1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Java won't install - possibly virus?

Discussion in 'Virus & Other Malware Removal' started by MickeyXD, Feb 14, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. MickeyXD

    MickeyXD Thread Starter

    Joined:
    Aug 28, 2010
    Messages:
    62
    Hi again :)
    I have a big problem, i use java a lot,
    since i'm learning java programming and play a lot of java games.
    Here's the issue:
    A while ago i tried installing the newest java jre update,
    but the installer wouldn't start (it downloaded the installer, i hit install, and nothing), i also tried the full installer, but that wouldn't start at all. (windows says it didn't install correctly... go figure)
    I then tried removing all older java versions, etc. with these programs:
    JavaRa
    Windows Installer Cleanup Utility
    -
    It worked, no errors whatsoever, but when i then ask JavaRa to check the installed java version,
    it says i have "Java JRE version: 6.0.170.4" which is weird, since i'm pretty sure i uninstalled it (?)
    Web-based java games and .jar files don't run, however Minecraft (a java based game with it's own launcher) works perfectly fine! Again, you'd expect it not to...
    If i go into add/remove programs, there is nothing containing "java", "jre", or "sun".
    -
    I have tried several java installers, every single one failed:
    "chromeinstall-6u23.exe"
    "jre-6u23-windows-i586-iftw.exe"
    "jre-6u23-windows-i586-s.exe"
    Again, none worked, and still don't.
    They just close without any error message, sometimes windows pops up saying "'This program may not have installed correctly"
    -
    I believe this may be virus-related but i am unsure and i have tried a lot of different virus scanners*, no viruses are detected.
    *like MBAM, Avast! free edition, AVG Free, HJT, etc.
    -
    Here is my JavaRa log:
    I have been struggling with this problem for months now, and i believe java is really screwed up on my pc...
    [(Insert epic drama here) I just want to install java, is that too much to ask?! :(]
    I really hope someone can help me with this problem, cause as you can see, it's a pain in the youknowwhat D:
    Thank you!
    -MickeyXD
     
  2. MickeyXD

    MickeyXD Thread Starter

    Joined:
    Aug 28, 2010
    Messages:
    62
    sorry for bumping and sorry if i'm being impatient but i really need help with this :-/
     
  3. MickeyXD

    MickeyXD Thread Starter

    Joined:
    Aug 28, 2010
    Messages:
    62
  4. MickeyXD

    MickeyXD Thread Starter

    Joined:
    Aug 28, 2010
    Messages:
    62
    Anything? I'm desperate... :(

    EDIT: i tried searching for 'java' in C:\Windows, there were 4 results; java.exe, javaw.exe, javaws.exe, and the folder 'Sun' (which was empty, its subfolders were too)
    I moved those to a backup folder and tried running minecraft again, and, guess what? it's still working.
    I moved them back now, and java still wont install...
    AARGH! THE ANNOYANCE! D:
     
  5. kevinf80

    kevinf80 Malware Specialist

    Joined:
    Mar 21, 2006
    Messages:
    10,155
    Hiya MickeyXD,

    Please proceed as follows :-

    Step 1

    Download [​IMG] TFC to your desktop, from either of the following links
    Link 1
    Link 2
    • Make sure any open work is saved. TFC will close all open application windows.
    • Double-click TFC.exe to run the program.
    • If prompted, click "Yes" to reboot.
    TFC will automatically close any open programs, let it run uninterrupted. It shouldn't take longer take a couple of minutes, and may only take a few seconds. Only if needed will you be prompted to reboot.

    Step 2

    Download [​IMG] from any of the following links and save to your Desktop:

    Link 1
    Link 2
    Link 3

    • Double click on the icon to run it. Vista and Windows 7 users right click and select Run as Administrator. Make sure all other windows are closed and to let it run uninterrupted.
    • In the lower right corner, checkmark "LOP Check" and checkmark "Purity Check".
    • Under the Custom Scan box paste this in
      Code:
            netsvcs
            drivers32
            %SYSTEMDRIVE%\*.*
            %systemroot%\*. /mp /s
            CREATERESTOREPOINT
            %systemroot%\System32\config\*.sav
            HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
            HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
      
    • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them in your reply

    Copy and paste OTL Txt and ExtrasTxt in your reply.

    Kevin
     
  6. MickeyXD

    MickeyXD Thread Starter

    Joined:
    Aug 28, 2010
    Messages:
    62
    TFC.exe caused a BSOD :(
    lol its the first one i've ever had in my 2 years of using this pc ;D

    This is the bsod error report:

    Problem signature:
    Problem Event Name: BlueScreen
    OS Version: 6.1.7600.2.0.0.768.3
    Locale ID: 1043

    Additional information about the problem:
    BCCode: f4
    BCP1: 00000006
    BCP2: 88BF4030
    BCP3: 88B9FEAC
    BCP4: 836390B0
    OS Version: 6_1_7600
    Service Pack: 0_0
    Product: 768_1

    Files that help describe the problem:
    C:\Windows\Minidump\030211-48048-01.dmp
    C:\Users\MickeyXD\AppData\Local\Temp\WER-106408-0.sysdata.xml

    Read our privacy statement online:
    http://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0409

    If the online privacy statement is not available, please read our privacy statement offline:
    C:\Windows\system32\en-US\erofflps.txt

    -----

    I'll try again and see if it works now (probably not)

    EDIT: My bad, it works now, i still had chrome open with your instructions... oops :p

    Here's the log (don't think you need it but oh well):

    Getting user folders.

    Stopping running processes.

    Emptying Temp folders.


    User: All Users

    User: Classic .NET AppPool
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 67 bytes
    ->Flash cache emptied: 41620 bytes

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes
    ->Flash cache emptied: 56502 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: User1
    ->Temp folder emptied: 849692052 bytes
    ->Temporary Internet Files folder emptied: 32790590 bytes
    ->Java cache emptied: 179321 bytes
    ->FireFox cache emptied: 46918948 bytes
    ->Google Chrome cache emptied: 6174276 bytes
    ->Opera cache emptied: 0 bytes
    ->Flash cache emptied: 127960 bytes

    User: User2
    ->Temp folder emptied: 3472128 bytes
    ->Temporary Internet Files folder emptied: 3138320 bytes
    ->Java cache emptied: 48285516 bytes
    ->FireFox cache emptied: 83246410 bytes
    ->Flash cache emptied: 6154 bytes

    User: Public
    ->Temp folder emptied: 0 bytes

    %systemdrive% .tmp files removed: 4 bytes
    %systemroot% .tmp files removed: 1114112 bytes
    %systemroot%\System32 .tmp files removed: 18432 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 3213727 bytes

    Emptying RecycleBin. Do not interrupt.

    RecycleBin emptied: 189364314 bytes
    Process complete!

    Total Files Cleaned = 1.209,00 mb
    ---
    Oh, and my scroll wheel doesn't seem to work in chrome right now...
     
  7. kevinf80

    kevinf80 Malware Specialist

    Joined:
    Mar 21, 2006
    Messages:
    10,155
    That is very strange, it only removes temp files etc, Leave TFC and just run OTL,
     
  8. MickeyXD

    MickeyXD Thread Starter

    Joined:
    Aug 28, 2010
    Messages:
    62
    Extras.txt:


    OTL Extras logfile created on: 2-3-2011 22:21:03 - Run 1
    OTL by OldTimer - Version 3.2.22.2 Folder = C:\Users\MickeyXD\Downloads
    Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 00000413 | Country: Netherlands | Language: NLD | Date Format: d-M-yyyy

    3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 67,00% Memory free
    6,00 Gb Paging File | 5,00 Gb Available in Paging File | 81,00% Paging File free
    Paging file location(s): c:\pagefile.sys 0 0l:\pagefile.sys 6144 12288 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 235,08 Gb Total Space | 25,37 Gb Free Space | 10,79% Space Free | Partition Type: NTFS
    Drive L: | 931,16 Gb Total Space | 532,48 Gb Free Space | 57,19% Space Free | Partition Type: NTFS
    Drive S: | 50,00 Gb Total Space | 41,67 Gb Free Space | 83,33% Space Free | Partition Type: NTFS

    Computer Name: SNUFFIE | User Name: MickeyXD | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [git_gui] -- "C:\Program Files\Git\bin\wish.exe" "C:\Program Files\Git\libexec\git-core\git-gui" "--working-dir" "%1" (ActiveState Corporation)
    Directory [git_shell] -- wscript "C:\Program Files\Git\Git Bash.vbs" "%1"
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1
    "FirewallDisableNotify" = 0
    "AntiVirusDisableNotify" = 0
    "UpdatesDisableNotify" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = Reg Error: Unknown registry data type -- File not found
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 0

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\Program Files\Subagames\ACE Online\Launcher.atm" = C:\Program Files\Subagames\ACE Online\Launcher.atm:Enabled:GameExe2
    "C:\Program Files\Subagames\ACE Online\Res-Voip\SCVoIP.exe" = C:\Program Files\Subagames\ACE Online\Res-Voip\SCVoIP.exe:Enabled:GameVoIP


