TheTechGuide Forum
General Category => Tech Clinic => Topic started by: rdchase1 on August 17, 2010, 11:20:25 PM
-
Hello I have recently encountered "the blue screen of death" it actually appeared when I was trying to post on this forum about my computers frustrating and all too frequent crashing to desktop while gaming. I am going to keep this short as my long winded explanation was wiped out . Basically I bought this computer off my friend who had reformatted it before selling it to me. He was an avid gamer and had never encountered crashing like I have been having. I have tried updating video drivers and it has not helped. Considering the games I am trying to run he was running fine before and the appearance of the blue screen of death I am quite certain something else must be going on here. Although the crashing mostly happens when I am gaming my computer has also reset itself randomly atleast 5-6 times in the past week that I've been using it. What do you suggest I do?
Thank you!!
-
I have been looking at my devices and found my dual amd processors were both running on drivers from 2002 which I updated automatically to drivers from 2007 not sure why there isnt anything newer available. Also under SCSI and RAID controllers there was a yellow exclamation next to my IDE controller so I auto installed a driver which was a driver from 2002 so I tried to update it and I got an error saying the specified service does not exist as an installed device so I just reinstalled the 2002 driver.
-
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:38:23 PM, on 8/19/2010
Platform: Windows 2003 SP2 (WinNT 5.02.3790)
MSIE: Internet Explorer v6.00 SP2 (6.00.3790.1830)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\SysWOW64\PnkBstrA.exe
C:\WINDOWS\SysWOW64\PnkBstrB.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Administrator\My Documents\Downloads\HijackThis.exe
F2 - REG:system.ini: UserInit=userinit
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll (file missing)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Startup: Logitech . Product Registration.lnk = C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1279152789546
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\SysWOW64\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\SysWOW64\browseui.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe (file missing)
O23 - Service: Event Log (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
O23 - Service: HTTP SSL (HTTPFilter) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - C:\WINDOWS\system32\msdtc.exe (file missing)
O23 - Service: Net Logon (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NT LM Security Support Provider (NtLmSsp) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvsvc64.exe (file missing)
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: IPSEC Services (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Remote Desktop Help Session Manager (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe (file missing)
O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Virtual Disk Service (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe (file missing)
O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing)
--
End of file - 5205 bytes
-
Download [color="#FF0000"]OTL.exe[/color] (http://"http://oldtimer.geekstogo.com/OTL.exe")[/url] by OldTimer to your Desktop.
- Close all windows and double click on OTL.exe to run it
- Click Run Scan and let the program run uninterrupted.
- It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
- You may need to use two posts to get it all.
In addition, can you supply the exact Make/Model of computer your running please
-
OTL logfile created on: 8/21/2010 2:16:43 PM - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\Administrator\My Documents\Downloads
64bit-Windows Server 2003 Service Pack 2 (Version = 5.2.3790) - Type = NTWorkstation
Internet Explorer (Version = 6.0.3790.3959)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 81.00% Memory free
8.00 Gb Paging File | 7.00 Gb Available in Paging File | 92.00% Paging File free
Paging file location(s): c:\pagefile.sys 4092 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298.08 Gb Total Space | 243.35 Gb Free Space | 81.64% Space Free | Partition Type: NTFS
Drive D: | 7.71 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: RANDY-57XSHHBZQ
Current User Name: Administrator
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010/08/21 14:16:37 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\My Documents\Downloads\OTL.exe
PRC - [2010/08/21 13:26:36 | 000,215,128 | ---- | M] () -- C:\WINDOWS\SysWOW64\PnkBstrB.exe
PRC - [2010/08/20 17:59:00 | 000,075,064 | ---- | M] () -- C:\WINDOWS\SysWOW64\PnkBstrA.exe
PRC - [2010/08/15 21:00:06 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/08/14 01:14:23 | 001,238,352 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2010/07/14 19:25:28 | 002,269,696 | ---- | M] (Topala Software Solutions) -- C:\Program Files (x86)\SIW\siw.exe
PRC - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/03/02 11:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2010/01/14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
========== Modules (SafeList) ==========
MOD - [2010/08/21 14:16:37 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\My Documents\Downloads\OTL.exe
