Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - rambag3

Pages: [1] 2 3

Tech Clinic / 2nd GPU running at 99% load

« on: July 05, 2014, 09:59:28 PM »

Everything seems fine, the big problem is, the 99% load was very random and only started a couple of weeks ago. So it\'s hard to know if anything was fixed.

I will update you if anything changes. What did you have me remove if I may ask?

Tech Clinic / 2nd GPU running at 99% load

« on: July 05, 2014, 09:44:10 PM »

All processes killed

========== OTL ==========

Prefs.js: TFToolbarX%40torrent-finder:1.3.1 removed from extensions.enabledAddons

Prefs.js: ex1%40icrewmax.com:3.6 removed from extensions.enabledAddons

Prefs.js: %7B37fa1426-b82d-11db-8314-0800200c9a66%7D:3.4.2 removed from extensions.enabledAddons

Prefs.js: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.8.31 removed from extensions.enabledAddons

Prefs.js: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0 removed from extensions.enabledAddons

Registry key HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\MountPoints2\\{5625bff4-8119-11e2-a428-50e549e97722}\\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{5625bff4-8119-11e2-a428-50e549e97722}\\ not found.

Registry key HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\MountPoints2\\{5625bff4-8119-11e2-a428-50e549e97722}\\ not found.

Registry key HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{5625bff4-8119-11e2-a428-50e549e97722}\\ not found.

File H:\\ToolLauncher-Bootstrap.exe not found.

Registry key HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\MountPoints2\\{8fec731b-8330-11e1-982c-806e6f6e6963}\\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{8fec731b-8330-11e1-982c-806e6f6e6963}\\ not found.

Registry key HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\MountPoints2\\{8fec731b-8330-11e1-982c-806e6f6e6963}\\ not found.

Registry key HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{8fec731b-8330-11e1-982c-806e6f6e6963}\\ not found.

File D:\\Run.exe not found.

Registry key HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\MountPoints2\\{a0a3cf5c-c480-11e2-b96d-50e549e97722}\\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{a0a3cf5c-c480-11e2-b96d-50e549e97722}\\ not found.

Registry key HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\MountPoints2\\{a0a3cf5c-c480-11e2-b96d-50e549e97722}\\ not found.

Registry key HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{a0a3cf5c-c480-11e2-b96d-50e549e97722}\\ not found.

File J:\\VZW_Software_upgrade_assistant.exe not found.

Registry key HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\MountPoints2\\J\\ deleted successfully.

Registry key HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\MountPoints2\\J\\ not found.

File J:\\VZW_Software_upgrade_assistant.exe not found.

========== FILES ==========

< ipconfig /flushdns /c >

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

C:\\Users\\Evan Kopilow\\Desktop\\cmd.bat deleted successfully.

C:\\Users\\Evan Kopilow\\Desktop\\cmd.txt deleted successfully.

========== COMMANDS ==========

Error: Unable to interpret <[EmptyJava}> in the current context!

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Evan Kopilow

->Flash cache emptied: 61148 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb

[EMPTYTEMP]

User: All Users

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Evan Kopilow

->Temp folder emptied: 2585068008 bytes

->Temporary Internet Files folder emptied: 7089811 bytes

->Java cache emptied: 149158085 bytes

->FireFox cache emptied: 390454767 bytes

->Apple Safari cache emptied: 123629568 bytes

->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\\System32 .tmp files removed: 0 bytes

%systemroot%\\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\\System32\\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 798809692 bytes

%systemroot%\\sysnative\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files folder emptied: 36073306 bytes

RecycleBin emptied: 0 bytes

Total Files Cleaned = 3,901.00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 07052014_223749

Files\\Folders moved on Reboot...

C:\\Users\\Evan Kopilow\\AppData\\Local\\Temp\\FXSAPIDebugLogFile.txt moved successfully.

File move failed. C:\\Users\\Evan Kopilow\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\counters.dat scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Tech Clinic / 2nd GPU running at 99% load

« on: July 05, 2014, 03:52:16 PM »

OTL logfile created on: 7/5/2014 4:47:45 PM - Run 2

OTL by OldTimer - Version 3.2.69.0 Folder = C:\\Users\\Evan Kopilow\\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.11.9600.17126)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

15.92 Gb Total Physical Memory | 13.05 Gb Available Physical Memory | 81.98% Memory free

31.84 Gb Paging File | 28.66 Gb Available in Paging File | 90.01% Paging File free

Paging file location(s): c:\\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\\Windows | %ProgramFiles% = C:\\Program Files (x86)

Drive C: | 232.78 Gb Total Space | 146.13 Gb Free Space | 62.77% Space Free | Partition Type: NTFS

Drive D: | 931.51 Gb Total Space | 622.20 Gb Free Space | 66.80% Space Free | Partition Type: NTFS

Drive E: | 931.51 Gb Total Space | 865.01 Gb Free Space | 92.86% Space Free | Partition Type: NTFS

Drive F: | 111.79 Gb Total Space | 71.39 Gb Free Space | 63.86% Space Free | Partition Type: NTFS

Drive G: | 702.83 Mb Total Space | 479.74 Mb Free Space | 68.26% Space Free | Partition Type: UDF

Drive H: | 55.90 Gb Total Space | 45.11 Gb Free Space | 80.70% Space Free | Partition Type: NTFS

Computer Name: LJSMONSTER | User Name: Evan Kopilow | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/07/02 00:39:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\\Users\\Evan Kopilow\\Desktop\\OTL.exe

PRC - [2014/06/30 17:46:52 | 000,542,400 | ---- | M] (Valve Corporation) -- C:\\Program Files (x86)\\Common Files\\Steam\\SteamService.exe

PRC - [2014/06/30 17:46:50 | 001,753,280 | ---- | M] (Valve Corporation) -- D:\\Program Files (x86)\\Steam\\Steam.exe

PRC - [2014/06/18 02:23:31 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe

