com "Combined Community Codec Pack_is1" = Combined Community Codec Pack 2009-09-09 "CoreAVC Professional Edition" = CoreAVC Professional Edition (remove only) "Diablo II" = Diablo II "ESN Sonar-0.70.0" = ESN Sonar "ESN Sonar-0.70.3" = ESN Sonar "Fraps" = Fraps (remove only) "G.O.M" = G.O.M "GonVisor_is1" = GonVisor 1.74 "Google Chrome" = Google Chrome "HaaliMkx" = Haali Media Splitter "InstallShield_{4E25C468-7745-4051-8B37-4A2C6635BA8B}" = Update Manager B09.1008.1 "InstallShield_{C88E49AA-41C5-4420-A08D-BE1B6C5A3A74}" = DAO "InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver "InstallShield_{FAE188FD-A941-49E9-A5E9-F6D88517EC40}" = Smart Recovery B09.1218.1 (x64) "LOLReplay" = LOLReplay "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400 "Origin" = Origin "PunkBusterSvc" = PunkBuster Services "QCDrivers" = QuickCam Drivers "R-Studio 5.064NSIS" = R-Studio 64 5.0 "StarCraft II" = StarCraft II "StarCraft II Beta" = StarCraft II Beta "Steam App 10" = Counter-Strike "Steam App 12900" = Audiosurf "Steam App 215" = Source SDK Base 2006 "Steam App 300" = Day of Defeat: Source "Steam App 35140" = Batman: Arkham Asylum GOTY Edition "Steam App 3900" = Sid Meier's Civilization IV "Steam App 42120" = Lead and Gold - Gangs of the Wild West "Steam App 43110" = Metro 2033 "Steam App 440" = Team Fortress 2 "Steam App 550" = Left 4 Dead 2 "Steam App 570" = Dota 2 "Steam App 58510" = Cities XL 2011 "Steam App 620" = Portal 2 "Steam App 630" = Alien Swarm "Steam App 8980" = Borderlands "Steam App 91310" = Dead Island "Stellarium_is1" = Stellarium 0.11.2 "Undelete Plus_is1" = Undelete Plus 2.9 "ViewpointMediaPlayer" = Viewpoint Media Player "webmmf" = WebM Media Foundation Components "Winamp" = Winamp "Winamp Toolbar" = Winamp Toolbar "World of Warcraft" = World of Warcraft "Xilisoft Video Converter Ultimate" = Xilisoft Video Converter Ultimate ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1371545983-2961928761-602670508-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Winamp Detect" = Winamp Detector Plug-in ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 3/19/2012 5:00:04 AM | Computer Name = Byzantium | Source = VSS | ID = 8194 Description = Error - 3/21/2012 4:19:13 AM | Computer Name = Byzantium | Source = SideBySide | ID = 16842785 Description = Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\SetACL64.exe". Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error - 3/21/2012 4:19:20 AM | Computer Name = Byzantium | Source = SideBySide | ID = 16842815 Description = Activation context generation failed for "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid. Error - 3/21/2012 8:12:27 PM | Computer Name = Byzantium | Source = Application Hang | ID = 1002 Description = The program iexplore.exe version 9.0.8112.16421 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 3c0e4 Start Time: 01cd07c04a1db395 Termination Time: 53 Application Path: C:\Program Files\Internet Explorer\iexplore.exe Report Id: Error - 3/22/2012 5:46:04 AM | Computer Name = Byzantium | Source = SideBySide | ID = 16842785 Description = Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\SetACL64.exe". Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error - 3/22/2012 5:46:12 AM | Computer Name = Byzantium | Source = SideBySide | ID = 16842815 Description = Activation context generation failed for "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid. Error - 3/22/2012 7:59:41 PM | Computer Name = Byzantium | Source = VSS | ID = 8194 Description = Error - 3/23/2012 7:48:02 AM | Computer Name = Byzantium | Source = SideBySide | ID = 16842785 Description = Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\SetACL64.exe". Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error - 3/23/2012 7:48:08 AM | Computer Name = Byzantium | Source = SideBySide | ID = 16842815 Description = Activation context generation failed for "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid. Error - 3/26/2012 5:00:00 AM | Computer Name = Byzantium | Source = VSS | ID = 8194 Description = [ System Events ] Error - 7/1/2012 3:32:10 PM | Computer Name = Byzantium | Source = Service Control Manager | ID = 7001 Description = The Computer Browser service depends on the Server service which failed to start because of the following error: %%1068 Error - 7/1/2012 3:32:11 PM | Computer Name = Byzantium | Source = Service Control Manager | ID = 7001 Description = The Computer Browser service depends on the Server service which failed to start because of the following error: %%1068 Error - 7/1/2012 3:32:16 PM | Computer Name = Byzantium | Source = DCOM | ID = 10005 Description = Error - 7/1/2012 3:32:24 PM | Computer Name = Byzantium | Source = DCOM | ID = 10005 Description = Error - 7/1/2012 3:32:25 PM | Computer Name = Byzantium | Source = DCOM | ID = 10005 Description = Error - 7/1/2012 3:32:26 PM | Computer Name = Byzantium | Source = DCOM | ID = 10005 Description = Error - 7/1/2012 3:32:28 PM | Computer Name = Byzantium | Source = Service Control Manager | ID = 7001 Description = The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: %%1068 Error - 7/1/2012 3:32:36 PM | Computer Name = Byzantium | Source = Service Control Manager | ID = 7031 Description = The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service. Error - 7/1/2012 3:32:55 PM | Computer Name = Byzantium | Source = Service Control Manager | ID = 7031 Description = The Microsoft Antimalware Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service. Error - 7/1/2012 3:33:15 PM | Computer Name = Byzantium | Source = Service Control Manager | ID = 7034 Description = The Microsoft Antimalware Service service terminated unexpectedly. It has done this 3 time(s). < End of report >
  2. ThreeSloth
    I am currently caught again in the Windows Has A critical Problem and restarts in 1 minute loop, so the scan can't finish before it shuts down on me. Very annoying
  3. ThreeSloth
    I've been trying to use MalwareBytes, TDSSKiller, Rkill, Trend Micro, and Windows Defender Offline. Defender Offline actually gets everything except Sirefef.Y, which it can't remove, then when I restart, everything is back. I had everything off for a couple days and then it all reappeared. Not only did it reappear, it disabled Microsoft Essentials completely and suddenly, which was the only thing blocking the repropogating Sirefef.B So hopefully someone can help out?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.