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
    "{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{32939827-d8e5-470a-b126-870db3c69fdf}" = Python 2.7.1
    "{3B9D1BC9-B8FE-4CD8-945F-A72897E904B6}" = Soluto
    "{45235788-142C-44BE-8A4D-DDE9A84492E5}" = AGEIA PhysX v7.09.13
    "{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
    "{7476636B-7B1A-0606-B8A9-B9B70C810CDD}" = Kubik
    "{837B34E3-7C30-493C-8F6A-2B0F04E2912C}" = Microsoft Visual C++ 2005 Redistributable
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
    "{A892C5E6-B04D-4CAB-95DA-A52038B97B01}" = Terragen 2 Deep Edition
    "{ACECA503-1053-42D6-BAE4-13691CB5D7D3}_is1" = Fast Folder Eraser 1.2
    "{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
    "{C40C3C3D-97CF-44B5-836C-766E374464B3}" = 3DMark Vantage
    "{CC9F26F6-EBBF-42D4-BFD8-344F02990304}" = Red Giant Holomatrix 32 bit
    "{D1345EF1-9655-47C0-BB35-6DC2BD0A2826}" = Trapcode Particular 32 bit
    "{F1000000-0001-0000-0000-074957833700}" = ABBYY FineReader 10 Professional Edition
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
    "Akamai" = Akamai NetSession Interface
    "AMP Font Viewer" = AMP Font Viewer
    "AutoHotkey" = AutoHotkey 1.0.92.02
    "avast5" = avast! Free Antivirus
    "Badge Editor" = Badge Editor
    "Fontographer 5 Demo_is1" = FontLab Fontographer 5 Demo
    "gamesport" = Kubik
    "InstallShield_{CC9F26F6-EBBF-42D4-BFD8-344F02990304}" = Red Giant Holomatrix 32 bit
    "InstallShield_{D1345EF1-9655-47C0-BB35-6DC2BD0A2826}" = Trapcode Particular 32 bit
    "Magic Bullet Looks" = Magic Bullet Looks
    "Magicka_is1" = Magicka
    "NaturalMotion endorphin_is1" = NaturalMotion endorphin 2.7.1
    "numpy-py2.7" = Python 2.7 numpy-1.5.1
    "Perfect Uninstaller_is1" = Perfect Uninstaller v6.3.3.8
    "PunkBusterSvc" = PunkBuster Services
    "Red Giant Text Anarchy" = Red Giant Text Anarchy
    "Red Giant ToonIt" = Red Giant ToonIt
    "SpeedFan" = SpeedFan (remove only)
    "Trapcode Form" = Trapcode Form
    "Trapcode Lux" = Trapcode Lux
    "Trapcode SoundKeys" = Trapcode SoundKeys
    "Winamp" = Winamp

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "BitTorrent DNA" = DNA
    "Dropbox" = Dropbox
    "Google Chrome" = Google Chrome
    "IMVU Avatar chat client software BETA" = IMVU Avatar Chat Software
    "UnityWebPlayer" = Unity Web Player

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 1-7-2010 15:04:28 | Computer Name = Snuffie | Source = Application Hang | ID = 1002
    Description = The program Explorer.EXE version 6.1.7600.16450 stopped interacting
    with Windows and was closed. To see if more information about the problem is available,
    check the problem history in the Action Center control panel. Process ID: 1170 Start
    Time: 01cb194f88874b89 Termination Time: 60000 Application Path: C:\Windows\Explorer.EXE

    Report
    Id: 45c4dc08-8543-11df-a23d-005056c00008

    Error - 1-7-2010 15:25:44 | Computer Name = Snuffie | Source = WinMgmt | ID = 10
    Description =

    Error - 1-7-2010 15:26:03 | Computer Name = Snuffie | Source = Application Error | ID = 1000
    Description = Faulting application name: ePowerTray.exe, version: 4.1.3013.0, time
    stamp: 0x49e597c8 Faulting module name: ePowerTray.exe, version: 4.1.3013.0, time
    stamp: 0x49e597c8 Exception code: 0xc0000005 Fault offset: 0x0000c0c6 Faulting process
    id: 0xa9c Faulting application start time: 0x01cb195314eb619c Faulting application
    path: C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerTray.exe
    Faulting
    module path: C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerTray.exe
    Report
    Id: 7c469c4d-8546-11df-b401-005056c00008

    Error - 1-7-2010 15:53:53 | Computer Name = Snuffie | Source = Application Error | ID = 1000
    Description = Faulting application name: Explorer.EXE, version: 6.1.7600.16450,
    time stamp: 0x4aeba271 Faulting module name: TosBtShell.dll_unloaded, version: 0.0.0.0,
    time stamp: 0x4255ebc9 Exception code: 0xc0000005 Fault offset: 0x04905ee5 Faulting
    process id: 0xbb4 Faulting application start time: 0x01cb195308e54ec4 Faulting application
    path: C:\Windows\Explorer.EXE Faulting module path: TosBtShell.dll Report Id: 5fc1f7eb-854a-11df-b401-005056c00008

    Error - 1-7-2010 16:06:14 | Computer Name = Snuffie | Source = WinMgmt | ID = 10
    Description =

    Error - 1-7-2010 16:06:20 | Computer Name = Snuffie | Source = Application Error | ID = 1000
    Description = Faulting application name: ePowerTray.exe, version: 4.1.3013.0, time
    stamp: 0x49e597c8 Faulting module name: ePowerTray.exe, version: 4.1.3013.0, time
    stamp: 0x49e597c8 Exception code: 0xc0000005 Fault offset: 0x0000c0c6 Faulting process
    id: 0x124c Faulting application start time: 0x01cb1958c067bba7 Faulting application
    path: C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerTray.exe
    Faulting
    module path: C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerTray.exe
    Report
    Id: 1ccdda31-854c-11df-944a-005056c00008

    Error - 1-7-2010 17:21:24 | Computer Name = Snuffie | Source = Application Error | ID = 1000
    Description = Faulting application name: Explorer.EXE, version: 6.1.7600.16450,
    time stamp: 0x4aeba271 Faulting module name: TosBtShell.dll_unloaded, version: 0.0.0.0,
    time stamp: 0x4255ebc9 Exception code: 0xc0000005 Fault offset: 0x04a35ee5 Faulting
    process id: 0xed4 Faulting application start time: 0x01cb1958b9432af1 Faulting application
    path: C:\Windows\Explorer.EXE Faulting module path: TosBtShell.dll Report Id: 999db501-8556-11df-944a-005056c00008

    Error - 2-7-2010 4:16:10 | Computer Name = Snuffie | Source = WinMgmt | ID = 10
    Description =

    Error - 2-7-2010 4:16:14 | Computer Name = Snuffie | Source = Application Error | ID = 1000
    Description = Faulting application name: ePowerTray.exe, version: 4.1.3013.0, time
    stamp: 0x49e597c8 Faulting module name: ePowerTray.exe, version: 4.1.3013.0, time
    stamp: 0x49e597c8 Exception code: 0xc0000005 Fault offset: 0x0000c0c6 Faulting process
    id: 0x12ac Faulting application start time: 0x01cb19beb9b7a25f Faulting application
    path: C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerTray.exe
    Faulting
    module path: C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerTray.exe
    Report
    Id: 144cdf02-85b2-11df-a30c-005056c00008

    Error - 2-7-2010 6:13:15 | Computer Name = Snuffie | Source = Application Error | ID = 1000
    Description = Faulting application name: Explorer.EXE, version: 6.1.7600.16450,
    time stamp: 0x4aeba271 Faulting module name: TosBtShell.dll_unloaded, version: 0.0.0.0,
    time stamp: 0x4255ebc9 Exception code: 0xc0000005 Fault offset: 0x059c5ee5 Faulting
    process id: 0xe8c Faulting application start time: 0x01cb19beaee3de89 Faulting application
    path: C:\Windows\Explorer.EXE Faulting module path: TosBtShell.dll Report Id: 6d3f8e80-85c2-11df-a30c-005056c00008

    [ Media Center Events ]
    Error - 1-7-2010 7:47:27 | Computer Name = Snuffie | Source = MCUpdate | ID = 0
    Description = 1:47:26 PM - Error connecting to the internet. 1:47:26 PM - Unable
    to contact server..

    Error - 4-7-2010 5:27:20 | Computer Name = Snuffie | Source = MCUpdate | ID = 0
    Description = 11:27:20 AM - Error connecting to the internet. 11:27:20 AM - Unable
    to contact server..

    Error - 4-7-2010 5:27:34 | Computer Name = Snuffie | Source = MCUpdate | ID = 0
    Description = 11:27:25 AM - Error connecting to the internet. 11:27:25 AM - Unable
    to contact server..

    Error - 4-7-2010 6:27:47 | Computer Name = Snuffie | Source = MCUpdate | ID = 0
    Description = 12:27:47 PM - Error connecting to the internet. 12:27:47 PM - Unable
    to contact server..

    Error - 4-7-2010 6:27:57 | Computer Name = Snuffie | Source = MCUpdate | ID = 0
    Description = 12:27:52 PM - Error connecting to the internet. 12:27:52 PM - Unable
    to contact server..

    Error - 4-7-2010 7:28:08 | Computer Name = Snuffie | Source = MCUpdate | ID = 0
    Description = 1:28:08 PM - Error connecting to the internet. 1:28:08 PM - Unable
    to contact server..

    Error - 4-7-2010 7:28:13 | Computer Name = Snuffie | Source = MCUpdate | ID = 0
    Description = 1:28:13 PM - Error connecting to the internet. 1:28:13 PM - Unable
    to contact server..

    Error - 4-7-2010 8:28:24 | Computer Name = Snuffie | Source = MCUpdate | ID = 0
    Description = 2:28:24 PM - Error connecting to the internet. 2:28:24 PM - Unable
    to contact server..