PRC - [2014/06/10 16:25:03 | 001,176,632 | ---- | M] (Spotify Ltd) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe

PRC - [2014/05/31 16:26:48 | 000,585,048 | ---- | M] (Razer Inc.) -- C:\\Program Files (x86)\\Razer\\Synapse\\RzSynapse.exe

PRC - [2014/05/21 09:32:02 | 001,721,416 | ---- | M] (Verizon) -- C:\\Program Files (x86)\\Verizon\\IHA_MessageCenter\\Bin\\VzDetectAgent.exe

PRC - [2014/05/19 20:45:22 | 033,322,312 | ---- | M] (Dropbox, Inc.) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe

PRC - [2014/05/19 20:34:36 | 004,737,440 | ---- | M] (Samsung Electronics.) -- C:\\Program Files (x86)\\Samsung Magician\\Samsung Magician.exe

PRC - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\armsvc.exe

PRC - [2013/10/15 19:06:12 | 001,016,712 | ---- | M] (Flux Software LLC) -- C:\\Users\\Evan Kopilow\\AppData\\Local\\FluxSoftware\\Flux\\flux.exe

PRC - [2013/03/15 15:28:12 | 004,683,768 | ---- | M] (Almico Software (www.almico.com)) -- D:\\Program Files (x86)\\SpeedFan\\speedfan.exe

PRC - [2011/08/08 17:39:32 | 002,656,536 | ---- | M] (Intel Corporation) -- C:\\Program Files (x86)\\Intel\\Intel(R) Management Engine Components\\UNS\\UNS.exe

PRC - [2011/08/08 17:39:26 | 000,325,912 | ---- | M] (Intel Corporation) -- C:\\Program Files (x86)\\Intel\\Intel(R) Management Engine Components\\LMS\\LMS.exe

PRC - [2010/04/22 15:05:26 | 001,011,712 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\\Program Files (x86)\\GIGABYTE\\smart6\\timelock\\AlarmClock.exe

PRC - [2009/10/13 16:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\\Program Files (x86)\\GIGABYTE\\smart6\\timelock\\TimeMgmtDaemon.exe

========== Modules (No Company Name) ==========

MOD - [2014/07/05 15:15:02 | 000,192,512 | ---- | M] () -- C:\\Users\\Evan Kopilow\\AppData\\Local\\Temp\\sfamcc00001.dll

MOD - [2014/07/05 15:15:02 | 000,158,720 | ---- | M] () -- C:\\Users\\Evan Kopilow\\AppData\\Local\\Temp\\sfareca00001.dll

MOD - [2014/07/05 15:14:33 | 000,043,008 | ---- | M] () -- c:\\Users\\Evan Kopilow\\AppData\\Local\\Temp\\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmp_v8c.dll

MOD - [2014/06/30 17:47:12 | 002,139,328 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\video.dll

MOD - [2014/06/30 17:46:52 | 001,116,864 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\bin\\chromehtml.dll

MOD - [2014/06/26 18:40:28 | 000,764,416 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\SDL2.dll

MOD - [2014/06/18 02:23:19 | 003,852,912 | ---- | M] () -- C:\\Program Files (x86)\\Mozilla Firefox\\mozjs.dll

MOD - [2014/05/30 21:27:20 | 001,116,672 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\libavcodec-55.dll

MOD - [2014/05/30 21:27:20 | 000,438,784 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\libavutil-53.dll

MOD - [2014/05/30 21:27:20 | 000,399,360 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\libavformat-55.dll

MOD - [2014/05/30 21:27:20 | 000,331,264 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\libavresample-1.dll

MOD - [2014/05/19 20:20:50 | 000,103,424 | ---- | M] () -- C:\\Program Files (x86)\\Samsung Magician\\PAL.dll

MOD - [2014/05/19 20:20:10 | 000,039,424 | ---- | M] () -- C:\\Program Files (x86)\\Samsung Magician\\SATA.dll

MOD - [2014/05/19 20:20:10 | 000,031,232 | ---- | M] () -- C:\\Program Files (x86)\\Samsung Magician\\SMINI.dll

MOD - [2014/05/19 20:19:48 | 000,029,696 | ---- | M] () -- C:\\Program Files (x86)\\Samsung Magician\\SAS.dll

MOD - [2014/05/19 20:19:46 | 000,038,400 | ---- | M] () -- C:\\Program Files (x86)\\Samsung Magician\\SAT.dll

MOD - [2014/05/06 11:24:38 | 000,013,824 | ---- | M] () -- C:\\Program Files (x86)\\Samsung Magician\\SAMSUNG_SSD.dll

MOD - [2014/05/01 19:35:22 | 020,628,160 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\bin\\libcef.dll

MOD - [2014/04/28 20:37:22 | 000,519,168 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\libswscale-2.dll

MOD - [2014/02/12 13:56:33 | 000,399,872 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Xml.Linq\\b6c7a1ca929c1b10f36b683c9f1a0517\\System.Xml.Linq.ni.dll

MOD - [2014/02/12 13:56:15 | 000,190,976 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\UIAutomationTypes\\75b6a68103e1b76063d9f69b8275ae61\\UIAutomationTypes.ni.dll

MOD - [2014/02/12 13:56:14 | 000,018,944 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\Presentatio49d6fefe#\\47e7fc401facd4a5d3f2237f16948f36\\PresentationFramework-SystemXml.ni.dll

MOD - [2014/02/12 13:56:14 | 000,014,336 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\Presentatio4b37ff64#\\0d3cb1df8b6af32cebdc6e2cc4948c69\\PresentationFramework-SystemXmlLinq.ni.dll

MOD - [2014/02/12 00:24:08 | 018,813,440 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\Presentatio5ae0f00f#\\a4b45c44490c75bc2fb22780e7ef087d\\PresentationFramework.ni.dll

