Can't install, uninstall or virus scan

Microsoft Windows ultimate 7
April 6, 2010 at 06:06:53
Specs: Windows 7
I recently had a problem with Winamp crashing whenever I opened it, when I tried to fix it it let me to 'Server' not starting properly (under Services.msc). I ran a few virus scanners, and tried to fix the problem, which seems to have made things 100x worse.

I can't install or uninstall most apps, and most virus scanners. Ad-aware crashes on startup. Comodo freezes on certain files in the Windows directory. Malwarebytes' Anti-Malware either won't open, or crashes when scanning or quarantining. HijackThis won't even install! I also can't open Winamp and iTunes.

When I check Task Manager sometimes the programs will be open but not visibly running, sometimes not. I tried repairing Windows, and also reinstalling it, but it usually hangs on the 'Windows is copying files' screen. It also takes forever to reboot.

I'm running Windows 7. It's driving me crazy so I'd greatly appreciate any help. Thank you!


See More: Cant install, uninstall or virus scan

Report •


#1
April 10, 2010 at 05:24:48
did your PC come with windows 7 installed?

Some HELP in posting on Computing.net plus free progs and instructions Cheers


Report •

#2
April 11, 2010 at 10:42:14
No, I upgraded to Windows 7 from Vista.

Report •

#3
April 11, 2010 at 10:52:12
'I tried repairing Windows, and also reinstalling it,'

did you go to safe mode and click on repair my pc?

'I ran a few virus scanners, and tried to fix the problem, which seems to have made things 100x worse. '

Which ones?

Some HELP in posting on Computing.net plus free progs and instructions Cheers


Report •

Related Solutions

#4
April 11, 2010 at 11:30:09
See if you can run this scan.

Please download OTL from following site:

OTL by OldTimer

1. Save it to your desktop
2. Double click the OTL icon on your desktop
3. Close any open browsers.
4. Double-click on OTL.exe to start the program.
Leave all settings as they appear as default, except for the following:

Under the Custom Scan box paste this in
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT

Now click the Run Scan button on the toolbar.
The program will be scanning huge amounts of data so depending on your system it could take a long time to complete. Let it run unhindered until it finishes.
When the scan is complete Notepad will open with the report file loaded in it.
Save that notepad file
Post the contents of that Notepad document in your next reply.


Report •

#5
April 11, 2010 at 14:54:04
jabuck, it created OTL.txt which is a lengthy text document, it won't seem to let me post it on this forum. Is there any other way I could get it to you?

Report •

#6
April 12, 2010 at 15:12:29
Here's a tinybin link to the log:

Here!


Report •

#7
April 12, 2010 at 19:41:47
Please post the log here in segments. Just try to post half of it then if that don't post reduce it by half again until you reach a size that will post. Then post the rest of the segments...annoying but works.