MOD - [2007/02/18 11:24:12 | 001,051,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\wow64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.3959_x-ww_5FA17F4E\comctl32.dll
MOD - [2007/02/18 11:05:42 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWOW64\msscript.ocx
MOD - [2007/02/18 11:05:22 | 000,797,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWOW64\comres.dll
MOD - [2005/03/25 05:00:00 | 000,178,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWOW64\wbem\framedyn.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - File not found [On_Demand | Stopped] -- C:\WINDOWS\SysNative\xmlprov.dll -- (xmlprov)
SRV:64bit: - File not found [Auto | Running] -- C:\WINDOWS\SysNative\wzcsvc.dll -- (WZCSVC)
SRV:64bit: - File not found [Auto | Running] -- C:\WINDOWS\SysNative\wuauserv.dll -- (wuauserv)
SRV:64bit: - File not found [On_Demand | Stopped] -- C:\WINDOWS\SysNative\advapi32.dll -- (Wmi)
SRV:64bit: - File not found [On_Demand | Stopped] -- C:\WINDOWS\SysNative\mspmsnsv.dll -- (WmdmPmSN)
SRV:64bit: - File not found [On_Demand | Stopped] -- C:\WINDOWS\SysNative\ups.exe -- (UPS)
SRV:64bit: - File not found [Disabled | Stopped] -- C:\WINDOWS\SysNative\tlntsvr.exe -- (TlntSvr)
SRV:64bit: - File not found [Auto | Stopped] -- C:\WINDOWS\SysNative\smlogsvc.exe -- (SysmonLog)
SRV:64bit: - File not found [Auto | Running] -- C:\WINDOWS\SysNative\srsvc.dll -- (srservice)
SRV:64bit: - File not found [On_Demand | Stopped] -- C:\WINDOWS\SysNative\SCardSvr.exe -- (SCardSvr)
SRV:64bit: - File not found [On_Demand | Stopped] -- C:\WINDOWS\SysNative\sessmgr.exe -- (RDSessMgr)
SRV:64bit: - File not found [Auto | Running] -- C:\WINDOWS\SysNative\PnkBstrB.exe -- (PnkBstrB)
SRV:64bit: - File not found [Auto | Running] -- C:\WINDOWS\SysNative\PnkBstrA.exe -- (PnkBstrA)
SRV:64bit: - File not found [Auto | Running] -- C:\WINDOWS\SysNative\services.exe -- (PlugPlay)
SRV:64bit: - File not found [Auto | Running] -- C:\WINDOWS\SysNative\nvsvc64.exe -- (nvsvc)
SRV:64bit: - File not found [On_Demand | Stopped] -- C:\WINDOWS\SysNative\ntmssvc.dll -- (NtmsSvc)
SRV:64bit: - File not found [On_Demand | Stopped] -- C:\WINDOWS\SysNative\netdde.exe -- (NetDDEdsdm)
SRV:64bit: - File not found [On_Demand | Stopped] -- C:\WINDOWS\SysNative\netdde.exe -- (NetDDE)
SRV:64bit: - File not found [On_Demand | Stopped] -- C:\WINDOWS\SysNative\mnmsrvc.exe -- (mnmsrvc)
SRV:64bit: - File not found [Disabled | Stopped] -- C:\WINDOWS\SysNative\msgsvc.dll -- (Messenger)
SRV:64bit: - File not found [On_Demand | Stopped] -- C:\WINDOWS\SysNative\imapi.exe -- (ImapiService)
SRV:64bit: - File not found [On_Demand | Stopped] -- C:\WINDOWS\SysNative\w3ssl.dll -- (HTTPFilter)
SRV:64bit: - File not found [Auto | Running] -- C:\WINDOWS\SysNative\services.exe -- (Eventlog)
SRV:64bit: - File not found [Auto | Running] -- C:\WINDOWS\SysNative\ersvc.dll -- (ERSvc)
SRV:64bit: - File not found [Auto | Running] -- C:\WINDOWS\SysNative\dmserver.dll -- (dmserver)
SRV:64bit: - File not found [On_Demand | Stopped] -- C:\WINDOWS\SysNative\dmadmin.exe -- (dmadmin)
SRV:64bit: - File not found [On_Demand | Stopped] -- C:\WINDOWS\SysNative\clipsrv.exe -- (ClipSrv)
SRV:64bit: - File not found [Disabled | Stopped] -- C:\WINDOWS\SysNative\cisvc.exe -- (CiSvc)
SRV:64bit: - File not found [On_Demand | Stopped] -- C:\WINDOWS\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - File not found [Disabled | Stopped] -- C:\WINDOWS\SysNative\alrsvc.dll -- (Alerter)
SRV:64bit: - [2010/05/06 02:30:22 | 000,357,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2010/08/21 13:26:36 | 000,215,128 | ---- | M] () [Auto | Running] -- C:\WINDOWS\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2010/08/20 17:59:00 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\WINDOWS\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/03/18 14:27:14 | 001,020,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 14:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/07/26 06:43:14 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2008/07/25 10:13:44 | 000,046,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\aspnet_state.exe -- (aspnet_state)
SRV - [2007/02/17 00:44:20 | 000,077,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\pchsvc.dll -- (helpsvc)
SRV - [2006/10/18 20:05:24 | 000,913,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc)
SRV - [2005/03/25 05:00:00 | 000,162,816 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\iasrecst.dll -- (IASJet)
========== Driver Services (SafeList) ==========
DRV:64bit: - File not found [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\wdmaud.sys -- (wdmaud)
DRV:64bit: - File not found [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\DRIVERS\update.sys -- (Update)
DRV:64bit: - File not found [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\sysaudio.sys -- (sysaudio)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\swmidi.sys -- (swmidi)
DRV:64bit: - File not found [File_System | Boot | Running] -- C:\WINDOWS\SysNative\DRIVERS\sr.sys -- (sr)
DRV:64bit: - File not found [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\Drivers\sptd.sys -- (sptd)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\splitter.sys -- (splitter)
DRV:64bit: - File not found [Kernel | System | Running] -- C:\WINDOWS\SysNative\DRIVERS\redbook.sys -- (redbook)