MOD - [2014/02/12 00:24:01 | 001,889,792 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Xaml\\3fe705796c6a41d4889d9001d1c56af8\\System.Xaml.ni.dll

MOD - [2014/02/12 00:23:59 | 012,894,208 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Windows.Forms\\f4f6ee0df2aa4189bf36e6335cb92761\\System.Windows.Forms.ni.dll

MOD - [2014/02/12 00:23:59 | 001,180,672 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Management\\0893e0e7137e3b2da905da6216b75344\\System.Management.ni.dll

MOD - [2014/02/12 00:23:55 | 011,025,920 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\PresentationCore\\a74542efbeb46445949a39026c501132\\PresentationCore.ni.dll

MOD - [2014/02/12 00:23:50 | 006,990,336 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Core\\dce99d8de14d8a015313db98c72552ee\\System.Core.ni.dll

MOD - [2014/02/12 00:23:50 | 001,644,544 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Drawing\\5cd2aee5e7c07227c694d89219688ab3\\System.Drawing.ni.dll

MOD - [2014/02/12 00:23:49 | 007,662,080 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Xml\\bada32953bb6b16a53d653eae23d78dc\\System.Xml.ni.dll

MOD - [2014/02/12 00:23:49 | 000,806,400 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Servd1dec626#\\34b53ecafa1d7ccc7ca961d722b5d983\\System.ServiceModel.Internals.ni.dll

MOD - [2014/02/12 00:23:49 | 000,122,880 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\SMDiagnostics\\78652b7fa68ee058bff6a118c657f565\\SMDiagnostics.ni.dll

MOD - [2014/02/12 00:23:48 | 002,825,216 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Runteb92aa12#\\f6d7bb59f318c130d68816a89335d05e\\System.Runtime.Serialization.ni.dll

MOD - [2014/02/12 00:23:47 | 003,950,080 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\WindowsBase\\acf97bfe2a931d4a47253b26b7218991\\WindowsBase.ni.dll

MOD - [2014/02/12 00:23:45 | 000,470,528 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\Presentatio1c9175f8#\\75f8bc4cf08030c4a53b6d5e0ae20046\\PresentationFramework.Aero.ni.dll

MOD - [2014/02/12 00:23:44 | 010,060,800 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System\\ff26cc03e6d57d8abd13b990332e67c6\\System.ni.dll

MOD - [2014/02/12 00:23:44 | 000,976,384 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Configuration\\bbc48ec4245e502ae19b0601d3799c9e\\System.Configuration.ni.dll

MOD - [2014/02/12 00:23:39 | 016,953,856 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\mscorlib\\ce5f61c5754789df97be8dc991c47d07\\mscorlib.ni.dll

MOD - [2014/01/20 14:17:04 | 000,073,544 | ---- | M] () -- C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\zlib1.dll

MOD - [2014/01/20 14:16:38 | 001,044,808 | ---- | M] () -- C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\libxml2.dll

MOD - [2014/01/02 21:09:26 | 003,610,624 | ---- | M] () -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Dropbox\\bin\\wxmsw28uh_vc.dll

MOD - [2013/08/23 15:01:44 | 025,100,288 | ---- | M] () -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Dropbox\\bin\\libcef.dll

MOD - [2013/06/14 19:49:12 | 001,100,800 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\bin\\avcodec-53.dll

MOD - [2013/06/14 19:49:12 | 000,192,000 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\bin\\avformat-53.dll

MOD - [2013/06/14 19:49:12 | 000,124,416 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\bin\\avutil-51.dll

========== Services (SafeList) ==========

SRV:64bit: - [2014/05/30 05:21:05 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\\Windows\\SysNative\\IEEtwCollector.exe -- (IEEtwCollectorService)

SRV:64bit: - [2014/03/11 12:34:10 | 000,347,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\\Program Files\\Microsoft Security Client\\NisSrv.exe -- (NisSrv)

SRV:64bit: - [2014/03/11 12:34:10 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe -- (MsMpSvc)

SRV:64bit: - [2013/12/06 16:52:10 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\\Windows\\SysNative\\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\\Program Files\\Windows Defender\\MpSvc.dll -- (WinDefend)

SRV:64bit: - [2013/04/21 14:23:50 | 000,182,848 | ---- | M] (Soluto) [Auto | Running] -- C:\\Program Files\\Soluto\\SolutoLauncherService.exe -- (SolutoLauncherService)

SRV:64bit: - [2013/04/21 14:23:48 | 000,721,472 | ---- | M] (Soluto) [Auto | Running] -- C:\\Program Files\\Soluto\\SolutoService.exe -- (SolutoService)

SRV:64bit: - [2013/04/21 14:16:00 | 001,245,248 | ---- | M] (Soluto) [On_Demand | Stopped] -- C:\\Program Files\\Soluto\\SolutoRemoteService.exe -- (SolutoRemoteService)

SRV:64bit: - [2010/04/06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\\Windows\\SysNative\\AppleChargerSrv.exe -- (AppleChargerSrv)

SRV - [2014/06/30 17:46:52 | 000,542,400 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\\Program Files (x86)\\Common Files\\Steam\\SteamService.exe -- (Steam Client Service)

SRV - [2014/06/18 02:23:30 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\\Program Files (x86)\\Mozilla Maintenance Service\\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2014/06/11 10:48:44 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2014/05/21 09:32:04 | 000,358,984 | ---- | M] (Verizon) [Auto | Running] -- C:\\Program Files (x86)\\Verizon\\IHA_MessageCenter\\Bin\\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)

SRV - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\armsvc.exe -- (AdobeARMservice)

SRV - [2013/11/07 02:52:56 | 000,279,000 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\\Windows\\SysWOW64\\IntelCpHeciSvc.exe -- (cphs)

SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [On_Demand | Stopped] -- C:\\Program Files (x86)\\Skype\\Updater\\Updater.exe -- (SkypeUpdate)

SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2013/08/14 16:46:02 | 000,101,888 | ---- | M] (Freemake) [On_Demand | Stopped] -- C:\\ProgramData\\Freemake\\FreemakeUtilsService\\FreemakeUtilsService.exe -- (Freemake Improver)

SRV - [2013/05/23 16:12:02 | 000,143,120 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- D:\\Program Files\\SUPERAntiSpyware\\SASCore64.exe -- (!SASCORE)

SRV - [2011/12/09 14:39:52 | 000,135,584 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\\Program Files (x86)\\Futuremark\\Futuremark SystemInfo\\FMSISvc.exe -- (Futuremark SystemInfo Service)

SRV - [2011/08/08 17:39:32 | 002,656,536 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\\Program Files (x86)\\Intel\\Intel(R) Management Engine Components\\UNS\\UNS.exe -- (UNS)

SRV - [2011/08/08 17:39:26 | 000,325,912 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\\Program Files (x86)\\Intel\\Intel(R) Management Engine Components\\LMS\\LMS.exe -- (LMS)

SRV - [2009/10/13 16:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) [Auto | Running] -- C:\\Program Files (x86)\\GIGABYTE\\smart6\\timelock\\TimeMgmtDaemon.exe -- (Smart TimeLock)

SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\\Windows\\Microsoft.NET\\Framework\\v2.0.50727\\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2007/01/15 17:14:38 | 000,774,144 | ---- | M] (Nero AG) [On_Demand | Stopped] -- D:\\Program Files (x86)\\Nero 7\\Nero BackItUp\\NBService.exe -- (NBService)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/05/19 02:47:28 | 000,155,816 | ---- | M] (Razer Inc) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\rzudd.sys -- (rzudd)

DRV:64bit: - [2014/03/11 09:52:30 | 000,133,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\\Windows\\SysNative\\drivers\\NisDrvWFP.sys -- (NisDrv)

DRV:64bit: - [2014/01/22 09:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\ssudmdm.sys -- (ssudmdm)

DRV:64bit: - [2014/01/22 09:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\ssudbus.sys -- (dg_ssudbus)

DRV:64bit: - [2013/12/06 17:52:14 | 013,207,552 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\atikmdag.sys -- (amdkmdag)

DRV:64bit: - [2013/12/06 16:21:44 | 000,626,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\atikmpag.sys -- (amdkmdap)

DRV:64bit: - [2013/11/07 02:52:44 | 005,363,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\igdkmd64.sys -- (igfx)

DRV:64bit: - [2013/10/01 22:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2013/09/24 10:53:50 | 000,094,208 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\AtihdW76.sys -- (AtiHDAudioService)

DRV:64bit: - [2013/09/20 11:52:42 | 000,016,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\SWDUMon.sys -- (SWDUMon)

DRV:64bit: - [2013/04/21 14:15:34 | 000,054,728 | ---- | M] (Soluto LTD.) [File_System | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\Soluto.sys -- (Soluto)

DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2012/11/02 16:38:36 | 000,050,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\point64.sys -- (Point64)

DRV:64bit: - [2012/11/01 22:52:50 | 000,075,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\dc3d.sys -- (dc3d)

DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV:64bit: - [2012/08/23 10:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\TsUsbGD.sys -- (TsUsbGD)

DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2012/05/06 12:56:42 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\pcouffin.sys -- (pcouffin)

DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\\Windows\\SysNative\\drivers\\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2011/09/21 10:25:54 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\\Windows\\SysNative\\drivers\\cpuz135_x64.sys -- (cpuz135)

DRV:64bit: - [2011/05/16 10:55:28 | 000,533,096 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\amdsata.sys -- (amdsata)

DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\amdxata.sys -- (amdxata)

DRV:64bit: - [2011/01/10 18:16:08 | 000,021,104 | ---- | M] () [Kernel | System | Running] -- C:\\Windows\\SysNative\\drivers\\AppleCharger.sys -- (AppleCharger)

DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010/10/19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\HECIx64.sys -- (MEIx64)

DRV:64bit: - [2009/08/21 02:52:10 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\xusb21.sys -- (xusb21)

DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [1999/12/31 20:00:00 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\IntcDAud.sys -- (IntcDAud)

DRV:64bit: - [1999/12/31 20:00:00 | 000,088,832 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\EtronXHCI.sys -- (EtronXHCI)

DRV:64bit: - [1999/12/31 20:00:00 | 000,065,152 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\EtronHub3.sys -- (EtronHub3)

DRV - [2014/07/05 15:14:15 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\\Windows\\gdrv.sys -- (gdrv)

DRV - [2013/01/03 15:07:47 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\\Windows\\GVTDrv64.sys -- (GVTDrv64)

DRV - [2012/08/23 17:02:26 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\\Windows\\etdrv.sys -- (etdrv)

DRV - [2011/07/22 12:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\\Program Files\\SUPERAntiSpyware\\sasdifsv64.sys -- (SASDIFSV)

DRV - [2011/07/12 17:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\\Program Files\\SUPERAntiSpyware\\saskutil64.sys -- (SASKUTIL)

DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\\Windows\\SysWOW64\\drivers\\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\\..\\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:64bit: - HKLM\\..\\SearchScopes\\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: \"URL\" = http://www.bing.com/search?q=\'>http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Local Page = C:\\Windows\\SysWOW64\\blank.htm

IE - HKLM\\..\\SearchScopes,DefaultScope =

IE - HKLM\\..\\SearchScopes\\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: \"URL\" = http://www.bing.com/search?q=\'>http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Secondary Start Pages = [binary data]

IE - HKCU\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Start Page = http://www22.verizon.com/Foryourhome/MyAccount/Unprotected/UserManagement/Login/Login.aspx\'>http://www22.verizon.com/Foryourhome/MyAccount/Unprotected/UserManagement/Login/Login.aspx