Report •

#8
April 13, 2010 at 10:15:19
OTL logfile created on: 11/04/2010 22:12:25 - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = B:\-- Downloads
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 59.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 67.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 259.03 Gb Total Space | 104.52 Gb Free Space | 40.35% Space Free | Partition Type: NTFS
Drive D: | 39.06 Gb Total Space | 28.74 Gb Free Space | 73.59% Space Free | Partition Type: NTFS
Drive E: | 2.27 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 465.76 Gb Total Space | 11.60 Gb Free Space | 2.49% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ROO-PC
Current User Name: Roo
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2010/04/11 19:52:44 | 000,561,664 | ---- | M] (OldTimer Tools) -- B:\-- Downloads\OTL.exe
PRC - [2010/04/09 11:11:48 | 001,265,264 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2010/04/02 11:12:33 | 000,818,256 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2010/03/23 18:40:32 | 000,967,888 | ---- | M] () -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2010/03/23 18:40:18 | 001,994,640 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2010/03/16 16:25:28 | 000,069,408 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files\Uniblue\RegistryBooster\registrybooster.exe
PRC - [2010/03/07 19:22:56 | 000,319,792 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/09/23 14:38:18 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009/09/14 17:56:46 | 001,584,640 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe
PRC - [2009/07/14 02:14:46 | 000,334,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wisptis.exe
PRC - [2009/07/14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/05/26 23:31:29 | 000,085,160 | ---- | M] (Elaborate Bytes AG) -- C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
PRC - [2009/03/27 08:51:26 | 000,602,112 | ---- | M] (Jugaari) -- C:\Program Files\Jugaari\Jaadu RDP Connect\JaaduConnect.exe
PRC - [2008/12/14 23:45:29 | 002,341,376 | ---- | M] (SoftwareOnline.com, Inc.) -- C:\Program Files\Memturbo 4\MemTurbo.exe
PRC - [2008/08/14 17:11:48 | 000,565,008 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
PRC - [2008/07/26 08:25:36 | 000,150,040 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2007/06/17 11:14:36 | 000,096,256 | ---- | M] () -- D:\Program Files\VLC\vlc.exe
PRC - [2007/05/28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
PRC - [2006/05/02 22:07:16 | 000,659,456 | ---- | M] ( ) -- C:\Program Files\802.11g USB Wireless Network Driver and Utility HW.14 V1.0.0\RtWLan.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2010/04/11 19:52:44 | 000,561,664 | ---- | M] (OldTimer Tools) -- B:\-- Downloads\OTL.exe
MOD - [2010/03/03 17:54:42 | 000,276,648 | ---- | M] (COMODO) -- C:\Windows\System32\guard32.dll
MOD - [2009/09/14 17:56:44 | 000,198,656 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\Common Files\Motive\McciContextHook_DSR.dll
MOD - [2009/07/14 02:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009/07/14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009/07/14 02:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009/07/14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009/07/14 02:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009/07/14 02:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009/07/14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009/07/14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009/07/14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009/07/14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2009/07/14 02:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
MOD - [2008/07/26 08:25:24 | 000,109,080 | ---- | M] (Logitech Inc.) -- C:\Windows\Temp\logishrd\LVPrcInj01.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010/04/09 11:11:48 | 001,265,264 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/03/23 18:40:32 | 000,967,888 | ---- | M] () [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2010/01/14 22:00:52 | 000,139,264 | ---- | M] (SOURCENEXT) [Auto | Stopped] -- C:\Windows\System32\bgsvcgen.exe -- (bgsvcgen)
SRV - [2009/11/26 11:56:51 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/09/23 14:38:18 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009/08/16 00:39:14 | 001,589,704 | ---- | M] (UltraVNC) [Auto | Stopped] -- C:\Program Files\UltraVNC\WinVNC.exe -- (uvnc_service)
SRV - [2009/07/14 02:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009/07/14 02:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009/07/14 02:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009/07/14 02:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009/07/14 02:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009/07/14 02:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009/07/14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009/07/14 02:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/07/14 02:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/14 02:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009/07/14 02:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/07/14 02:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009/07/14 02:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009/07/14 02:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009/07/14 02:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX Installer (AxInstSV)
SRV - [2009/07/14 02:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009/07/14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2008/07/26 08:25:36 | 000,150,040 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008/07/26 08:23:42 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)
SRV - [2007/05/28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010/03/23 18:39:52 | 000,218,560 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2010/03/03 17:54:06 | 000,030,032 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2010/03/03 17:54:04 | 000,016,664 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmderd.sys -- (cmderd)