DRV:64bit: - File not found [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\DRIVERS\raspti.sys -- (Raspti)
DRV:64bit: - File not found [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\DRIVERS\ptilink.sys -- (Ptilink)
DRV:64bit: - File not found [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\DRIVERS\psched.sys -- (PSched)
DRV:64bit: - File not found [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\DRIVERS\nvnetbus.sys -- (nvnetbus)
DRV:64bit: - File not found [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\DRIVERS\nvgts64.sys -- (nvgts64)
DRV:64bit: - File not found [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\DRIVERS\NVENETFD.sys -- (NVENETFD)
DRV:64bit: - File not found [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\DRIVERS\nv4_mini.sys -- (nv)
DRV:64bit: - File not found [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\DRIVERS\nic1394.sys -- (NIC1394)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\Monft64.sys -- (Monfilt64)
DRV:64bit: - File not found [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\DRIVERS\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - File not found [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\DRIVERS\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - File not found [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\Drivers\LBeepKE.sys -- (LBeepKE)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\kmixer.sys -- (kmixer)
DRV:64bit: - File not found [Kernel | System | Running] -- C:\WINDOWS\SysNative\DRIVERS\ipsec.sys -- (IPSec)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\DRIVERS\ipinip.sys -- (IpInIp)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\ip6fw.sys -- (Ip6Fw)
DRV:64bit: - File not found [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\RTKHDA64.SYS -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV:64bit: - File not found [Kernel | System | Running] -- C:\WINDOWS\SysNative\DRIVERS\imapi.sys -- (imapi)
DRV:64bit: - File not found [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\DRIVERS\msgpc.sys -- (Gpc)
DRV:64bit: - File not found [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\DRIVERS\ftdisk.sys -- (Ftdisk)
DRV:64bit: - File not found [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\dmload.sys -- (dmload)
DRV:64bit: - File not found [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\dmio.sys -- (dmio)
DRV:64bit: - File not found [Kernel | Disabled | Stopped] -- C:\WINDOWS\SysNative\drivers\dmboot.sys -- (dmboot)
DRV:64bit: - File not found [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\DRIVERS\CdaD10BA.sys -- (CdaD10BA)
DRV:64bit: - File not found [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\DRIVERS\CdaC15BA.sys -- (CdaC15BA)
DRV:64bit: - File not found [File_System | Auto | Running] -- C:\WINDOWS\SysNative\DRIVERS\avgntflt.sys -- (avgntflt)
DRV:64bit: - File not found [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\DRIVERS\audstub.sys -- (audstub)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\DRIVERS\atmarpc.sys -- (Atmarpc)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\DRIVERS\arp1394.sys -- (Arp1394)
DRV:64bit: - File not found [Kernel | System | Running] -- C:\WINDOWS\SysNative\DRIVERS\AmdPPM64.sys -- (AmdPPM64)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\Ambft64.sys -- (Ambfilt64)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\aec.sys -- (aec)
DRV - [2009/05/11 12:49:19 | 000,013,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgio64.sys -- (avgio)
DRV - [2005/03/25 05:00:00 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysWow64\mnmdd.dll -- (mnmdd)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.google.ca/"
FF - prefs.js..extensions.enabledItems: [email protected]:3.8.0.12304
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/08/15 21:00:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/08/15 21:00:14 | 000,000,000 | ---D | M]
[2010/07/14 17:09:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2010/08/21 13:37:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\39lh6fke.default\extensions
[2010/08/15 21:15:53 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\39lh6fke.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/08/13 22:06:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\39lh6fke.default\extensions\[email protected]
[2010/07/14 17:09:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/07/27 16:13:46 | 000,027,136 | ---- | M] (NHN USA Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
Hosts file not found
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll File not found
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll File not found
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [AlcWzrd] C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\SysNative\NvCpl.DLL File not found
O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\SysNative\NvMcTray.DLL File not found
O4:64bit: - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4:64bit: - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Logitech . Product Registration.lnk = C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x64/client/wuweb_site.cab?1279152780375 (WUWebControl Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1279152789546 (WUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\SysNative\wiascr.dll File not found