    Error - 4-7-2010 8:28:30 | Computer Name = Snuffie | Source = MCUpdate | ID = 0
    Description = 2:28:29 PM - Error connecting to the internet. 2:28:29 PM - Unable
    to contact server..

    Error - 23-7-2010 3:18:14 | Computer Name = Snuffie | Source = MCUpdate | ID = 0
    Description = 9:18:08 AM - Failed to retrieve SportsV2 (Error: The underlying connection
    was closed: Could not establish trust relationship for the SSL/TLS secure channel.)


    [ System Events ]
    Error - 2-3-2011 17:07:09 | Computer Name = Snuffie | Source = EventLog | ID = 6008
    Description = The previous system shutdown at 10:05:44 PM on ?3/?2/?2011 was unexpected.

    Error - 2-3-2011 17:07:14 | Computer Name = SNUFFIE | Source = BugCheck | ID = 1001
    Description =

    Error - 2-3-2011 17:07:24 | Computer Name = Snuffie | Source = Service Control Manager | ID = 7009
    Description = A timeout was reached (30000 milliseconds) while waiting for the HsfXAudioService
    service to connect.

    Error - 2-3-2011 17:07:24 | Computer Name = Snuffie | Source = Service Control Manager | ID = 7000
    Description = The HsfXAudioService service failed to start due to the following
    error: %%1053

    Error - 2-3-2011 17:07:25 | Computer Name = Snuffie | Source = Microsoft-Windows-Kernel-General | ID = 5
    Description =

    Error - 2-3-2011 17:08:15 | Computer Name = Snuffie | Source = WMPNetworkSvc | ID = 866321
    Description =

    Error - 2-3-2011 17:08:15 | Computer Name = Snuffie | Source = WMPNetworkSvc | ID = 866317
    Description =

    Error - 2-3-2011 17:08:15 | Computer Name = Snuffie | Source = WMPNetworkSvc | ID = 866321
    Description =

    Error - 2-3-2011 17:08:15 | Computer Name = Snuffie | Source = WMPNetworkSvc | ID = 866317
    Description =

    Error - 2-3-2011 17:11:42 | Computer Name = Snuffie | Source = Service Control Manager | ID = 7034
    Description = The AMD External Events Utility service terminated unexpectedly.
    It has done this 1 time(s).


    < End of report >
     
  9. MickeyXD

    MickeyXD Thread Starter

    Joined:
    Aug 28, 2010
    Messages:
    62
    OTL.txt:


    OTL logfile created on: 2-3-2011 22:21:03 - Run 1
    OTL by OldTimer - Version 3.2.22.2 Folder = C:\Users\MickeyXD\Downloads
    Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 00000413 | Country: Netherlands | Language: NLD | Date Format: d-M-yyyy

    3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 67,00% Memory free
    6,00 Gb Paging File | 5,00 Gb Available in Paging File | 81,00% Paging File free
    Paging file location(s): c:\pagefile.sys 0 0l:\pagefile.sys 6144 12288 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 235,08 Gb Total Space | 25,37 Gb Free Space | 10,79% Space Free | Partition Type: NTFS
    Drive L: | 931,16 Gb Total Space | 532,48 Gb Free Space | 57,19% Space Free | Partition Type: NTFS
    Drive S: | 50,00 Gb Total Space | 41,67 Gb Free Space | 83,33% Space Free | Partition Type: NTFS

    Computer Name: SNUFFIE | User Name: MickeyXD | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2011-03-02 22:16:21 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\MickeyXD\Downloads\OTL.exe
    PRC - [2011-01-13 09:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
    PRC - [2011-01-13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    PRC - [2010-12-06 08:31:48 | 001,238,408 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
    PRC - [2010-08-04 02:51:36 | 000,380,928 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
    PRC - [2010-06-03 10:13:04 | 001,540,096 | ---- | M] (Reprise Software Inc.) -- C:\Program Files\GenArts\rlm\rlm.exe
    PRC - [2009-10-31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
    PRC - [2009-10-20 00:11:52 | 000,616,712 | ---- | M] (http://tortoisesvn.net) -- C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
    PRC - [2009-07-14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
    PRC - [2009-05-27 03:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe
    PRC - [2009-04-15 15:17:58 | 000,703,008 | ---- | M] (Acer Incorporated) -- C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerSvc.exe
    PRC - [2009-04-15 15:17:56 | 000,453,152 | ---- | M] (Acer Incorporated) -- C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerEvent.exe
    PRC - [2009-03-12 16:36:24 | 000,086,016 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
    PRC - [2009-03-10 08:53:02 | 000,044,800 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe


    ========== Modules (SafeList) ==========

    MOD - [2011-03-02 22:16:21 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\MickeyXD\Downloads\OTL.exe
    MOD - [2011-01-13 09:47:35 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
    MOD - [2010-08-21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
    MOD - [2009-04-15 15:18:26 | 000,215,584 | ---- | M] (Acer Incorporated) -- C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\SysHook.dll


    ========== Win32 Services (SafeList) ==========

    SRV - File not found [On_Demand | Stopped] -- -- (npggsvc)
    SRV - [2011-02-09 12:46:26 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
    SRV - [2011-01-26 07:03:40 | 000,308,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\ftpsvc.dll -- (ftpsvc)
    SRV - [2011-01-13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
    SRV - [2011-01-05 09:58:49 | 003,129,432 | ---- | M] () [On_Demand | Stopped] -- c:\Program Files\Common Files\Akamai\netsession_win_dbc0250.dll -- (Akamai)
    SRV - [2010-12-06 08:31:48 | 001,238,408 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
    SRV - [2010-11-01 20:59:46 | 000,331,296 | ---- | M] (Soluto) [Auto | Stopped] -- C:\Program Files\Soluto\SolutoService.exe -- (SolutoService)
    SRV - [2010-08-24 10:38:18 | 000,092,008 | ---- | M] (TomTom) [On_Demand | Stopped] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
    SRV - [2010-08-04 02:51:10 | 000,176,128 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
    SRV - [2010-07-25 16:14:28 | 000,120,152 | ---- | M] (WeFi) [On_Demand | Stopped] -- C:\Program Files\WeFi\WefiEngSvc.exe -- (WefiEngSvc)
    SRV - [2010-07-22 19:07:05 | 000,814,344 | ---- | M] (ABBYY) [On_Demand | Stopped] -- C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Professional.10.0)
    SRV - [2010-06-13 10:38:06 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
    SRV - [2010-06-03 10:13:04 | 001,540,096 | ---- | M] (Reprise Software Inc.) [Auto | Running] -- C:\Program Files\GenArts\rlm\rlm.exe -- (RLM-GenArts)
    SRV - [2010-06-02 22:16:18 | 001,052,676 | ---- | M] (NCH Software) [On_Demand | Stopped] -- C:\Program Files\NCH Software\BroadCam\broadcam.exe -- (BroadCamService)
    SRV - [2010-02-19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
    SRV - [2010-02-11 12:42:32 | 000,172,328 | ---- | M] (TeamViewer GmbH) [On_Demand | Stopped] -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
    SRV - [2010-01-22 21:13:24 | 000,395,824 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Windows\System32\vmnat.exe -- (VMware NAT Service)
    SRV - [2010-01-22 21:13:02 | 000,334,384 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Windows\System32\vmnetdhcp.exe -- (VMnetDHCP)
    SRV - [2010-01-22 21:12:46 | 000,113,200 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService)
    SRV - [2010-01-22 20:00:48 | 000,563,760 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService)
    SRV - [2009-12-15 21:07:16 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
    SRV - [2009-10-25 17:10:46 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
    SRV - [2009-10-12 13:32:24 | 000,191,024 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe -- (ufad-ws60)
    SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
    SRV - [2009-07-14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV - [2009-07-14 02:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (WAS)
    SRV - [2009-07-14 02:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (W3SVC)
    SRV - [2009-07-14 02:14:53 | 000,061,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\inetsrv\apphostsvc.dll -- (AppHostSvc)
    SRV - [2009-07-14 02:14:48 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\inetsrv\WMSvc.exe -- (WMSVC)
    SRV - [2009-07-14 02:14:21 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\inetsrv\inetinfo.exe -- (IISADMIN)
    SRV - [2009-05-27 03:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$BWDATOOLSET) SQL Server (BWDATOOLSET)
    SRV - [2009-04-30 10:23:26 | 000,090,112 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service)
    SRV - [2009-04-15 15:17:58 | 000,703,008 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerSvc.exe -- (ePowerSvc)
    SRV - [2009-03-12 16:36:24 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe -- (mi-raysat_3dsmax2010_32)
    SRV - [2009-03-10 08:53:02 | 000,044,800 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe -- (NTI IScheduleSvc)
    SRV - [2008-11-03 12:37:58 | 000,410,624 | ---- | M] (Conexant Systems, Inc.) [Auto | Stopped] -- C:\Windows\System32\XAudio32.dll -- (HsfXAudioService)
    SRV - [2008-06-09 23:06:30 | 000,036,864 | ---- | M] (How2 Studios) [On_Demand | Stopped] -- C:\Program Files\ISP Monitor\ISPMonitorSrv.exe -- (ISPMonitorSrv)
    SRV - [2007-09-11 08:45:04 | 000,124,832 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)