DRV - [2010/02/04 16:53:02 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010/01/14 22:00:52 | 000,038,944 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2010/01/12 13:03:34 | 011,586,280 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/09/15 13:06:38 | 000,721,904 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2009/09/14 17:56:42 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/09/14 17:56:40 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009/07/14 02:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009/07/14 02:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009/07/14 02:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009/07/14 02:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009/07/14 02:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009/07/14 02:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009/07/14 02:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009/07/14 02:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009/07/14 02:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009/07/14 02:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009/07/14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009/07/14 02:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009/07/14 02:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009/07/14 02:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009/07/14 02:20:36 | 000,133,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009/07/14 02:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009/07/14 02:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009/07/14 02:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009/07/14 02:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009/07/14 02:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009/07/14 02:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009/07/14 02:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009/07/14 02:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009/07/14 02:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009/07/14 02:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009/07/14 02:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009/07/14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/14 02:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009/07/14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009/07/14 02:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009/07/14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/14 02:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009/07/14 02:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009/07/14 02:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009/07/14 02:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009/07/14 02:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009/07/14 02:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009/07/14 02:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009/07/14 02:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009/07/14 02:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009/07/14 01:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009/07/14 01:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)
DRV - [2009/07/14 01:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009/07/14 00:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009/07/14 00:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009/07/14 00:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009/07/14 00:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009/07/14 00:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
DRV - [2009/07/14 00:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009/07/14 00:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009/07/14 00:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009/07/14 00:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009/07/14 00:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009/07/14 00:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009/07/14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/07/14 00:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009/07/14 00:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)
DRV - [2009/07/14 00:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009/07/14 00:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)
DRV - [2009/07/13 23:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 23:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009/07/13 23:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009/07/13 23:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009/07/13 23:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009/07/13 23:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009/07/13 23:02:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/07/13 23:02:50 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2009/07/13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009/07/13 23:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009/07/13 23:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2009/06/30 10:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2009/02/17 18:11:30 | 000,024,232 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2008/09/22 08:28:50 | 000,042,512 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2008/08/14 08:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\adfs.sys -- (adfs)
DRV - [2008/07/26 08:25:02 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008/07/01 08:56:22 | 000,039,944 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\eamon.sys -- (eamon)
DRV - [1996/04/03 19:33:00 | 000,005,248 | ---- | M] () [Kernel | System | Running] -- B:\Program Files\TVTool\TVTOOL.SYS -- (tvtool)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.skip-search.com/?cfg=2-8...
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D8 39 09 50 53 99 CA 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.3
FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.11.6
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.7
FF - prefs.js..extensions.enabledItems: {6e764c17-863a-450f-bdd0-6772bd5aaa18}:1.0.3
FF - prefs.js..extensions.enabledItems: SkipScreen@SkipScreen:0.4.8s
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.2
FF - prefs.js..extensions.enabledItems: ubiquity@labs.mozilla.com:0.1.9.1