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UIHost - (%SystemRoot%\system32\logonui.exe) - C:\WINDOWS\SysNative\logonui.exe File not found
O20:64bit: - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: System - (lsass.exe) - File not found
O20:64bit: - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - File not found
O20:64bit: - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - File not found
O20:64bit: - Winlogon\Notify\cscdll: DllName - cscdll.dll - File not found
O20:64bit: - Winlogon\Notify\dimsntfy: DllName - dimsntfy.dll - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O20:64bit: - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - File not found
O20:64bit: - Winlogon\Notify\Schedule: DllName - wlnotify.dll - File not found
O20:64bit: - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - File not found
O20:64bit: - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - File not found
O20:64bit: - Winlogon\Notify\termsrv: DllName - Reg Error: Key error. - File not found
O20:64bit: - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - File not found
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - File not found
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - File not found
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - File not found
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - File not found
O21:64bit: - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\SysNative\stobject.dll File not found
O21:64bit: - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\SysNative\WPDShServiceObj.dll File not found
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Windows XP.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Windows XP.bmp
O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/07/14 07:47:24 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/07/16 15:13:07 | 001,246,440 | R--- | M] (BioWare) - D:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2009/04/13 20:17:18 | 000,000,058 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010/08/21 14:10:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SIW
[2010/08/20 14:16:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavalys
[2010/08/20 13:26:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dragon Age
[2010/08/20 13:26:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare
[2010/08/20 13:15:41 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_7.dll
[2010/08/20 13:15:41 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAPOFX1_5.dll
[2010/08/20 13:15:40 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_43.dll
[2010/08/20 13:15:40 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_7.dll
[2010/08/20 13:15:39 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dcsx_43.dll
[2010/08/20 13:15:39 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx11_43.dll
[2010/08/20 13:15:38 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_43.dll
[2010/08/20 13:15:36 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_43.dll
[2010/08/20 13:15:13 | 000,000,000 | -H-D | C] -- C:\WINDOWS\msdownld.tmp
[2010/08/20 13:15:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\directx
[2010/08/17 23:00:35 | 013,611,008 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvogl32.dll
[2010/08/17 23:00:35 | 000,061,440 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysWow64\OpenCL.dll
[2010/08/17 23:00:33 | 010,260,480 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2010/08/17 23:00:33 | 004,595,712 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuda.dll
[2010/08/17 23:00:33 | 002,914,408 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvid.dll
[2010/08/17 23:00:33 | 002,506,344 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvenc.dll
[2010/08/17 23:00:31 | 001,388,544 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvapi.dll
[2010/08/17 20:46:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\eSupport.com
[2010/08/17 16:13:59 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010/08/17 16:03:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver Cleaner Pro
[2010/08/17 15:42:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Avira
[2010/08/16 22:29:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\BioWare
[2010/08/16 22:27:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\BioWare
[2010/08/16 22:27:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\1C4551A64743409391E41477CD655043.TMP
[2010/08/16 22:27:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2010/08/16 19:30:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Medal of Honor MP Beta
[2010/08/16 03:37:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\PunkBuster
[2010/08/16 03:37:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\BFBC2
[2010/08/15 23:21:59 | 000,475,752 | ---- | C] (Realtek Semiconductor Crop.) -- C:\WINDOWS\vncutil64.exe
[2010/08/15 23:21:59 | 000,177,768 | ---- | C] (Realtek Semiconductor) -- C:\WINDOWS\RtkAudioService64.exe
[2010/08/15 23:21:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LogiShrd
[2010/08/15 23:21:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Leadertech
[2010/08/15 23:20:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\LogiShrd
[2010/08/15 23:20:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Logishrd