    ========== Driver Services (SafeList) ==========

    DRV - [2011-01-13 09:41:16 | 000,294,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
    DRV - [2011-01-13 09:40:16 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
    DRV - [2011-01-13 09:37:30 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
    DRV - [2011-01-13 09:37:19 | 000,051,280 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
    DRV - [2011-01-13 09:37:09 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
    DRV - [2010-11-01 20:50:32 | 000,181,704 | ---- | M] (Soluto LTD.) [File_System | Boot | Stopped] -- C:\Windows\system32\DRIVERS\PCGenFAM.sys -- (PCGenFAM)
    DRV - [2010-08-04 03:21:42 | 006,096,384 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
    DRV - [2010-08-04 03:21:42 | 006,096,384 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
    DRV - [2010-08-04 02:15:28 | 000,214,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
    DRV - [2010-07-02 09:56:43 | 000,009,216 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\SE_Filter.sys -- (se_filter)
    DRV - [2010-06-03 15:09:58 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
    DRV - [2010-06-03 15:09:58 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
    DRV - [2010-02-11 17:33:05 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
    DRV - [2010-01-22 21:14:16 | 000,026,288 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmnetuserif.sys -- (VMnetuserif)
    DRV - [2010-01-22 21:14:14 | 000,023,216 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VMkbd.sys -- (vmkbd)
    DRV - [2010-01-22 21:14:12 | 000,854,192 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmx86.sys -- (vmx86)
    DRV - [2010-01-22 21:14:12 | 000,070,704 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmci.sys -- (vmci)
    DRV - [2010-01-22 20:00:42 | 000,032,304 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\hcmon.sys -- (hcmon)
    DRV - [2010-01-22 16:13:00 | 000,036,400 | R--- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmnetbridge.sys -- (VMnetBridge)
    DRV - [2010-01-22 16:13:00 | 000,031,280 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmusb.sys -- (vmusb)
    DRV - [2010-01-22 16:13:00 | 000,016,560 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmnetadapter.sys -- (VMnetAdapter)
    DRV - [2009-12-01 15:49:54 | 000,034,384 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ScreamingBAudio.sys -- (SCREAMINGBDRIVER)
    DRV - [2009-10-12 13:31:52 | 000,022,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files\VMware\VMware Workstation\vstor2-ws60.sys -- (vstor2-ws60)
    DRV - [2009-10-05 16:31:50 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
    DRV - [2009-09-23 09:41:58 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
    DRV - [2009-07-27 03:43:18 | 000,058,908 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
    DRV - [2009-07-14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
    DRV - [2009-07-13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x) Broadcom NetLink (TM)
    DRV - [2009-06-24 17:23:12 | 000,159,776 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
    DRV - [2008-11-03 12:32:20 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio32.sys -- (XAudio)
    DRV - [2008-06-01 08:13:10 | 000,034,064 | ---- | M] (CACE Technologies) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (npf)
    DRV - [2008-05-16 10:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016unic.sys -- (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM)
    DRV - [2008-05-16 10:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016nd5.sys -- (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS)
    DRV - [2008-05-16 10:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdfl.sys -- (s0016mdfl)
    DRV - [2008-05-16 10:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdm.sys -- (s0016mdm)
    DRV - [2008-05-16 10:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM)
    DRV - [2008-05-16 10:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016obex.sys -- (s0016obex)
    DRV - [2008-05-16 10:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM)
    DRV - [2008-02-04 14:52:20 | 000,186,592 | ---- | M] (Jungo) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\windrvr6.sys -- (WinDriver6)
    DRV - [2007-06-29 13:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AmdLLD.sys -- (AmdLLD)
    DRV - [2007-04-03 12:57:54 | 000,099,080 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116unic.sys -- (s116unic) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM)
    DRV - [2007-04-03 12:57:52 | 000,098,696 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116obex.sys -- (s116obex)
    DRV - [2007-04-03 12:57:52 | 000,023,176 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116nd5.sys -- (s116nd5) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS)
    DRV - [2007-04-03 12:57:50 | 000,100,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116mgmt.sys -- (s116mgmt) Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM)
    DRV - [2007-04-03 12:57:48 | 000,108,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116mdm.sys -- (s116mdm)
    DRV - [2007-04-03 12:57:48 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116mdfl.sys -- (s116mdfl)
    DRV - [2007-04-03 12:57:42 | 000,083,336 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116bus.sys -- (s116bus) Sony Ericsson Device 116 driver (WDM)
    DRV - [2007-01-26 00:45:02 | 000,006,784 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\whfltr2k.sys -- (whfltr2k)
    DRV - [2006-09-24 14:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\Windows\system32\speedfan.sys -- (speedfan)
    DRV - [2005-03-30 11:42:54 | 000,047,230 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Tosporte.sys -- (tosporte)
    DRV - [2004-10-04 09:33:02 | 000,062,799 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)
    DRV - [1996-04-03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\giveio.sys -- (giveio)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0413&s=2&o=vp32&d=1009&m=easynote_lj65
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0413&s=2&o=vp32&d=1009&m=easynote_lj65
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..extensions.enabledItems: {01A8CA0A-4C96-465b-A49B-65C46FAD54F9}:6.0
    FF - prefs.js..extensions.enabledItems: [email protected]:5.0.31.0
    FF - prefs.js..extensions.enabledItems: {d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}:1.0.0.1
    FF - prefs.js..extensions.enabledItems: {03651b2d-eb7d-4be7-af1b-dc0cd162dd54}:0.8.1
    FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.3
    FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
    FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0
    FF - prefs.js..extensions.enabledItems: [email protected]:0.6.8
    FF - prefs.js..extensions.enabledItems: {53A03D43-5363-4669-8190-99061B2DEBA5}:1.3.7
    FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
    FF - prefs.js..extensions.enabledItems: {618D522B-652C-4e19-9194-048700B12ED6}:1.4
    FF - prefs.js..extensions.enabledItems: {e968fc70-8f95-4ab9-9e79-304de2a71ee1}:0.7.2

    FF - HKLM\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2010-08-14 20:35:57 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.5.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-01-09 12:22:33 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.5.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-11-20 11:41:07 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-01-09 12:22:33 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-11-20 11:41:07 | 000,000,000 | ---D | M]

    [2010-12-02 13:22:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MickeyXD\AppData\Roaming\Mozilla\Extensions
    [2010-12-02 13:22:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MickeyXD\AppData\Roaming\Mozilla\Extensions\[email protected]
    [2010-09-04 10:24:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MickeyXD\AppData\Roaming\Mozilla\Extensions\[email protected]
    [2011-01-27 17:58:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MickeyXD\AppData\Roaming\Mozilla\Firefox\Profiles\6n8zk8f0.default\extensions
    [2010-02-20 19:48:25 | 000,000,000 | ---D | M] (ErrorZilla Plus) -- C:\Users\MickeyXD\AppData\Roaming\Mozilla\Firefox\Profiles\6n8zk8f0.default\extensions\{03651b2d-eb7d-4be7-af1b-dc0cd162dd54}
    [2010-11-13 15:21:48 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\MickeyXD\AppData\Roaming\Mozilla\Firefox\Profiles\6n8zk8f0.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
    [2010-05-08 15:39:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\MickeyXD\AppData\Roaming\Mozilla\Firefox\Profiles\6n8zk8f0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2010-05-28 14:30:57 | 000,000,000 | ---D | M] (ScrapBook) -- C:\Users\MickeyXD\AppData\Roaming\Mozilla\Firefox\Profiles\6n8zk8f0.default\extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}
    [2010-11-18 22:19:40 | 000,000,000 | ---D | M] (Sothink SWF Catcher) -- C:\Users\MickeyXD\AppData\Roaming\Mozilla\Firefox\Profiles\6n8zk8f0.default\extensions\{618D522B-652C-4e19-9194-048700B12ED6}
    [2010-10-26 23:21:20 | 000,000,000 | ---D | M] (ReloadEvery) -- C:\Users\MickeyXD\AppData\Roaming\Mozilla\Firefox\Profiles\6n8zk8f0.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}
    [2010-04-14 05:45:16 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\MickeyXD\AppData\Roaming\Mozilla\Firefox\Profiles\6n8zk8f0.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
    [2010-08-26 21:41:29 | 000,000,000 | ---D | M] (User Agent Switcher) -- C:\Users\MickeyXD\AppData\Roaming\Mozilla\Firefox\Profiles\6n8zk8f0.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}
    [2010-11-30 21:13:06 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\MickeyXD\AppData\Roaming\Mozilla\Firefox\Profiles\6n8zk8f0.default\extensions\[email protected]
    [2010-09-03 14:45:32 | 000,000,000 | ---D | M] (Save Images) -- C:\Users\MickeyXD\AppData\Roaming\Mozilla\Firefox\Profiles\6n8zk8f0.default\extensions\[email protected]
    [2010-05-26 15:22:41 | 000,001,686 | ---- | M] () -- C:\Users\MickeyXD\AppData\Roaming\Mozilla\Firefox\Profiles\6n8zk8f0.default\searchplugins\thepiratebayorg.xml
    [2011-02-11 16:07:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
    [2010-06-14 14:15:01 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
    [2010-08-14 20:35:57 | 000,000,000 | ---D | M] (Adobe Contribute Toolbar) -- C:\PROGRAM FILES\ADOBE\ADOBE CONTRIBUTE CS5\PLUGINS\FIREFOXPLUGIN\{01A8CA0A-4C96-465B-A49B-65C46FAD54F9}
    [2011-03-02 11:04:27 | 000,000,000 | ---D | M] (No name found) -- C:\USERS\MICKEYXD\PROGRAM FILES\DNA
    [2010-03-27 17:06:04 | 000,067,032 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npContribute.dll
    [2009-07-03 00:34:44 | 000,083,376 | ---- | M] (NHN USA Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
    [2009-08-17 07:42:14 | 000,073,728 | ---- | M] (NHN USA Inc. ) -- C:\Program Files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll
    [2010-11-18 22:18:18 | 000,001,892 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bolcom-nl.xml
    [2010-11-18 22:18:18 | 000,004,558 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\marktplaats-nl.xml
    [2010-11-18 22:18:18 | 000,001,111 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\vandale-nl.xml
    [2010-11-18 22:18:18 | 000,001,049 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-nl.xml
    [2010-11-18 22:18:18 | 000,000,802 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-nl.xml