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2010/04/06 12:11:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2010/04/06 12:11:07 | 000,000,000 | ---D | M]

[2010/04/04 01:25:49 | 000,000,000 | ---D | M] -- C:\Users\Roo\AppData\Roaming\Mozilla\Extensions
[2010/04/11 18:13:29 | 000,000,000 | ---D | M] -- C:\Users\Roo\AppData\Roaming\Mozilla\Firefox\Profiles\zbzyxrpk.default\extensions
[2010/04/04 01:25:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Roo\AppData\Roaming\Mozilla\Firefox\Profiles\zbzyxrpk.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2010/04/04 01:25:53 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Roo\AppData\Roaming\Mozilla\Firefox\Profiles\zbzyxrpk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/04/04 01:25:53 | 000,000,000 | ---D | M] (Media Converter) -- C:\Users\Roo\AppData\Roaming\Mozilla\Firefox\Profiles\zbzyxrpk.default\extensions\{6e764c17-863a-450f-bdd0-6772bd5aaa18}
[2010/04/04 01:25:53 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Roo\AppData\Roaming\Mozilla\Firefox\Profiles\zbzyxrpk.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010/04/04 01:25:53 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Roo\AppData\Roaming\Mozilla\Firefox\Profiles\zbzyxrpk.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/04/04 01:25:53 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\Roo\AppData\Roaming\Mozilla\Firefox\Profiles\zbzyxrpk.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010/04/04 01:25:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Roo\AppData\Roaming\Mozilla\Firefox\Profiles\zbzyxrpk.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2010/04/04 01:25:51 | 000,000,000 | ---D | M] -- C:\Users\Roo\AppData\Roaming\Mozilla\Firefox\Profiles\zbzyxrpk.default\extensions\piclens@cooliris.com
[2010/04/04 01:25:51 | 000,000,000 | ---D | M] -- C:\Users\Roo\AppData\Roaming\Mozilla\Firefox\Profiles\zbzyxrpk.default\extensions\SkipScreen@SkipScreen
[2010/04/04 01:25:52 | 000,000,000 | ---D | M] -- C:\Users\Roo\AppData\Roaming\Mozilla\Firefox\Profiles\zbzyxrpk.default\extensions\ubiquity@labs.mozilla.com
[2010/04/11 18:13:30 | 000,001,137 | ---- | M] () -- C:\Users\Roo\AppData\Roaming\Mozilla\Firefox\Profiles\zbzyxrpk.default\searchplugins\dictionarycom.xml
[2010/04/11 18:13:31 | 000,002,580 | ---- | M] () -- C:\Users\Roo\AppData\Roaming\Mozilla\Firefox\Profiles\zbzyxrpk.default\searchplugins\imdb.xml
[2010/04/11 18:13:31 | 000,001,817 | ---- | M] () -- C:\Users\Roo\AppData\Roaming\Mozilla\Firefox\Profiles\zbzyxrpk.default\searchplugins\the-pirate-bay.xml
[2010/04/11 18:13:30 | 000,001,326 | ---- | M] () -- C:\Users\Roo\AppData\Roaming\Mozilla\Firefox\Profiles\zbzyxrpk.default\searchplugins\wikipedia-english.xml
[2010/04/11 18:13:31 | 000,002,087 | ---- | M] () -- C:\Users\Roo\AppData\Roaming\Mozilla\Firefox\Profiles\zbzyxrpk.default\searchplugins\youtube.xml


Report •

#9
April 13, 2010 at 10:16:00
O1 HOSTS File: ([2009/11/26 14:10:34 | 000,001,306 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - b:\Program Files\FlashFXP\IEFlash.dll (IniCom Networks, Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [btbb_McciTrayApp] C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe (Alcatel-Lucent)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()
O4 - HKLM..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe (Simply Super Software)
O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O4 - HKCU..\Run: [JaaduRDPConnect] C:\Program Files\Jugaari\Jaadu RDP Connect\JaaduConnect.exe (Jugaari)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] b:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKCU..\RunOnce: [UniblueRegistryBooster] C:\Program Files\Uniblue\RegistryBooster\launcher.exe (Uniblue Systems Limited)
O4 - Startup: C:\Users\Roo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MemTurbo.lnk = C:\Program Files\Memturbo 4\MemTurbo.exe (SoftwareOnline.com, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll (Apple Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/ji... (Java Plug-in 1.6.0_15)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/ge... (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/ji... (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/ji... (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/ji... (Java Plug-in 1.6.0_15)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\guard32.dll) - C:\Windows\System32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop WallPaper: C:\Users\Roo\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Roo\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/07/13 13:55:00 | 000,000,043 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2009/07/14 03:37:08 | 000,000,000 | ---D | M]
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation)
NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation)