IE - HKCU\\..\\SearchScopes,DefaultScope =

IE - HKCU\\..\\SearchScopes\\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: \"URL\" = http://www.bing.com/search?q=\'>http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR

IE - HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings: \"ProxyEnable\" = 0

IE - HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings: \"ProxyOverride\" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: \"Google\"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: \"http://www.google.com/\'>http://www.google.com/\"

FF - prefs.js..extensions.enabledAddons: TFToolbarX%40torrent-finder:1.3.1

FF - prefs.js..extensions.enabledAddons: ex1%40icrewmax.com:3.6

FF - prefs.js..extensions.enabledAddons: artur.dubovoy%40gmail.com:5.9.1

FF - prefs.js..extensions.enabledAddons: %7B37fa1426-b82d-11db-8314-0800200c9a66%7D:3.4.2

FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.8.31

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0

FF - user.js - File not found

FF:64bit: - HKLM\\Software\\MozillaPlugins\\@adobe.com/FlashPlayer: C:\\Windows\\system32\\Macromed\\Flash\\NPSWF64_14_0_0_125.dll File not found

FF:64bit: - HKLM\\Software\\MozillaPlugins\\@microsoft.com/GENUINE: disabled File not found

FF:64bit: - HKLM\\Software\\MozillaPlugins\\@Microsoft.com/NpCtrl,version=1.0: C:\\Program Files\\Microsoft Silverlight\\5.1.30214.0\\npctrl.dll ( Microsoft Corporation)

FF - HKLM\\Software\\MozillaPlugins\\@adobe.com/FlashPlayer: C:\\Windows\\SysWOW64\\Macromed\\Flash\\NPSWF32_14_0_0_125.dll ()

FF - HKLM\\Software\\MozillaPlugins\\@Apple.com/iTunes,version=: File not found

FF - HKLM\\Software\\MozillaPlugins\\@Apple.com/iTunes,version=1.0: D:\\iTunes\\Mozilla Plugins\\npitunes.dll ()

FF - HKLM\\Software\\MozillaPlugins\\@java.com/DTPlugin,version=10.55.2: C:\\Program Files (x86)\\Java\\jre7\\bin\\dtplugin\\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\\Software\\MozillaPlugins\\@java.com/JavaPlugin,version=10.55.2: C:\\Program Files (x86)\\Java\\jre7\\bin\\plugin2\\npjp2.dll (Oracle Corporation)

FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\\Software\\MozillaPlugins\\@Microsoft.com/NpCtrl,version=1.0: C:\\Program Files (x86)\\Microsoft Silverlight\\5.1.30214.0\\npctrl.dll ( Microsoft Corporation)

FF - HKLM\\Software\\MozillaPlugins\\@pandonetworks.com/PandoWebPlugin: C:\\Program Files (x86)\\Pando Networks\\Media Booster\\npPandoWebPlugin.dll (Pando Networks)

FF - HKLM\\Software\\MozillaPlugins\\@raidcall.en/RCplugin: C:\\Users\\Evan Kopilow\\AppData\\Roaming\\raidcall\\plugins\\nprcplugin.dll (Raidcall)

FF - HKLM\\Software\\MozillaPlugins\\@videolan.org/vlc,version=2.0.8: D:\\Program Files (x86)\\VideoLAN\\VLC\\npvlc.dll (VideoLAN)

FF - HKLM\\Software\\MozillaPlugins\\@videolan.org/vlc,version=2.1.0: C:\\Program Files (x86)\\VideoLAN\\VLC\\npvlc.dll (VideoLAN)

FF - HKLM\\Software\\MozillaPlugins\\@videolan.org/vlc,version=2.1.1: C:\\Program Files (x86)\\VideoLAN\\VLC\\npvlc.dll (VideoLAN)

FF - HKLM\\Software\\MozillaPlugins\\@videolan.org/vlc,version=2.1.2: C:\\Program Files (x86)\\VideoLAN\\VLC\\npvlc.dll (VideoLAN)

FF - HKLM\\Software\\MozillaPlugins\\@videolan.org/vlc,version=2.1.3: C:\\Program Files (x86)\\VideoLAN\\VLC\\npvlc.dll (VideoLAN)

FF - HKLM\\Software\\MozillaPlugins\\Adobe Reader: C:\\Program Files (x86)\\Adobe\\Reader 11.0\\Reader\\AIR\\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\\Software\\MozillaPlugins\\pandonetworks.com/PandoWebPlugin: C:\\Program Files (x86)\\Pando Networks\\Media Booster\\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\\software\\mozilla\\Mozilla Firefox 30.0\\extensions\\\\Components: C:\\Program Files (x86)\\Mozilla Firefox\\components [2014/06/18 02:23:15 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\\software\\mozilla\\Mozilla Firefox 30.0\\extensions\\\\Plugins: C:\\Program Files (x86)\\Mozilla Firefox\\plugins [2014/07/03 11:12:31 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\\software\\mozilla\\Mozilla Firefox 30.0\\extensions\\\\Components: C:\\Program Files (x86)\\Mozilla Firefox\\components [2014/06/18 02:23:15 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\\software\\mozilla\\Mozilla Firefox 30.0\\extensions\\\\Plugins: C:\\Program Files (x86)\\Mozilla Firefox\\plugins [2014/07/03 11:12:31 | 000,000,000 | ---D | M]

[2012/04/10 10:50:54 | 000,000,000 | ---D | M] (No name found) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Extensions

[2014/07/03 11:12:30 | 000,000,000 | ---D | M] (No name found) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\extensions

[2014/05/14 17:37:37 | 000,000,000 | ---D | M] (\"Flash Video Downloader - Full HD Download\") -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\extensions\\[email protected]

[2014/04/24 15:50:52 | 000,057,781 | ---- | M] () (No name found) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\extensions\\[email protected]

[2014/04/08 03:16:26 | 000,625,308 | ---- | M] () (No name found) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\extensions\\[email protected]