[2010/08/15 23:20:43 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2010/08/15 23:20:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LogiShrd
[2010/08/15 23:20:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Logitech
[2010/08/15 23:20:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Logishrd
[2010/08/15 21:33:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver-Soft
[2010/08/15 21:18:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\DriverGenius
[2010/08/15 12:17:42 | 000,000,000 | ---D | C] -- C:\9482513de45025f934f7a411cf
[2010/08/14 18:17:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\NVIDIA
[2010/08/14 12:33:49 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\WINDOWS\SysWow64\drivers\avgntdd.sys
[2010/08/14 12:33:49 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\WINDOWS\SysWow64\drivers\avgntmgr.sys
[2010/08/14 12:33:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2010/08/14 12:33:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2010/08/14 11:42:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\76561198028968467
[2010/08/14 11:41:51 | 000,444,952 | ---- | C] (Creative Labs) -- C:\WINDOWS\SysWow64\wrap_oal.dll
[2010/08/14 11:41:51 | 000,109,080 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\SysWow64\OpenAL32.dll
[2010/08/14 11:41:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2010/08/14 11:41:45 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx11_42.dll
[2010/08/14 11:41:44 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_42.dll
[2010/08/14 11:41:11 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_32.dll
[2010/08/14 03:17:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Isotx
[2010/08/14 02:50:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\The Creative Assembly
[2010/08/14 02:19:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010/08/14 02:05:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\AskToolbar
[2010/08/14 01:51:18 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_6.dll
[2010/08/14 01:51:18 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAPOFX1_4.dll
[2010/08/14 01:51:17 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_6.dll
[2010/08/14 01:51:17 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\X3DAudio1_7.dll
[2010/08/14 01:51:16 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_5.dll
[2010/08/14 01:51:15 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_5.dll
[2010/08/14 01:51:14 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dcsx_42.dll
[2010/08/14 01:51:14 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_42.dll
[2010/08/14 01:51:13 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_42.dll
[2010/08/14 01:51:12 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_41.dll
[2010/08/14 01:51:12 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_41.dll
[2010/08/14 01:51:11 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_41.dll
[2010/08/14 01:51:11 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_4.dll
[2010/08/14 01:51:11 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAPOFX1_3.dll
[2010/08/14 01:51:10 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_4.dll
[2010/08/14 01:51:10 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\X3DAudio1_6.dll
[2010/08/14 01:51:09 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_40.dll
[2010/08/14 01:51:09 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_40.dll
[2010/08/14 01:51:08 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_40.dll
[2010/08/14 01:51:08 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_3.dll
[2010/08/14 01:51:08 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAPOFX1_2.dll
[2010/08/14 01:51:07 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_3.dll
[2010/08/14 01:51:07 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\X3DAudio1_5.dll
[2010/08/14 01:51:06 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_2.dll
[2010/08/14 01:51:06 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_2.dll
[2010/08/14 01:51:06 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAPOFX1_1.dll
[2010/08/14 01:51:05 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_39.dll
[2010/08/14 01:51:05 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_39.dll
[2010/08/14 01:51:04 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_39.dll
[2010/08/14 01:51:04 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_1.dll
[2010/08/14 01:51:04 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAPOFX1_0.dll
[2010/08/14 01:51:03 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_1.dll
[2010/08/14 01:51:03 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\X3DAudio1_4.dll
[2010/08/14 01:51:02 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_38.dll
[2010/08/14 01:51:02 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_38.dll
[2010/08/14 01:51:01 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_38.dll
[2010/08/14 01:51:01 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_0.dll
[2010/08/14 01:51:01 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_0.dll
[2010/08/14 01:51:00 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\X3DAudio1_3.dll
[2010/08/14 01:50:59 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_37.dll
[2010/08/14 01:50:59 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_37.dll