[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2010/04/06 14:19:24 | 000,000,000 | ---D | C] -- C:\Users\Roo\AppData\Roaming\Uniblue
[2010/04/06 14:19:20 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2010/04/05 15:19:00 | 000,000,000 | -HSD | C] -- C:\ProgramData\Templates
[2010/04/05 15:19:00 | 000,000,000 | -HSD | C] -- C:\ProgramData\Start Menu
[2010/04/05 15:19:00 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Videos
[2010/04/05 15:19:00 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Pictures
[2010/04/05 15:19:00 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Music
[2010/04/05 15:19:00 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favorites
[2010/04/05 15:19:00 | 000,000,000 | -HSD | C] -- C:\Documents and Settings
[2010/04/05 15:19:00 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documents
[2010/04/05 15:19:00 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop
[2010/04/05 15:19:00 | 000,000,000 | -HSD | C] -- C:\ProgramData\Application Data
[2010/04/05 03:02:29 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/04/05 03:02:29 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/04/05 03:02:29 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010/04/05 03:02:24 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010/04/05 03:02:19 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2010/04/05 03:02:19 | 000,507,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2010/04/05 03:02:19 | 000,442,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2010/04/05 03:02:18 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010/04/05 03:02:04 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010/04/05 03:01:59 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010/04/05 03:01:59 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010/04/05 03:01:59 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010/04/05 03:01:57 | 003,955,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010/04/05 03:01:57 | 003,899,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010/04/05 03:01:56 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010/04/05 03:01:56 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010/04/05 03:01:56 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010/04/05 03:01:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010/04/04 03:17:06 | 000,000,000 | -H-D | C] -- C:\$WINDOWS.~Q
[2010/04/04 03:09:22 | 000,000,000 | -H-D | C] -- C:\$INPLACE.~TR
[2010/04/04 00:57:29 | 000,000,000 | --SD | C] -- C:\Users\Roo\AppData\Roaming\Microsoft
[2010/04/04 00:57:29 | 000,000,000 | R--D | C] -- C:\Users\Roo\Videos
[2010/04/04 00:57:29 | 000,000,000 | R--D | C] -- C:\Users\Roo\Saved Games
[2010/04/04 00:57:29 | 000,000,000 | R--D | C] -- C:\Users\Roo\Pictures
[2010/04/04 00:57:29 | 000,000,000 | R--D | C] -- C:\Users\Roo\Music
[2010/04/04 00:57:29 | 000,000,000 | R--D | C] -- C:\Users\Roo\Links
[2010/04/04 00:57:29 | 000,000,000 | R--D | C] -- C:\Users\Roo\Favorites
[2010/04/04 00:57:29 | 000,000,000 | R--D | C] -- C:\Users\Roo\Downloads
[2010/04/04 00:57:29 | 000,000,000 | R--D | C] -- C:\Users\Roo\My Documents
[2010/04/04 00:57:29 | 000,000,000 | R--D | C] -- C:\Users\Roo\Desktop
[2010/04/04 00:57:29 | 000,000,000 | -HSD | C] -- C:\Users\Roo\AppData\Local\Temporary Internet Files
[2010/04/04 00:57:29 | 000,000,000 | -HSD | C] -- C:\Users\Roo\Templates
[2010/04/04 00:57:29 | 000,000,000 | -HSD | C] -- C:\Users\Roo\Start Menu
[2010/04/04 00:57:29 | 000,000,000 | -HSD | C] -- C:\Users\Roo\SendTo
[2010/04/04 00:57:29 | 000,000,000 | -HSD | C] -- C:\Users\Roo\Recent
[2010/04/04 00:57:29 | 000,000,000 | -HSD | C] -- C:\Users\Roo\PrintHood
[2010/04/04 00:57:29 | 000,000,000 | -HSD | C] -- C:\Users\Roo\NetHood
[2010/04/04 00:57:29 | 000,000,000 | -HSD | C] -- C:\Users\Roo\Documents\My Videos
[2010/04/04 00:57:29 | 000,000,000 | -HSD | C] -- C:\Users\Roo\Documents\My Pictures