    O1 HOSTS File: ([2010-11-12 13:59:00 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
    O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
    O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
    O4 - HKLM..\Run: [Acer ePower Management] C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerTrayLauncher.exe (Acer Incorporated)
    O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
    O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [DNS7reminder] C:\Program Files\Nuance\NaturallySpeaking10\Ereg\Ereg.exe (Nuance Communications, Inc.)
    O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
    O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
    O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
    O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [WheelMouse] C:\Advanced Wheel Mouse\wh_exec.exe ()
    O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
    O4 - Startup: C:\Users\MickeyXD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = S:\Program Files\Xfire\Xfire.exe (Xfire Inc.)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
    O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
    O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
    O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
    O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
    O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab (PhotoPickConvert Class)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.104.196 213.46.228.196
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll) - File not found
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Program Files\Soluto\soluto.exe /userinit) - C:\Program Files\Soluto\soluto.exe (Soluto)
    O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O24 - Desktop WallPaper:
    O24 - Desktop BackupWallPaper:
    O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    NetSvcs: FastUserSwitchingCompatibility - File not found
    NetSvcs: Ias - File not found
    NetSvcs: Nla - File not found
    NetSvcs: Ntmssvc - File not found
    NetSvcs: NWCWorkstation - File not found
    NetSvcs: Nwsapagent - File not found
    NetSvcs: SRService - File not found
    NetSvcs: WmdmPmSp - File not found
    NetSvcs: LogonHours - File not found
    NetSvcs: PCAudit - File not found
    NetSvcs: helpsvc - File not found
    NetSvcs: uploadmgr - File not found

    Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
    Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.vorbis - C:\Windows\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
    Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
    Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
    Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
    Drivers32: VIDC.FPS1 - C:\Windows\System32\frapsvid.dll (Beepa P/L)
    Drivers32: vidc.i420 - C:\Windows\System32\i420vfw.dll (www.helixcommunity.org)
    Drivers32: VIDC.VMnc - C:\Windows\System32\vmnc.dll (VMware, Inc.)
    Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
    Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
    Drivers32: VIDC.X264 - C:\Windows\System32\x264vfw.dll ()
    Drivers32: VIDC.XFR1 - C:\Windows\System32\xfcodec.dll ()
    Drivers32: vidc.yv12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)


    ========== Files/Folders - Created Within 30 Days ==========

    [2011-03-02 22:07:08 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
    [2011-03-02 21:24:08 | 000,000,000 | ---D | C] -- C:\Windows\Sun
    [2011-03-02 21:23:57 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
    [2011-03-02 21:23:57 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
    [2011-03-02 21:23:57 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
    [2011-03-02 21:21:16 | 000,000,000 | ---D | C] -- C:\Users\MickeyXD\Desktop\javabackup
    [2011-03-02 17:31:06 | 000,000,000 | ---D | C] -- C:\Users\MickeyXD\AppData\Roaming\gamesport
    [2011-03-02 17:30:58 | 000,000,000 | ---D | C] -- C:\Program Files\Kubik
    [2011-03-02 14:59:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Futuremark
    [2011-03-02 11:51:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Futuremark Shared
    [2011-03-02 11:49:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Futuremark
    [2011-03-02 11:49:50 | 000,000,000 | ---D | C] -- C:\Program Files\Futuremark
    [2011-03-02 11:49:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AGEIA
    [2011-03-01 23:36:39 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
    [2011-03-01 23:36:38 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
    [2011-02-20 23:08:03 | 000,000,000 | ---D | C] -- C:\Users\MickeyXD\.idlerc
    [2011-02-19 13:27:17 | 000,000,000 | ---D | C] -- C:\Python27
    [2011-02-19 00:11:42 | 000,000,000 | ---D | C] -- C:\Users\MickeyXD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Badge Editor
    [2011-02-19 00:11:41 | 000,000,000 | ---D | C] -- C:\Program Files\BadgeEd
    [2011-02-18 12:02:37 | 000,000,000 | ---D | C] -- C:\Users\MickeyXD\AppData\Roaming\Fontographer
    [2011-02-18 12:02:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FontLab
    [2011-02-18 12:02:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\FontLab
    [2011-02-18 12:02:16 | 000,000,000 | ---D | C] -- C:\Users\MickeyXD\Documents\FontLab
    [2011-02-18 12:02:16 | 000,000,000 | ---D | C] -- C:\Program Files\FontLab
    [2011-02-18 11:37:09 | 000,000,000 | ---D | C] -- C:\Program Files\NoVirusThanks
    [2011-02-16 16:56:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trapcode Lux
    [2011-02-16 16:54:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant ToonIt
    [2011-02-16 16:52:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trapcode SoundKeys
    [2011-02-16 16:42:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trapcode Form
    [2011-02-16 15:00:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
    [2011-02-16 15:00:20 | 000,000,000 | ---D | C] -- C:\Users\MickeyXD\AppData\Roaming\Winamp
    [2011-02-16 15:00:20 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
    [2011-02-16 12:21:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant Text Anarchy
    [2011-02-14 13:05:41 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Installer Clean Up
    [2011-02-14 13:04:48 | 000,000,000 | ---D | C] -- C:\Program Files\MSECACHE
    [2011-02-14 12:43:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect Uninstaller
    [2011-02-14 12:43:14 | 000,000,000 | ---D | C] -- C:\Program Files\Perfect Uninstaller
    [2011-02-11 16:08:47 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
    [2011-02-11 16:08:36 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
    [2011-02-11 16:08:36 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
    [2011-02-11 16:08:36 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
    [2011-02-11 16:08:36 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
    [2011-02-11 16:08:35 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
    [2011-02-11 16:08:35 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
    [2011-02-11 16:08:34 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
    [2011-02-11 16:08:32 | 002,329,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
    [2011-02-11 16:08:26 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
    [2011-02-11 16:08:25 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
    [2011-02-11 16:08:25 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
    [2011-02-11 16:08:25 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
    [2011-02-11 16:08:25 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
    [2011-02-11 16:08:24 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
    [2011-02-11 16:08:24 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
    [2011-02-11 16:08:24 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
    [2011-02-11 16:08:24 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
    [2011-02-11 16:08:22 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\upnp.dll
    [2011-02-11 16:08:21 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll
    [2011-02-11 16:08:20 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
    [2011-02-11 16:08:20 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
    [2011-02-11 16:08:20 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
    [2011-02-11 16:08:20 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
    [2011-02-11 16:08:10 | 003,957,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
    [2011-02-11 16:08:10 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
    [2011-02-11 16:07:59 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
    [2011-02-11 16:07:59 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
    [2011-02-11 16:06:51 | 000,219,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
    [2011-02-11 16:06:51 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
    [2011-02-11 14:14:32 | 000,000,000 | ---D | C] -- C:\Users\MickeyXD\AppData\Roaming\ABBYY
    [2011-02-11 14:10:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 10
    [2011-02-11 14:09:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ABBYY
    [2011-02-11 14:08:43 | 000,000,000 | ---D | C] -- C:\Program Files\ABBYY FineReader 10
    [2011-02-11 14:08:43 | 000,000,000 | ---D | C] -- C:\Users\MickeyXD\AppData\Local\ABBYY
    [2011-02-11 14:08:43 | 000,000,000 | ---D | C] -- C:\ProgramData\ABBYY
    [2011-02-11 11:41:15 | 000,000,000 | R--D | C] -- C:\Users\MickeyXD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 8
    [2011-02-09 19:58:54 | 000,181,704 | ---- | C] (Soluto LTD.) -- C:\Windows\System32\drivers\PCGenFAM.sys
    [2011-02-09 19:58:45 | 000,000,000 | ---D | C] -- C:\Program Files\Soluto
    [2011-02-09 19:58:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soluto
    [2011-02-09 19:57:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Soluto
    [2011-02-08 19:37:29 | 000,000,000 | ---D | C] -- C:\Program Files\Advanced JPEG Compressor
    [2011-02-06 20:00:16 | 000,000,000 | ---D | C] -- C:\Users\MickeyXD\AppData\Roaming\Planetside Software
    [2011-02-06 20:00:14 | 000,000,000 | ---D | C] -- C:\Users\MickeyXD\AppData\Roaming\uk.co.planetside
    [2011-02-06 19:54:58 | 000,000,000 | ---D | C] -- C:\Users\MickeyXD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Planetside Software
    [2011-02-06 19:54:54 | 000,000,000 | ---D | C] -- C:\Program Files\Planetside Software
    [2011-02-02 12:58:51 | 000,000,000 | ---D | C] -- C:\Users\MickeyXD\Desktop\AHK Magicka Spells
    [2011-02-02 12:43:00 | 000,426,327 | ---- | C] (www.1HourSoftware.com) -- C:\Users\MickeyXD\Desktop\WhatColor.exe
    [2011-02-02 12:32:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
    [2011-02-02 12:32:28 | 000,000,000 | ---D | C] -- C:\Program Files\AutoHotkey