[2010/08/14 01:50:59 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_37.dll
[2010/08/14 01:50:58 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_10.dll
[2010/08/14 01:50:57 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_36.dll
[2010/08/14 01:50:57 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_36.dll
[2010/08/14 01:50:56 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_36.dll
[2010/08/14 01:50:56 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_9.dll
[2010/08/14 01:50:55 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_35.dll
[2010/08/14 01:50:55 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_35.dll
[2010/08/14 01:50:54 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_35.dll
[2010/08/14 01:50:54 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_8.dll
[2010/08/14 01:50:54 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\X3DAudio1_2.dll
[2010/08/14 01:50:53 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_34.dll
[2010/08/14 01:50:53 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_34.dll
[2010/08/14 01:50:53 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_34.dll
[2010/08/14 01:50:52 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xinput1_3.dll
[2010/08/14 01:50:51 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_7.dll
[2010/08/14 01:50:50 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_33.dll
[2010/08/14 01:50:50 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_33.dll
[2010/08/14 01:50:49 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_33.dll
[2010/08/14 01:50:48 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_6.dll
[2010/08/14 01:50:47 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_5.dll
[2010/08/14 01:50:46 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_4.dll
[2010/08/14 01:50:46 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\x3daudio1_1.dll
[2010/08/14 01:50:45 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_31.dll
[2010/08/14 01:50:44 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_3.dll
[2010/08/14 01:50:44 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xinput1_2.dll
[2010/08/14 01:50:43 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_2.dll
[2010/08/14 01:50:43 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xinput1_1.dll
[2010/08/14 01:50:41 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_1.dll
[2010/08/14 01:50:36 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_30.dll
[2010/08/14 01:50:35 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_29.dll
[2010/08/14 01:50:35 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_28.dll
[2010/08/14 01:50:35 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_0.dll
[2010/08/14 01:50:35 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\x3daudio1_0.dll
[2010/08/14 01:50:34 | 000,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xinput9_1_0.dll
[2010/08/14 01:50:33 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_25.dll
[2010/08/14 01:50:33 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_27.dll
[2010/08/14 01:50:33 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_26.dll
[2010/08/14 01:50:31 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_24.dll
[2010/08/14 01:50:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2010/08/14 01:36:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010/08/14 01:14:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2010/08/14 01:03:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Philipp Winterberg
[2010/08/14 01:03:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free RAR Extract Frog
[2010/08/13 22:44:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2010/08/13 22:43:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\DAEMON Tools Lite
[2010/08/13 22:43:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010/08/13 22:15:49 | 000,713,312 | ---- | C] (NHN USA) -- C:\WINDOWS\SysWow64\ijjiSetup.exe
[2010/08/13 22:15:49 | 000,062,048 | ---- | C] (NHN USA Inc.) -- C:\WINDOWS\SysWow64\ijjiProcessRestarter.exe
[2010/08/13 22:15:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\REACTOR
[2010/08/13 22:06:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2010/08/13 22:06:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2010/08/13 22:05:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\uTorrent
[2010/08/13 22:01:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Macromedia
[2010/08/13 22:01:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Adobe
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010/08/21 14:10:39 | 000,000,652 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\SIW.lnk
[2010/08/21 13:26:36 | 000,215,128 | ---- | M] () -- C:\WINDOWS\SysWow64\PnkBstrB.xtr
[2010/08/21 13:26:36 | 000,215,128 | ---- | M] () -- C:\WINDOWS\SysWow64\PnkBstrB.exe
[2010/08/21 13:01:00 | 000,000,262 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010/08/21 12:39:57 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/21 12:39:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/21 11:55:31 | 001,835,008 | -H-- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT
[2010/08/20 19:30:40 | 005,857,290 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2010/08/20 18:00:42 | 000,000,078 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Battlefield Bad Company 2.url