[2010/04/04 00:57:29 | 000,000,000 | -HSD | C] -- C:\Users\Roo\Documents\My Music
[2010/04/04 00:57:29 | 000,000,000 | -HSD | C] -- C:\Users\Roo\My Documents
[2010/04/04 00:57:29 | 000,000,000 | -HSD | C] -- C:\Users\Roo\Local Settings
[2010/04/04 00:57:29 | 000,000,000 | -HSD | C] -- C:\Users\Roo\AppData\Local\History
[2010/04/04 00:57:29 | 000,000,000 | -HSD | C] -- C:\Users\Roo\Cookies
[2010/04/04 00:57:29 | 000,000,000 | -HSD | C] -- C:\Users\Roo\Application Data
[2010/04/04 00:57:29 | 000,000,000 | -HSD | C] -- C:\Users\Roo\AppData\Local\Application Data
[2010/04/04 00:57:29 | 000,000,000 | -H-D | C] -- C:\Users\Roo\AppData
[2010/04/04 00:57:29 | 000,000,000 | ---D | C] -- C:\Users\Roo\AppData\Local\Temp
[2010/04/04 00:57:29 | 000,000,000 | ---D | C] -- C:\Users\Roo\AppData\Local\Microsoft
[2010/04/04 00:57:29 | 000,000,000 | ---D | C] -- C:\Users\Roo\AppData\Roaming\Media Center Programs
[2010/04/03 23:58:37 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2010/04/03 22:34:10 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010/04/03 22:34:04 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010/04/03 20:21:21 | 000,000,000 | ---D | C] -- C:\Windows\CSC
[2010/04/01 16:23:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo Downloader
[2010/04/01 16:22:59 | 000,000,000 | -H-D | C] -- C:\VritualRoot
[2010/04/01 16:16:31 | 000,000,000 | ---D | C] -- C:\ProgramData\COMODO
[2010/04/01 16:08:28 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2010/04/01 15:13:04 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/03/29 22:40:08 | 000,000,000 | ---D | C] -- C:\Program Files\UltraVNC
[2010/03/29 15:40:23 | 000,000,000 | ---D | C] -- C:\Users\Roo\Documents\Simply Super Software
[2010/03/29 15:40:18 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ztvcabinet.dll
[2010/03/29 15:40:02 | 000,000,000 | ---D | C] -- C:\Program Files\Trojan Remover
[2010/03/29 15:40:02 | 000,000,000 | ---D | C] -- C:\Users\Roo\AppData\Roaming\Simply Super Software
[2010/03/29 15:40:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
[2010/03/29 13:06:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2010/03/29 13:06:27 | 000,000,000 | ---D | C] -- C:\Users\Roo\AppData\Roaming\Winamp2
[2010/03/26 12:12:01 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys
[2010/03/26 12:11:58 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2010/03/26 09:33:13 | 000,000,000 | -H-D | C] -- C:\ProgramData\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2010/03/26 09:32:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2010/03/26 09:32:51 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2010/03/26 00:17:30 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2010/03/25 23:55:31 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\drivers\pavboot.sys
[2010/03/25 23:55:12 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2010/03/25 19:12:31 | 000,000,000 | ---D | C] -- C:\Users\Roo\Documents\Square Enix
[2010/03/25 19:07:33 | 000,000,000 | ---D | C] -- C:\Program Files\Just Cause 2
[2010/03/23 18:39:52 | 000,218,560 | ---- | C] (COMODO) -- C:\Windows\System32\drivers\cmdGuard.sys
[2010/03/18 01:01:52 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM
[2010/03/18 01:01:34 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player
[2010/03/18 01:01:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010/03/17 23:20:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Akamai
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2010/04/11 22:30:58 | 004,718,592 | -HS- | M] () -- C:\Users\Roo\NTUSER.DAT
[2010/04/06 18:23:10 | 000,010,288 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/04/06 18:23:10 | 000,010,288 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/04/06 14:19:21 | 000,001,050 | ---- | M] () -- C:\Users\Public\Desktop\RegistryBooster.lnk
[2010/04/06 13:30:00 | 000,000,981 | ---- | M] () -- C:\Users\Roo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MemTurbo.lnk