    ========== Files - Modified Within 30 Days ==========

    [2011-03-02 22:14:55 | 000,011,120 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2011-03-02 22:14:55 | 000,011,120 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2011-03-02 22:07:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2011-03-02 22:06:40 | 2414,329,856 | -HS- | M] () -- C:\hiberfil.sys
    [2011-03-02 21:42:00 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2011-03-02 21:07:00 | 000,001,076 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2592314454-541625156-1858762322-1000UA.job
    [2011-03-02 17:31:00 | 000,000,773 | ---- | M] () -- C:\Users\Public\Desktop\Kubik.lnk
    [2011-03-02 11:51:57 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\3DMark Vantage.lnk
    [2011-03-01 16:58:15 | 006,891,262 | ---- | M] () -- C:\Users\MickeyXD\Desktop\mcp29a with modloader.rar
    [2011-02-28 18:21:14 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
    [2011-02-28 14:20:26 | 000,001,480 | ---- | M] () -- C:\Users\MickeyXD\Documents\mcedit.ini
    [2011-02-27 15:22:34 | 000,035,840 | ---- | M] () -- C:\Users\MickeyXD\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2011-02-26 19:37:23 | 000,001,116 | ---- | M] () -- C:\Users\MickeyXD\Desktop\Plants VS Zombies.lnk
    [2011-02-26 19:15:53 | 000,573,903 | ---- | M] () -- C:\Users\MickeyXD\Desktop\Plants VS Zombies Trainer.exe
    [2011-02-26 02:19:32 | 000,041,872 | ---- | M] () -- C:\Windows\System32\xfcodec.dll
    [2011-02-24 14:24:41 | 000,757,486 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2011-02-24 14:24:41 | 000,159,620 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2011-02-23 19:10:18 | 000,000,132 | ---- | M] () -- C:\Users\MickeyXD\AppData\Roaming\Adobe PNG Format CS5 Prefs
    [2011-02-22 22:59:58 | 000,139,080 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
    [2011-02-22 22:59:24 | 000,270,240 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
    [2011-02-21 21:45:07 | 000,269,432 | ---- | M] () -- C:\Users\MickeyXD\Desktop\Minecraft.exe
    [2011-02-21 11:08:11 | 000,270,240 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0
    [2011-02-21 00:35:40 | 000,138,056 | ---- | M] () -- C:\Users\MickeyXD\AppData\Roaming\PnkBstrK.sys
    [2011-02-19 19:57:16 | 000,002,915 | ---- | M] () -- C:\Users\MickeyXD\AppData\Roaming\SAS7_000.DAT
    [2011-02-19 12:50:56 | 003,788,840 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [2011-02-18 11:37:10 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Fast Folder Eraser.lnk
    [2011-02-16 15:00:56 | 000,000,907 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
    [2011-02-14 12:43:18 | 000,000,042 | ---- | M] () -- C:\Windows\System32\AK083E209605E394C.lie
    [2011-02-14 12:43:15 | 000,000,926 | ---- | M] () -- C:\Users\MickeyXD\Application Data\Microsoft\Internet Explorer\Quick Launch\Perfect Uninstaller.lnk
    [2011-02-14 12:43:15 | 000,000,902 | ---- | M] () -- C:\Users\MickeyXD\Desktop\Perfect Uninstaller.lnk
    [2011-02-11 16:00:35 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2011-02-10 15:05:07 | 000,001,024 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2592314454-541625156-1858762322-1000Core.job
    [2011-02-09 20:00:45 | 000,000,098 | ---- | M] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
    [2011-02-09 13:33:59 | 000,000,132 | ---- | M] () -- C:\Users\MickeyXD\AppData\Roaming\Adobe Targa Format CS5 Prefs
    [2011-02-03 06:45:07 | 000,219,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
    [2011-02-02 17:11:20 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
    [2011-02-02 12:43:02 | 000,426,327 | ---- | M] (www.1HourSoftware.com) -- C:\Users\MickeyXD\Desktop\WhatColor.exe
    [2011-02-02 12:38:40 | 000,001,351 | ---- | M] () -- C:\Users\MickeyXD\Documents\AutoHotkey.ahk