[2013/01/30 10:35:10 | 000,119,925 | ---- | M] () (No name found) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\extensions\\[email protected]

[2014/06/20 21:41:17 | 000,009,259 | ---- | M] () (No name found) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\extensions\\[email protected]

[2014/06/27 19:29:50 | 000,220,046 | ---- | M] () (No name found) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\extensions\\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi

[2014/07/02 01:32:28 | 000,538,404 | ---- | M] () (No name found) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\extensions\\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi

[2014/06/10 17:17:35 | 000,967,387 | ---- | M] () (No name found) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\extensions\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

[2014/06/18 02:23:15 | 000,000,000 | ---D | M] (No name found) -- C:\\Program Files (x86)\\Mozilla Firefox\\extensions

[2014/06/18 02:23:15 | 000,000,000 | ---D | M] (Java Console) -- C:\\Program Files (x86)\\Mozilla Firefox\\extensions\\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

[2014/06/18 02:23:15 | 000,000,000 | ---D | M] (Java Console) -- C:\\Program Files (x86)\\Mozilla Firefox\\extensions\\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

[2014/06/18 02:23:15 | 000,000,000 | ---D | M] (No name found) -- C:\\Program Files (x86)\\Mozilla Firefox\\browser\\extensions

[2014/06/18 02:23:31 | 000,000,000 | ---D | M] (Default) -- C:\\Program Files (x86)\\Mozilla Firefox\\browser\\extensions\\{972ce4c6-7e08-4474-a285-3208198ce6fd}

File not found (No name found) -- C:\\PROGRAMDATA\\AVG SECURE SEARCH\\FIREFOXEXT\\17.2.0.38

[2011/12/09 13:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\\Program Files (x86)\\mozilla firefox\\plugins\\npwachk.dll

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\\Windows\\SysNative\\drivers\\etc\\hosts

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\\Program Files (x86)\\Java\\jre7\\bin\\ssv.dll (Oracle Corporation)

O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\\Program Files (x86)\\Java\\jre7\\bin\\jp2ssv.dll (Oracle Corporation)

O4:64bit: - HKLM..\\Run: [HotKeysCmds] C:\\Windows\\SysNative\\hkcmd.exe (Intel Corporation)

O4:64bit: - HKLM..\\Run: [IgfxTray] C:\\Windows\\SysNative\\igfxtray.exe (Intel Corporation)

O4:64bit: - HKLM..\\Run: [IntelliPoint] C:\\Program Files\\Microsoft Mouse and Keyboard Center\\ipoint.exe (Microsoft Corporation)

O4:64bit: - HKLM..\\Run: [IntelliType Pro] C:\\Program Files\\Microsoft Mouse and Keyboard Center\\itype.exe (Microsoft Corporation)

O4:64bit: - HKLM..\\Run: [MSC] C:\\Program Files\\Microsoft Security Client\\msseces.exe (Microsoft Corporation)

O4:64bit: - HKLM..\\Run: [Persistence] C:\\Windows\\SysNative\\igfxpers.exe (Intel Corporation)

O4:64bit: - HKLM..\\Run: [RtHDVCpl] C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe (Realtek Semiconductor)

O4 - HKLM..\\Run: [] File not found

O4 - HKLM..\\Run: [APSDaemon] C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\\Run: [Razer Synapse] C:\\Program Files (x86)\\Razer\\Synapse\\RzSynapse.exe (Razer Inc.)

O4 - HKLM..\\Run: [StartCCC] C:\\Program Files (x86)\\ATI Technologies\\ATI.ACE\\Core-Static\\amd64\\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKCU..\\Run: [f.lux] C:\\Users\\Evan Kopilow\\AppData\\Local\\FluxSoftware\\Flux\\flux.exe (Flux Software LLC)

O4:64bit: - HKLM..\\RunOnce: [RPMKickstart] C:\\Program Files\\GIGABYTE\\SMART6\\Recovery\\RPMKickstart.exe (Gigabyte Technology CO., LTD.)

O4 - Startup: C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Samsung Magician.lnk = C:\\Windows\\SysWOW64\\schtasks.exe (Microsoft Corporation)

O4 - Startup: C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\SpeedFan.lnk = File not found

O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\Explorer: NoActiveDesktop = 1

O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\System: PromptOnSecureDesktop = 0

O10:64bit: - NameSpace_Catalog5\\Catalog_Entries64\\000000000007 [] - C:\\Program Files\\Bonjour\\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\\Catalog_Entries\\000000000007 [] - C:\\Program Files (x86)\\Bonjour\\mdnsNSP.dll (Apple Inc.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O15 - HKCU\\..Trusted Domains: verizon.net ([activate] https in Trusted sites)

O15 - HKCU\\..Trusted Domains: verizon.net ([activatemydsl] https in Trusted sites)

O15 - HKCU\\..Trusted Domains: verizon.net ([activatemyfios] https in Trusted sites)

O15 - HKCU\\..Trusted Domains: verizon.net ([activatemyhsi] https in Trusted sites)

O15 - HKCU\\..Trusted Domains: verizon.net ([activatemywifi] https in Trusted sites)

O15 - HKCU\\..Trusted Domains: verizon.net ([wbadownload] https in Trusted sites)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab\'>http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab (Java Plug-in 10.55.2)

O16 - DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab\'>http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab (Java Plug-in 1.7.0_51)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab\'>http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab (Java Plug-in 10.55.2)

O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters\\Interfaces\\{0D22C8E2-A8B1-4FA7-8886-7DFC39D6AA92}: DhcpNameServer = 192.168.1.1

O18:64bit: - Protocol\\Handler\\skype4com - No CLSID value found

O18 - Protocol\\Handler\\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\\Program Files (x86)\\Common Files\\Skype\\Skype4COM.dll (Skype Technologies)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\\Windows\\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (c:\\windows\\system32\\userinit.exe) - C:\\Windows\\SysNative\\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (c:\\program files\\soluto\\soluto.exe /userinit) - c:\\program files\\soluto\\soluto.exe (Soluto)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\\Windows\\SysWow64\\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\\Windows\\SysWow64\\userinit.exe (Microsoft Corporation)