[2010/04/06 13:27:55 | 000,717,892 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/04/06 13:27:55 | 000,622,110 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/04/06 13:27:55 | 000,108,232 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/04/06 13:23:43 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/04/06 13:23:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/04/06 13:23:25 | 1609,424,896 | -HS- | M] () -- C:\hiberfil.sys
[2010/04/06 13:17:49 | 000,993,988 | -H-- | M] () -- C:\Users\Roo\AppData\Local\IconCache.db
[2010/04/06 12:09:18 | 000,111,968 | ---- | M] () -- C:\Users\Roo\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/04/06 12:08:40 | 000,000,020 | -HS- | M] () -- C:\Users\Roo\ntuser.ini
[2010/04/06 04:00:34 | 002,535,280 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/04/04 06:21:20 | 000,042,045 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010/04/04 02:45:55 | 000,021,412 | ---- | M] () -- C:\Windows\System32\emptyregdb.dat
[2010/04/04 00:57:30 | 000,524,288 | -HS- | M] () -- C:\Users\Roo\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010/04/04 00:57:30 | 000,524,288 | -HS- | M] () -- C:\Users\Roo\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010/04/04 00:57:30 | 000,065,536 | -HS- | M] () -- C:\Users\Roo\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010/04/03 04:48:47 | 001,474,832 | ---- | M] () -- C:\Windows\System32\drivers\sfi.dat
[2010/04/02 23:51:48 | 000,001,908 | ---- | M] () -- C:\Windows\diagwrn.xml
[2010/04/02 23:51:48 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2010/04/02 23:37:07 | 000,003,314 | ---- | M] () -- C:\Users\Roo\Desktop\Windows Compatibility Report.htm
[2010/04/01 16:08:38 | 000,001,846 | ---- | M] () -- C:\Users\Public\Desktop\COMODO Antivirus.lnk
[2010/03/30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/03/30 00:45:52 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/03/29 23:28:38 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2010/03/29 13:06:38 | 000,000,687 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2010/03/26 13:24:29 | 000,026,136 | ---- | M] () -- C:\Users\Roo\SyncDocs.conf
[2010/03/26 12:11:55 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2010/03/26 00:17:35 | 000,000,969 | ---- | M] () -- C:\Users\Roo\Desktop\SpywareBlaster.lnk
[2010/03/25 19:10:21 | 000,000,999 | ---- | M] () -- C:\Users\Public\Desktop\Just Cause 2.lnk
[2010/03/23 18:39:52 | 000,218,560 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmdGuard.sys
[2010/03/22 18:52:49 | 000,000,600 | ---- | M] () -- C:\Users\Roo\AppData\Roaming\winscp.rnd
[2010/03/19 19:00:40 | 000,001,335 | ---- | M] () -- C:\Users\Roo\Desktop\Clubland Work it Out.avi - Shortcut.lnk
[2010/03/16 10:48:00 | 000,000,028 | ---- | M] () -- C:\Windows\v2d.INI
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010/04/06 14:19:21 | 000,001,050 | ---- | C] () -- C:\Users\Public\Desktop\RegistryBooster.lnk
[2010/04/06 12:08:40 | 000,000,020 | -HS- | C] () -- C:\Users\Roo\ntuser.ini
[2010/04/04 06:51:05 | 1609,424,896 | -HS- | C] () -- C:\hiberfil.sys
[2010/04/04 00:57:29 | 004,718,592 | -HS- | C] () -- C:\Users\Roo\NTUSER.DAT
[2010/04/04 00:57:29 | 000,524,288 | -HS- | C] () -- C:\Users\Roo\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010/04/04 00:57:29 | 000,524,288 | -HS- | C] () -- C:\Users\Roo\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010/04/04 00:57:29 | 000,262,144 | -HS- | C] () -- C:\Users\Roo\ntuser.dat.LOG1
[2010/04/04 00:57:29 | 000,065,536 | -HS- | C] () -- C:\Users\Roo\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010/04/04 00:57:29 | 000,000,000 | -HS- | C] () -- C:\Users\Roo\ntuser.dat.LOG2
[2010/04/02 23:37:07 | 000,003,314 | ---- | C] () -- C:\Users\Roo\Desktop\Windows Compatibility Report.htm
[2010/04/01 16:16:18 | 001,474,832 | ---- | C] () -- C:\Windows\System32\drivers\sfi.dat