    ========== Files Created - No Company Name ==========

    [2011-03-02 17:31:00 | 000,000,785 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kubik.lnk
    [2011-03-02 17:31:00 | 000,000,773 | ---- | C] () -- C:\Users\Public\Desktop\Kubik.lnk
    [2011-03-02 11:51:57 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\3DMark Vantage.lnk
    [2011-03-01 16:58:10 | 006,891,262 | ---- | C] () -- C:\Users\MickeyXD\Desktop\mcp29a with modloader.rar
    [2011-02-26 19:37:23 | 000,001,116 | ---- | C] () -- C:\Users\MickeyXD\Desktop\Plants VS Zombies.lnk
    [2011-02-26 19:15:52 | 000,573,903 | ---- | C] () -- C:\Users\MickeyXD\Desktop\Plants VS Zombies Trainer.exe
    [2011-02-26 02:19:32 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
    [2011-02-18 11:37:10 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Fast Folder Eraser.lnk
    [2011-02-16 15:00:56 | 000,000,907 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
    [2011-02-14 13:05:41 | 000,002,869 | ---- | C] () -- C:\Users\MickeyXD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Install Clean Up.lnk
    [2011-02-14 12:43:18 | 000,000,042 | ---- | C] () -- C:\Windows\System32\AK083E209605E394C.lie
    [2011-02-14 12:43:15 | 000,000,926 | ---- | C] () -- C:\Users\MickeyXD\Application Data\Microsoft\Internet Explorer\Quick Launch\Perfect Uninstaller.lnk
    [2011-02-14 12:43:15 | 000,000,902 | ---- | C] () -- C:\Users\MickeyXD\Desktop\Perfect Uninstaller.lnk
    [2011-02-09 20:00:45 | 000,000,098 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
    [2011-02-02 12:38:40 | 000,001,351 | ---- | C] () -- C:\Users\MickeyXD\Documents\AutoHotkey.ahk
    [2011-01-20 23:27:53 | 000,860,211 | --S- | C] () -- C:\Windows\System32\XSIFtk-3.6.2.1.dll
    [2011-01-07 14:36:59 | 000,000,098 | ---- | C] () -- C:\Windows\MSUTIL.INI
    [2010-11-27 12:10:22 | 000,000,259 | ---- | C] () -- C:\Windows\game.ini
    [2010-11-18 23:06:10 | 000,267,195 | ---- | C] () -- C:\Users\MickeyXD\AppData\Local\debuggee.mdmp
    [2010-11-12 12:59:08 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
    [2010-11-12 12:59:08 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
    [2010-11-12 12:59:08 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
    [2010-11-12 12:59:08 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
    [2010-11-12 12:59:08 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
    [2010-10-14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
    [2010-10-04 12:59:43 | 000,000,025 | ---- | C] () -- C:\Windows\popcinfot.dat
    [2010-09-29 15:02:42 | 000,000,565 | ---- | C] () -- C:\Users\MickeyXD\AppData\Roaming\myMPQ.ini
    [2010-09-25 14:42:44 | 000,000,024 | ---- | C] () -- C:\Users\MickeyXD\AppData\Roaming\ArbiAuth.ini
    [2010-09-22 23:40:52 | 000,706,048 | ---- | C] () -- C:\Windows\System32\BCC7_Common_AE.dll
    [2010-09-16 21:53:02 | 000,000,798 | ---- | C] () -- C:\Users\MickeyXD\AppData\Roaming\net.telestream.ustreamproducer.prefs.xml
    [2010-09-05 15:33:02 | 000,516,096 | ---- | C] () -- C:\Windows\System32\VTFLib.dll
    [2010-09-03 22:49:20 | 000,014,848 | ---- | C] () -- C:\Windows\System32\FEC6_Common_AE.dll
    [2010-08-21 19:46:10 | 000,000,287 | ---- | C] () -- C:\Windows\vtmb.ini
    [2010-08-14 16:37:30 | 000,019,408 | -H-- | C] () -- C:\Program Files\BackupManager.list
    [2010-07-02 09:56:43 | 000,009,216 | ---- | C] () -- C:\Windows\System32\drivers\SE_Filter.sys
    [2010-06-29 10:23:57 | 000,000,132 | ---- | C] () -- C:\Users\MickeyXD\AppData\Roaming\Adobe GIF Format CS5 Prefs
    [2010-06-22 23:26:56 | 000,000,083 | ---- | C] () -- C:\Users\MickeyXD\AppData\Local\X-Plane Installer.prf
    [2010-06-16 14:22:56 | 000,219,348 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
    [2010-06-15 23:28:54 | 000,002,857 | ---- | C] () -- C:\Windows\System32\atipblag.dat
    [2010-06-14 14:17:42 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
    [2010-06-04 10:39:01 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX2.dat
    [2010-06-04 10:39:01 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat
    [2010-06-04 10:39:01 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
    [2010-06-03 11:49:09 | 000,000,132 | ---- | C] () -- C:\Users\MickeyXD\AppData\Roaming\Adobe Targa Format CS5 Prefs
    [2010-05-26 19:00:45 | 000,001,456 | ---- | C] () -- C:\Users\MickeyXD\AppData\Local\Adobe Save for Web 12.0 Prefs
    [2010-05-17 15:51:23 | 000,000,132 | ---- | C] () -- C:\Users\MickeyXD\AppData\Roaming\Adobe PNG Format CS5 Prefs
    [2010-05-15 23:15:24 | 000,000,132 | ---- | C] () -- C:\Users\MickeyXD\AppData\Roaming\Adobe BMP Format CS5 Prefs
    [2010-04-08 17:31:49 | 000,121,398 | ---- | C] () -- C:\Windows\File Renamer - Basic Uninstaller.exe
    [2010-03-22 15:56:43 | 000,000,036 | ---- | C] () -- C:\Users\MickeyXD\AppData\Local\housecall.guid.cache
    [2010-02-28 16:17:48 | 003,284,480 | ---- | C] () -- C:\Windows\System32\x264vfw.dll
    [2010-02-22 14:25:34 | 000,921,600 | ---- | C] () -- C:\Windows\System32\vorbisenc.dll
    [2010-02-22 14:25:34 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OggDS.dll
    [2010-02-22 14:25:34 | 000,188,416 | ---- | C] () -- C:\Windows\System32\vorbis.dll
    [2010-02-22 14:25:34 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ogg.dll
    [2010-02-22 14:20:20 | 000,022,782 | ---- | C] () -- C:\Windows\System32\UninstXviDDec.exe
    [2010-02-16 18:45:50 | 000,000,096 | ---- | C] () -- C:\Users\MickeyXD\AppData\Local\fusioncache.dat
    [2010-02-07 19:43:03 | 000,035,840 | ---- | C] () -- C:\Users\MickeyXD\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010-02-07 16:01:00 | 000,021,924 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat
    [2010-02-07 14:22:12 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
    [2010-02-04 20:29:28 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
    [2010-01-24 07:24:08 | 000,000,099 | ---- | C] () -- C:\Windows\WirelessFTP.INI
    [2010-01-22 08:14:56 | 000,000,000 | ---- | C] () -- C:\Windows\tosOBEX.INI
    [2010-01-19 17:05:18 | 000,002,915 | ---- | C] () -- C:\Users\MickeyXD\AppData\Roaming\SAS7_000.DAT
    [2010-01-04 19:34:07 | 000,015,944 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro35.sys
    [2010-01-02 15:36:55 | 002,427,248 | ---- | C] () -- C:\Windows\System32\pbsvc_heroes.exe
    [2009-12-26 16:20:54 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
    [2009-12-26 16:20:13 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
    [2009-11-30 12:37:41 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
    [2009-11-16 15:14:14 | 000,524,288 | ---- | C] () -- C:\Windows\System32\RegisterDialog.dll
    [2009-10-30 12:18:49 | 000,000,027 | ---- | C] () -- C:\Windows\ic.ini
    [2009-10-25 17:22:26 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
    [2009-10-20 08:15:44 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
    [2009-10-13 21:34:23 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
    [2009-10-10 15:50:20 | 000,000,031 | ---- | C] () -- C:\Windows\bluevoda.ini
    [2009-10-05 19:20:22 | 000,139,080 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
    [2009-10-05 19:20:22 | 000,138,056 | ---- | C] () -- C:\Users\MickeyXD\AppData\Roaming\PnkBstrK.sys
    [2009-10-05 19:20:07 | 000,270,240 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
    [2009-10-05 19:20:02 | 000,669,184 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
    [2009-10-05 19:20:02 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
    [2009-10-05 07:49:23 | 000,173,292 | ---- | C] () -- C:\Windows\System32\drivers\RTConvEQ.dat
    [2009-10-05 07:49:23 | 000,001,016 | ---- | C] () -- C:\Windows\System32\drivers\RtHdatEx.dat
    [2009-10-05 07:49:23 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat
    [2009-10-04 17:51:46 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
    [2009-08-03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
    [2009-08-03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
    [2009-07-14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
    [2009-07-14 05:33:53 | 003,788,840 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
    [2009-07-14 03:05:48 | 000,757,486 | ---- | C] () -- C:\Windows\System32\perfh009.dat
    [2009-07-14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
    [2009-07-14 03:05:48 | 000,159,620 | ---- | C] () -- C:\Windows\System32\perfc009.dat
    [2009-07-14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
    [2009-07-14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
    [2009-07-14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
    [2009-07-14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
    [2009-07-14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
    [2009-07-14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
    [2009-06-10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
    [2009-04-29 10:14:02 | 000,000,000 | ---- | C] () -- C:\Windows\BorisFX FEC XML.ini
    [2009-04-29 10:14:02 | 000,000,000 | ---- | C] () -- C:\Windows\BorisFX BCC XML.ini
    [2009-04-09 13:50:14 | 000,262,144 | ---- | C] () -- C:\Windows\System32\MSL_All-DLL80_x86.dll
    [2009-04-03 08:38:36 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
    [2009-02-18 17:55:22 | 000,294,912 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
    [2009-02-03 20:52:04 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
    [2008-10-23 13:58:22 | 000,000,000 | ---- | C] () -- C:\Windows\BorisFX FEC6.ini
    [2008-10-23 13:58:22 | 000,000,000 | ---- | C] () -- C:\Windows\BorisFX BCC7.ini
    [2008-10-07 08:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
    [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
    [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
    [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
    [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
    [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
    [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
    [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
    [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
    [2008-09-16 10:49:00 | 000,000,000 | ---- | C] () -- C:\Windows\ScriptTO7.0.ini
    [2008-09-16 10:49:00 | 000,000,000 | ---- | C] () -- C:\Windows\ScriptSP7.0.ini
    [2008-09-16 10:49:00 | 000,000,000 | ---- | C] () -- C:\Windows\ScriptLD7.0.ini
    [2008-09-16 10:49:00 | 000,000,000 | ---- | C] () -- C:\Windows\ScriptJS7.0.ini
    [2008-09-16 10:49:00 | 000,000,000 | ---- | C] () -- C:\Windows\ScriptES7.0.ini
    [2008-09-16 10:49:00 | 000,000,000 | ---- | C] () -- C:\Windows\ScriptEP7.0.ini
    [2008-09-16 10:48:52 | 000,000,000 | ---- | C] () -- C:\Windows\ScriptET7.0.ini
    [2008-09-05 15:46:54 | 000,000,000 | ---- | C] () -- C:\Windows\BorisFEC6.ini
    [2008-08-28 12:19:18 | 000,032,768 | ---- | C] () -- C:\Windows\System32\IsDRM.dll
    [2008-08-28 12:16:00 | 000,544,768 | ---- | C] () -- C:\Windows\System32\AudioConverter.dll
    [2008-06-01 08:13:10 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
    [2008-04-08 22:34:26 | 000,000,427 | ---- | C] () -- C:\Windows\System32\atipblup.dat
    [2008-02-08 17:13:44 | 000,319,488 | ---- | C] () -- C:\Windows\System32\LS3Renderer.dll
    [2007-01-26 00:45:02 | 000,006,784 | ---- | C] () -- C:\Windows\System32\drivers\whfltr2k.sys
    [2005-11-06 00:34:50 | 000,145,408 | ---- | C] () -- C:\Windows\System32\Lame.exe
    [2005-05-17 21:37:10 | 000,076,800 | ---- | C] () -- C:\Windows\System32\Faac.exe
    [2004-12-02 14:20:14 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
    [2004-09-22 09:09:06 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
    [2004-07-20 16:04:02 | 000,094,208 | ---- | C] () -- C:\Windows\System32\TosBtHcrpAPI.dll
    [2004-01-15 13:43:28 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TBTMonUI.dll
    [2003-07-29 14:33:26 | 000,061,440 | ---- | C] () -- C:\Windows\System32\TosHidAPI.dll
    [2002-07-19 17:48:22 | 000,157,696 | ---- | C] () -- C:\Windows\System32\OggEnc.exe
    [1996-04-03 20:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys

    ========== LOP Check ==========

    [2011-03-02 21:23:31 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\.minecraft
    [2011-01-31 20:20:31 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\AMPSoft
    [2011-02-24 11:18:20 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\Audacity
    [2010-08-13 18:42:18 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\Autodesk
    [2010-08-22 21:42:02 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\AV Bros Puzzle Pro 3.0 DEMO
    [2010-08-03 13:06:31 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\Bioshock2
    [2010-07-27 17:47:03 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\bizarre creations
    [2010-12-15 12:08:12 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\Blender Foundation
    [2010-06-10 21:34:24 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\Canneverbe Limited
    [2010-06-12 22:01:17 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    [2010-02-07 15:32:20 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    [2010-02-07 15:32:21 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\DAEMON Tools Lite
    [2010-05-12 21:32:34 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\DAZ 3D
    [2010-02-07 15:32:21 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\DisplayFusion
    [2011-03-02 22:05:33 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\DNA
    [2010-11-01 18:54:49 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\Doctor Who
    [2010-01-28 15:51:09 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\Dragon Age Toolset
    [2010-12-08 17:00:12 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\Dropbox
    [2010-06-30 19:43:22 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\ezNZB
    [2011-02-18 12:03:33 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\Fontographer
    [2010-05-12 20:44:45 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\Free Sound Recorder
    [2010-02-07 15:32:21 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\FreeAudioPack
    [2010-02-07 15:32:21 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\fretsonfire
    [2011-03-02 17:31:06 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\gamesport
    [2010-09-06 09:59:38 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\Golly
    [2010-04-14 19:53:07 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\GrabPro
    [2010-10-01 13:18:49 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\Guitar Pro 6
    [2009-12-11 16:59:10 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\HeidiSQL
    [2010-11-10 19:42:48 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\Hi-Rez Studios
    [2010-02-07 15:32:21 | 000,000,000 | -H-D | M] -- C:\Users\MickeyXD\AppData\Roaming\ijjigame
    [2010-10-23 11:32:19 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\ImgBurn
    [2010-09-04 12:00:11 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\IMVU
    [2010-09-04 10:24:31 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\IMVUClient
    [2010-03-06 01:46:34 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\ISP Monitor
    [2010-02-07 15:32:21 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\Lionhead Studios
    [2010-02-07 22:02:30 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\LockHunter
    [2010-12-13 15:34:09 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\LolClient
    [2010-02-07 15:32:21 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\LuckaSoft
    [2009-12-08 20:41:32 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\Luxand
    [2010-11-10 19:42:59 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\MilkShape 3D 1.x.x
    [2010-04-13 18:52:14 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\Morpheus Software
    [2010-12-01 11:29:17 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\Mumble
    [2010-02-07 15:32:45 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\My Battle for Middle-earth(tm) II Files
    [2010-03-04 07:20:57 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\NCH Swift Sound
    [2010-11-10 19:42:59 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\Notepad++
    [2010-03-14 16:49:02 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\nswb
    [2010-02-07 15:32:46 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\Nuance
    [2010-02-07 15:32:46 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\Opera
    [2010-04-15 21:00:45 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\Orbit
    [2010-07-23 16:39:37 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\PACE Anti-Piracy
    [2010-09-21 20:41:06 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\Packard Bell
    [2010-11-18 09:08:06 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\PE Explorer
    [2011-02-06 20:00:16 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\Planetside Software
    [2010-07-02 12:43:18 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\Process Hacker
    [2010-02-19 22:21:14 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\Red Alert 3
    [2010-02-21 09:26:01 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\Red Alert 3 Uprising
    [2010-03-03 20:28:33 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\Screaming Bee
    [2010-10-28 18:49:49 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\SecondLife
    [2010-06-09 22:01:02 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\Seven Zip
    [2010-08-15 12:30:59 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\Sony
    [2010-08-19 09:35:59 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\SPORE
    [2011-02-20 00:33:23 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\Spotify
    [2010-02-07 15:32:47 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\Subversion
    [2010-05-01 19:55:46 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\TeamViewer
    [2010-06-01 16:38:24 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\thriXXX
    [2010-12-02 13:22:24 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\TomTom
    [2010-05-07 17:42:03 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\TS3Client
    [2010-04-06 08:07:14 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\Ubisoft
    [2011-02-06 20:00:14 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\uk.co.planetside
    [2010-10-02 20:27:29 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\Unity
    [2011-03-02 14:56:25 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\uTorrent
    [2010-09-16 21:53:20 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\Vara Software
    [2010-09-04 11:25:53 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\Vivox
    [2010-10-25 17:08:44 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\WB Games
    [2010-12-03 18:44:56 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\Windows Live Writer
    [2010-11-12 20:51:11 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\WinFF
    [2010-09-16 21:53:02 | 000,000,000 | ---D | M] -- C:\Users\MickeyXD\AppData\Roaming\Wirecast
    [2011-02-16 10:22:13 | 000,032,548 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

    ========== Purity Check ==========



    ========== Custom Scans ==========


    < %SYSTEMDRIVE%\*.* >
    [2010-05-23 00:26:10 | 000,001,024 | ---- | M] () -- C:\.rnd
    [2009-11-02 21:45:04 | 000,000,000 | ---- | M] () -- C:\AdobeDebug.txt
    [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
    [2011-01-08 16:18:22 | 000,005,162 | -H-- | M] () -- C:\BackupManager.list
    [2010-04-10 14:20:42 | 000,004,286 | ---- | M] () -- C:\bla.ico
    [2009-07-14 02:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
    [2010-02-07 23:17:54 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
    [2010-11-13 12:35:33 | 000,027,839 | ---- | M] () -- C:\ComboFix.txt
    [2010-04-25 20:40:34 | 000,000,010 | RHS- | M] () -- C:\config.sys
    [2011-03-02 22:06:40 | 2414,329,856 | -HS- | M] () -- C:\hiberfil.sys
    [2010-01-24 19:15:22 | 000,001,167 | ---- | M] () -- C:\ijjiFFPlugin.log
    [2010-09-10 13:30:00 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
    [2011-03-02 20:32:33 | 000,041,627 | ---- | M] () -- C:\JavaRa.log
    [2009-12-04 19:50:47 | 000,000,000 | ---- | M] () -- C:\m23apdfj.tmp.X
    [2010-09-10 13:30:00 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
    [2010-02-07 09:23:35 | 000,003,352 | ---- | M] () -- C:\netfxlog.txt
    [2011-03-02 22:06:57 | 3219,107,840 | -HS- | M] () -- C:\pagefile.sys
    [2009-10-05 07:49:53 | 000,002,865 | ---- | M] () -- C:\RHDSetup.log
    [2010-09-25 11:25:20 | 000,001,250 | ---- | M] () -- C:\rkill.log

    < %systemroot%\*. /mp /s >

    < %systemroot%\System32\config\*.sav >

    < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

    < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-03-01 22:49:48

    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 152 bytes -> C:\ProgramData\Temp:6900017D
    @Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:C8B8CEBD
    @Alternate Data Stream - 1213 bytes -> C:\Users\MickeyXD\AppData\Local\Fkxq0ydzy8:9Wp6T8OcQikUjXzVKri5q
    @Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:F35A93AD
    @Alternate Data Stream - 111 bytes -> C:\ProgramData\Temp:DFC5A2B2
    @Alternate Data Stream - 1053 bytes -> C:\Users\MickeyXD\AppData\Local\Temp:gtAyqIoBWYeRXxCZlSQehxjJ9

    < End of report >
     
  10. MickeyXD

    MickeyXD Thread Starter

    Joined:
    Aug 28, 2010
    Messages:
    62
    I wanna thank you for your help so far, you're the only one that has replied to me :3
    And where do you get all those useful little programs like OTL.exe and TFC.exe? (i mean is it just experience, that you know what every handy program does,
    or do you get teached that at the pc guru course 101? :p)

    Every time i get helped here at techguy, there seems to be some sort of magical program that just works.
     
  11. kevinf80

    kevinf80 Malware Specialist

    Joined:
    Mar 21, 2006
    Messages:
    10,155
    Can I see this log C:\ComboFix.txt Did you run Combofix yourself or were you helped?
     
  12. MickeyXD

    MickeyXD Thread Starter

    Joined:
    Aug 28, 2010
    Messages:
    62
    I was helped before, the combofix log was created when i had this problem, but for another purpose, so there may be some errors in there that i don't have currently.

    If you want i could re-scan with combofix? (i do need the link in that case 'cause i don't have the file anymore)
     
  13. kevinf80

    kevinf80 Malware Specialist

    Joined:
    Mar 21, 2006
    Messages:
    10,155
    OK, just leave that for now....
     
  14. MickeyXD

    MickeyXD Thread Starter

    Joined:
    Aug 28, 2010
    Messages:
    62
    Alright... so what do i do now...?
     
  15. kevinf80

    kevinf80 Malware Specialist

    Joined:
    Mar 21, 2006
    Messages:
    10,155
    Continue as follows :-

    Step 1

    Re-Run [​IMG] by double left click, Vista and Widows 7 users right click and select Run as Administrator.
    • Under the [​IMG] box at the bottom, paste in the following

      Code:
      :OTL
      SRV - File not found [On_Demand | Stopped] -- -- (npggsvc)
      O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
      O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
      O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
      O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
      @Alternate Data Stream - 152 bytes -> C:\ProgramData\Temp:6900017D
      @Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:C8B8CEBD
      @Alternate Data Stream - 1213 bytes -> C:\Users\MickeyXD\AppData\Local\Fkxq0ydzy8:9Wp6T8OcQikUjXzVKri5q
      @Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:F35A93AD
      @Alternate Data Stream - 111 bytes -> C:\ProgramData\TempFC5A2B2
      @Alternate Data Stream - 1053 bytes -> C:\Users\MickeyXD\AppData\Local\Temp:gtAyqIoBWYeRXxCZlSQehxjJ9
      
      :Services
      
      :Reg
      
      :Files
      ipconfig /flushdns /c
      C:\Windows\PEV.exe
      C:\Windows\sed.exe
      C:\Windows\MBR.exe
      C:\Windows\grep.exe
      C:\Windows\zip.exe
      :Commands
      [purity]
      [resethosts]
      [emptytemp]
      [EMPTYFLASH]
      [CREATERESTOREPOINT]
      
    • Then click [​IMG] button at the top
    • Let the program run unhindered, reboot the PC when it is done
    • Post the log it produces in your next reply.

    Step 2

    Go Here and follow the instructions, see if Java will install.

    One point of note, your C: Drive has only 10% free space, windows like 15% to work efficiently, you may want to move some of your data to create more fee space.....

    Kevin
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/980709