O20:64bit: - Winlogon\\Notify\\igfxcui: DllName - (igfxdev.dll) - C:\\Windows\\SysNative\\igfxdev.dll (Intel Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\\{5625bff4-8119-11e2-a428-50e549e97722}\\Shell - \"\" = AutoRun

O33 - MountPoints2\\{5625bff4-8119-11e2-a428-50e549e97722}\\Shell\\AutoRun\\command - \"\" = H:\\ToolLauncher-Bootstrap.exe

O33 - MountPoints2\\{8fec731b-8330-11e1-982c-806e6f6e6963}\\Shell - \"\" = AutoRun

O33 - MountPoints2\\{8fec731b-8330-11e1-982c-806e6f6e6963}\\Shell\\AutoRun\\command - \"\" = D:\\Run.exe

O33 - MountPoints2\\{a0a3cf5c-c480-11e2-b96d-50e549e97722}\\Shell - \"\" = AutoRun

O33 - MountPoints2\\{a0a3cf5c-c480-11e2-b96d-50e549e97722}\\Shell\\AutoRun\\command - \"\" = J:\\VZW_Software_upgrade_assistant.exe

O33 - MountPoints2\\J\\Shell - \"\" = AutoRun

O33 - MountPoints2\\J\\Shell\\AutoRun\\command - \"\" = J:\\VZW_Software_upgrade_assistant.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\\..comfile [open] -- \"%1\" %*

O35:64bit: - HKLM\\..exefile [open] -- \"%1\" %*

O35 - HKLM\\..comfile [open] -- \"%1\" %*

O35 - HKLM\\..exefile [open] -- \"%1\" %*

O37:64bit: - HKLM\\...com [@ = comfile] -- \"%1\" %*

O37:64bit: - HKLM\\...exe [@ = exefile] -- \"%1\" %*

O37 - HKLM\\...com [@ = comfile] -- \"%1\" %*

O37 - HKLM\\...exe [@ = exefile] -- \"%1\" %*

O38 - SubSystems\\\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/07/03 11:19:26 | 000,000,000 | ---D | C] -- C:\\Windows\\ERUNT

[2014/07/03 11:11:54 | 000,000,000 | ---D | C] -- C:\\AdwCleaner

[2014/07/03 11:10:07 | 001,016,261 | ---- | C] (Thisisu) -- C:\\Users\\Evan Kopilow\\Desktop\\JRT.exe

[2014/07/02 20:07:24 | 000,000,000 | -HSD | C] -- C:\\Users\\Evan Kopilow\\AppData\\Local\\EmieUserList

[2014/07/02 20:07:24 | 000,000,000 | -HSD | C] -- C:\\Users\\Evan Kopilow\\AppData\\Local\\EmieSiteList

[2014/07/02 00:39:55 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\\Users\\Evan Kopilow\\Desktop\\OTL.exe

[2014/07/02 00:35:13 | 000,000,000 | ---D | C] -- C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Samsung Magician

[2014/06/29 19:18:35 | 000,000,000 | ---D | C] -- C:\\Program Files (x86)\\Trend Micro

[2014/06/29 19:18:35 | 000,000,000 | ---D | C] -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\HiJackThis

[2014/06/24 13:19:18 | 000,000,000 | ---D | C] -- C:\\Users\\Evan Kopilow\\Desktop\\Phone pictures

[2014/06/18 02:23:15 | 000,000,000 | ---D | C] -- C:\\Program Files (x86)\\Mozilla Firefox

[2014/06/14 18:36:14 | 000,000,000 | ---D | C] -- C:\\Users\\Evan Kopilow\\AppData\\Local\\Adobe

[2014/06/10 16:26:01 | 000,000,000 | ---D | C] -- C:\\Program Files (x86)\\Common Files\\Skype

[2014/06/10 16:05:12 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\jscript9diag.dll

[2014/06/10 16:05:12 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\mshtmled.dll

[2014/06/10 16:05:12 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\ieetwproxystub.dll

[2014/06/10 16:05:12 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\ieetwproxystub.dll

[2014/06/10 16:05:12 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\JavaScriptCollectionAgent.dll

[2014/06/10 16:05:11 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\iesetup.dll

[2014/06/10 16:05:11 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\JavaScriptCollectionAgent.dll

[2014/06/10 16:05:10 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\inetcpl.cpl

[2014/06/10 16:05:10 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\msfeeds.dll

[2014/06/10 16:05:10 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\dxtmsft.dll

[2014/06/10 16:05:10 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\ieui.dll

[2014/06/10 16:05:10 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\ieetwcollector.exe

[2014/06/10 16:05:10 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\iernonce.dll

[2014/06/10 16:05:10 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\ieetwcollectorres.dll

[2014/06/10 16:05:09 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\inetcpl.cpl

[2014/06/10 16:05:09 | 000,608,768 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\ie4uinit.exe

[2014/06/10 16:05:09 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\iesetup.dll

[2014/06/10 16:05:08 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\mshtmlmedia.dll

[2014/06/10 16:05:08 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\ieapfltr.dll

[2014/06/10 16:05:08 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\ieUnatt.exe

[2014/06/10 16:05:08 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\iernonce.dll

[2014/06/10 16:05:07 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\ieui.dll

[2014/06/10 16:05:07 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\dxtrans.dll

[2014/06/10 16:05:07 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\msrating.dll

[2014/06/10 16:05:06 | 005,782,528 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\jscript9.dll

[2014/06/10 16:05:06 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\mshtmlmedia.dll

[2014/06/10 16:05:06 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\jscript9diag.dll

[2014/06/10 16:05:06 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\vbscript.dll