[2010/08/20 17:59:00 | 000,075,064 | ---- | M] () -- C:\WINDOWS\SysWow64\PnkBstrA.exe
[2010/08/20 14:16:30 | 000,000,797 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\EVEREST Home Edition.lnk
[2010/08/20 13:45:02 | 000,000,801 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Dragon Age Origins.lnk
[2010/08/20 13:45:02 | 000,000,783 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Dragon Age Origins.lnk
[2010/08/20 13:04:52 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010/08/18 21:00:22 | 000,000,076 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Alien Swarm.url
[2010/08/18 20:59:54 | 000,002,261 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Steam.lnk
[2010/08/17 23:37:29 | 000,000,981 | ---- | M] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2010/08/17 16:03:46 | 000,001,710 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Driver Cleaner Pro.lnk
[2010/08/17 16:03:46 | 000,001,692 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Driver Cleaner Pro.lnk
[2010/08/15 23:21:09 | 000,000,970 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/08/15 21:33:52 | 000,000,806 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Driver Genius Professional Edition.lnk
[2010/08/15 14:40:35 | 000,590,852 | ---- | M] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2010/08/14 12:33:56 | 000,001,761 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk
[2010/08/14 11:41:51 | 000,444,952 | ---- | M] (Creative Labs) -- C:\WINDOWS\SysWow64\wrap_oal.dll
[2010/08/14 11:41:51 | 000,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\SysWow64\OpenAL32.dll
[2010/08/14 01:42:27 | 000,001,667 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\DAEMON Tools Lite.lnk
[2010/08/14 01:03:01 | 000,000,863 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Free RAR Extract Frog.lnk
[2010/08/13 22:06:04 | 000,000,678 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2010/07/28 18:27:58 | 001,833,576 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SkyTel.exe
[2010/07/28 18:27:58 | 000,475,752 | ---- | M] (Realtek Semiconductor Crop.) -- C:\WINDOWS\vncutil64.exe
[2010/07/28 18:27:58 | 000,084,584 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
[2010/07/28 18:27:48 | 009,721,960 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTLCPL.EXE
[2010/07/28 18:27:48 | 001,679,976 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlUpd64.exe
[2010/07/28 18:27:48 | 000,891,496 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysWow64\RTSndMgr.CPL
[2010/07/28 18:27:24 | 000,177,768 | ---- | M] (Realtek Semiconductor) -- C:\WINDOWS\RtkAudioService64.exe
[2010/07/28 18:27:12 | 002,180,712 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\MicCal.exe
[2010/07/28 18:27:12 | 000,285,288 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysWow64\ALSNDMGR.CPL
[2010/07/28 18:27:12 | 000,044,136 | ---- | M] () -- C:\WINDOWS\CPLUTL64.EXE
[2010/07/28 18:27:02 | 002,815,592 | ---- | M] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE
[2010/07/28 18:27:02 | 000,064,104 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCMTR.EXE
[2010/07/27 13:54:00 | 001,251,944 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlExUpd.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010/08/21 14:10:39 | 000,000,652 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\SIW.lnk
[2010/08/20 18:00:42 | 000,000,078 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Battlefield Bad Company 2.url
[2010/08/20 14:16:30 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\EVEREST Home Edition.lnk
[2010/08/20 13:45:02 | 000,000,801 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Dragon Age Origins.lnk
[2010/08/20 13:45:02 | 000,000,783 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Dragon Age Origins.lnk
[2010/08/18 21:00:22 | 000,000,076 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Alien Swarm.url
[2010/08/17 23:37:29 | 000,000,981 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2010/08/17 16:03:46 | 000,001,710 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Driver Cleaner Pro.lnk
[2010/08/17 16:03:46 | 000,001,692 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Driver Cleaner Pro.lnk
[2010/08/16 03:37:23 | 000,215,128 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrB.xtr
[2010/08/16 03:36:37 | 000,215,128 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrB.exe
[2010/08/16 03:36:36 | 000,075,064 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrA.exe
[2010/08/15 23:17:24 | 005,624,832 | ---- | C] () -- C:\WINDOWS\System\DriveIcon.dll
[2010/08/15 23:17:24 | 000,005,430 | ---- | C] () -- C:\WINDOWS\System\MyMulti.ico
[2010/08/15 21:33:52 | 000,000,806 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Driver Genius Professional Edition.lnk
[2010/08/14 12:33:56 | 000,001,761 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk
[2010/08/14 01:42:27 | 000,001,667 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\DAEMON Tools Lite.lnk
[2010/08/14 01:15:36 | 000,002,261 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Steam.lnk
[2010/08/14 01:03:01 | 000,000,863 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Free RAR Extract Frog.lnk