[2010/04/01 16:08:38 | 000,001,846 | ---- | C] () -- C:\Users\Public\Desktop\COMODO Antivirus.lnk
[2010/03/29 23:28:38 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/03/29 15:40:18 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll
[2010/03/29 15:40:18 | 000,153,088 | ---- | C] () -- C:\Windows\System32\UNRAR3.dll
[2010/03/29 15:40:18 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll
[2010/03/29 15:40:18 | 000,075,264 | ---- | C] () -- C:\Windows\System32\unacev2.dll
[2010/03/29 13:06:38 | 000,000,687 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
[2010/03/26 00:17:35 | 000,000,969 | ---- | C] () -- C:\Users\Roo\Desktop\SpywareBlaster.lnk
[2010/03/25 19:10:21 | 000,000,999 | ---- | C] () -- C:\Users\Public\Desktop\Just Cause 2.lnk
[2010/03/17 19:13:37 | 000,001,335 | ---- | C] () -- C:\Users\Roo\Desktop\Clubland Work it Out.avi - Shortcut.lnk
[2009/11/12 23:30:11 | 000,000,028 | ---- | C] () -- C:\Windows\v2d.INI
[2009/07/14 17:15:00 | 000,178,432 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/04/30 17:46:24 | 000,000,600 | ---- | C] () -- C:\Users\Roo\AppData\Roaming\winscp.rnd
[2009/04/24 23:38:00 | 000,000,541 | ---- | C] () -- C:\Users\Roo\AppData\Roaming\AutoGK.ini
[2009/03/04 00:24:26 | 000,000,043 | ---- | C] () -- C:\Windows\gswin32.ini
[2009/03/03 22:51:01 | 000,026,136 | ---- | C] () -- C:\Users\Roo\SyncDocs.conf
[2009/01/25 22:10:48 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009/01/12 20:16:51 | 000,053,248 | ---- | C] () -- C:\Windows\System32\zlib.dll
[2009/01/09 00:01:22 | 000,815,104 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008/10/21 11:24:05 | 000,000,048 | ---- | C] () -- C:\Windows\bsm.ini
[2008/10/11 22:25:34 | 000,000,109 | ---- | C] () -- C:\Windows\disney.ini
[2008/10/07 10:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008/07/26 08:25:02 | 000,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2008/06/05 09:58:26 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2002/10/15 23:54:04 | 000,153,088 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2002/03/07 01:19:16 | 000,454,656 | ---- | C] () -- C:\Windows\System32\PaintX.dll

[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys

[color=#A23BEC]< MD5 for: CNGAUDIT.DLL >[/color]
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

[color=#A23BEC]< MD5 for: IASTORV.SYS >[/color]
[2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys
[2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys

[color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll

[color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color]
[2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
[2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys

[color=#A23BEC]< MD5 for: SCECLI.DLL >[/color]
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

< End of report >


Report •

#10
November 7, 2010 at 15:46:56
Sounds like the problem I was having. Did this happen after you installed something big like an Adobe update? How much of your memory and RAM are free? Have you cleaned out your recycle bin, temporary internet folders lately? Are you storing too many things on your desktop? BEFORE cleaning out the above mentioned folders double check make sure none of your resgistry files found their way there...that's what happened to my old XP and I inadvertently deleted Windows operating system files that found their way into the recycle bin.....I had just caught a fleeting glimpse of a file name as it was being deleted. It seems that the large update may have displaced some existing files/folders, This also happened to me years ago (same computer) when down loading the notorious SP2 for Windows XP! Was using NTFS and a partitioned C Drive.

Report •

#11
November 7, 2010 at 20:21:24
cagineer, did you notice the date on that thread?

Some HELP in posting on Computing.net plus free progs and instructions Cheers


Report •


Ask Question