[2010/08/13 22:06:14 | 000,000,262 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010/08/13 22:06:04 | 000,000,678 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2010/07/14 18:23:27 | 000,590,852 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2006/01/01 00:18:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PAVSHRB.INI
[2005/03/25 05:00:00 | 001,278,464 | ---- | C] () -- C:\WINDOWS\SysWow64\quartz.dll
[2005/03/25 05:00:00 | 000,733,696 | ---- | C] () -- C:\WINDOWS\SysWow64\qedwipes.dll
[2005/03/25 05:00:00 | 000,512,512 | ---- | C] () -- C:\WINDOWS\SysWow64\qedit.dll
[2005/03/25 05:00:00 | 000,498,742 | ---- | C] () -- C:\WINDOWS\SysWow64\dxmasf.dll
[2005/03/25 05:00:00 | 000,396,288 | ---- | C] () -- C:\WINDOWS\SysWow64\encdec.dll
[2005/03/25 05:00:00 | 000,385,536 | ---- | C] () -- C:\WINDOWS\SysWow64\qdvd.dll
[2005/03/25 05:00:00 | 000,355,112 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2005/03/25 05:00:00 | 000,279,040 | ---- | C] () -- C:\WINDOWS\SysWow64\qdv.dll
[2005/03/25 05:00:00 | 000,276,992 | ---- | C] () -- C:\WINDOWS\SysWow64\sbe.dll
[2005/03/25 05:00:00 | 000,199,168 | ---- | C] () -- C:\WINDOWS\SysWow64\ir32_32.dll
[2005/03/25 05:00:00 | 000,192,512 | ---- | C] () -- C:\WINDOWS\SysWow64\qcap.dll
[2005/03/25 05:00:00 | 000,114,688 | ---- | C] () -- C:\WINDOWS\SysWow64\msencode.dll
[2005/03/25 05:00:00 | 000,072,704 | ---- | C] () -- C:\WINDOWS\SysWow64\amstream.dll
[2005/03/25 05:00:00 | 000,062,464 | ---- | C] () -- C:\WINDOWS\SysWow64\mciqtz32.dll
[2005/03/25 05:00:00 | 000,061,440 | ---- | C] () -- C:\WINDOWS\SysWow64\devenum.dll
[2005/03/25 05:00:00 | 000,016,896 | ---- | C] () -- C:\WINDOWS\SysWow64\tsd32.dll
[2005/03/25 05:00:00 | 000,014,336 | ---- | C] () -- C:\WINDOWS\SysWow64\msdmo.dll
[2005/03/25 05:00:00 | 000,004,126 | ---- | C] () -- C:\WINDOWS\SysWow64\msdxmlc.dll
< End of report >
OTL Extras logfile created on: 8/21/2010 2:16:43 PM - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\Administrator\My Documents\Downloads
64bit-Windows Server 2003 Service Pack 2 (Version = 5.2.3790) - Type = NTWorkstation
Internet Explorer (Version = 6.0.3790.3959)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 81.00% Memory free
8.00 Gb Paging File | 7.00 Gb Available in Paging File | 92.00% Paging File free
Paging file location(s): c:\pagefile.sys 4092 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298.08 Gb Total Space | 243.35 Gb Free Space | 81.64% Space Free | Partition Type: NTFS
Drive D: | 7.71 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: RANDY-57XSHHBZQ
Current User Name: Administrator
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* File not found
exefile [open] -- "%1" %* File not found
htmlfile [edit] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 File not found
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l File not found
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- File not found
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- File not found
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- File not found
"C:\Program Files (x86)\uTorrent\uTorrent.exe" = C:\Program Files (x86)\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files (x86)\Steam\Steam.exe" = C:\Program Files (x86)\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\WINDOWS\SysWOW64\PnkBstrA.exe" = C:\WINDOWS\SysWOW64\PnkBstrA.exe:*:Enabled:PnkBstrA -- ()
"C:\WINDOWS\SysWOW64\PnkBstrB.exe" = C:\WINDOWS\SysWOW64\PnkBstrB.exe:*:Enabled:PnkBstrB -- ()
"C:\Program Files (x86)\Steam\steamapps\common\alien swarm\swarm.exe" = C:\Program Files (x86)\Steam\steamapps\common\alien swarm\swarm.exe:*:Enabled:Alien Swarm -- ()
"C:\Program Files (x86)\Steam\steamapps\common\alien swarm\srcds.exe" = C:\Program Files (x86)\Steam\steamapps\common\alien swarm\srcds.exe:*:Enabled:Alien Swarm Dedicated Server -- ()
"C:\Program Files (x86)\Dragon Age\bin_ship\daorigins.exe" = C:\Program Files (x86)\Dragon Age\bin_ship\daorigins.exe:*:Enabled:Dragon Age Origins Game -- (BioWare)
"C:\Program Files (x86)\Dragon Age\DAOriginsLauncher.exe" = C:\Program Files (x86)\Dragon Age\DAOriginsLauncher.exe:*:Enabled:Dragon Age Origins Launcher -- (BioWare)
"C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe" = C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Origins Updater -- (BioWare)
"C:\Program Files (x86)\Steam\steamapps\common\battlefield bad company 2\BFBC2Game.exe" =
-
Please supply the Exact Make and model of computer that your running
-
The computer is custom
Windows XP x64
ABIT KN9 SLI motherboard( Nvidia Nforce 570 SLI MCP)
-
Also under SCSI and RAID controllers there was a yellow exclamation next to my IDE controller so I auto installed a driver which was a driver from 2002 so I tried to update it and I got an error saying the specified service does not exist as an installed device so I just reinstalled the 2002 driver.
Your logs read as your running 64bit-Windows Server 2003 Service Pack 2
Please go to the following link
http://www.abit.com.tw/page/uk/download/download_driver_detail.php?pFILE_TYPE=Driver&pMAIN_TYPE=Motherboard&pTITLE_ON_SCREEN=KN9+SLI&pSOCKET_TYPE=Socket%20AM2
Near the bottom of the page is the link to drivers for
nForece500 Series Chipset Driver
Save the download under Win2003 64bit / WinXP 64bit to your desktop
Extract the contents and run the Setup file, follow the prompts and reboot afterwards
See if that gets rid of the yellow exclamation marks