[2014/06/10 16:05:06 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\ieUnatt.exe

[2014/06/10 16:05:06 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\mshtmled.dll

[2014/06/10 16:05:05 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\MsSpellCheckingFacility.exe

[2014/06/10 16:05:05 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\ieapfltr.dll

[2014/06/10 16:05:05 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\msrating.dll

[2014/06/10 16:04:58 | 003,178,496 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\rdpcorets.dll

[2014/06/10 16:04:58 | 000,288,192 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\drivers\\FWPKCLNT.SYS

[2014/06/10 16:04:58 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\RdpGroupPolicyExtension.dll

[2014/06/10 16:04:57 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\usp10.dll

[2014/06/10 16:04:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\msxml6r.dll

[2014/06/10 16:04:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\msxml6r.dll

[2014/06/10 16:04:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\msxml3r.dll

[2014/06/10 16:04:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\msxml3r.dll

[2014/06/10 16:04:56 | 000,506,368 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\aepdu.dll

[2014/06/10 16:04:55 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\aeinv.dll

[2012/05/06 12:56:42 | 000,082,816 | ---- | C] (VSO Software) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2014/07/05 16:06:00 | 000,000,830 | ---- | M] () -- C:\\Windows\\tasks\\Adobe Flash Player Updater.job

[2014/07/05 15:21:40 | 000,022,064 | -H-- | M] () -- C:\\Windows\\SysNative\\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2014/07/05 15:21:40 | 000,022,064 | -H-- | M] () -- C:\\Windows\\SysNative\\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2014/07/05 15:19:18 | 000,782,510 | ---- | M] () -- C:\\Windows\\SysNative\\PerfStringBackup.INI

[2014/07/05 15:19:18 | 000,662,400 | ---- | M] () -- C:\\Windows\\SysNative\\perfh009.dat

[2014/07/05 15:19:18 | 000,122,268 | ---- | M] () -- C:\\Windows\\SysNative\\perfc009.dat

[2014/07/05 15:14:15 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\\Windows\\gdrv.sys

[2014/07/05 15:14:13 | 000,000,350 | ---- | M] () -- C:\\Windows\\tasks\\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job

[2014/07/05 15:14:13 | 000,000,350 | ---- | M] () -- C:\\Windows\\tasks\\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job

[2014/07/05 15:13:16 | 000,067,584 | --S- | M] () -- C:\\Windows\\bootstat.dat

[2014/07/05 15:13:10 | 4229,779,454 | -HS- | M] () -- C:\\hiberfil.sys

[2014/07/03 11:10:56 | 001,346,519 | ---- | M] () -- C:\\Users\\Evan Kopilow\\Desktop\\AdwCleaner.exe

[2014/07/03 11:10:11 | 001,016,261 | ---- | M] (Thisisu) -- C:\\Users\\Evan Kopilow\\Desktop\\JRT.exe

[2014/07/02 00:39:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\\Users\\Evan Kopilow\\Desktop\\OTL.exe

[2014/07/02 00:35:13 | 000,001,744 | ---- | M] () -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Samsung Magician.lnk

[2014/06/29 19:23:04 | 000,016,037 | ---- | M] () -- C:\\Users\\Evan Kopilow\\Desktop\\99 load.gif

[2014/06/29 19:18:35 | 000,003,007 | ---- | M] () -- C:\\Users\\Evan Kopilow\\Desktop\\HiJackThis.lnk

[2014/06/29 19:17:30 | 001,402,880 | ---- | M] () -- C:\\Users\\Evan Kopilow\\Desktop\\HiJackThis.msi

[2014/06/28 06:46:28 | 580,129,489 | ---- | M] () -- C:\\Windows\\MEMORY.DMP

[2014/06/25 13:30:44 | 000,001,117 | ---- | M] () -- C:\\Users\\Public\\Desktop\\Vz In-Home Agent.lnk

[2014/06/18 11:46:14 | 000,002,044 | ---- | M] () -- C:\\Users\\Evan Kopilow\\Application Data\\Microsoft\\Internet Explorer\\Quick Launch\\Mozilla Firefox.lnk

[2014/06/11 10:48:44 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\\Windows\\SysWow64\\FlashPlayerApp.exe

[2014/06/11 10:48:44 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\\Windows\\SysWow64\\FlashPlayerCPLApp.cpl

[2014/06/08 05:13:05 | 000,506,368 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\SysNative\\aepdu.dll

[2014/06/08 05:08:04 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\SysNative\\aeinv.dll

========== Files Created - No Company Name ==========

[2014/07/03 11:10:51 | 001,346,519 | ---- | C] () -- C:\\Users\\Evan Kopilow\\Desktop\\AdwCleaner.exe

[2014/07/02 00:35:13 | 000,001,744 | ---- | C] () -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Samsung Magician.lnk

[2014/06/29 19:23:04 | 000,016,037 | ---- | C] () -- C:\\Users\\Evan Kopilow\\Desktop\\99 load.gif

[2014/06/29 19:18:35 | 000,003,007 | ---- | C] () -- C:\\Users\\Evan Kopilow\\Desktop\\HiJackThis.lnk

[2014/06/29 19:17:29 | 001,402,880 | ---- | C] () -- C:\\Users\\Evan Kopilow\\Desktop\\HiJackThis.msi

[2014/06/25 13:30:44 | 000,001,117 | ---- | C] () -- C:\\Users\\Public\\Desktop\\Vz In-Home Agent.lnk

[2014/02/12 12:05:09 | 000,000,114 | ---- | C] () -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Dogecoin.conf

[2013/12/06 17:44:26 | 000,038,912 | ---- | C] () -- C:\\Windows\\SysWow64\\kdbsdk32.dll

[2013/11/07 02:52:42 | 000,077,312 | ---- | C] () -- C:\\Windows\\SysWow64\\igdde32.dll

[2013/03/28 22:13:14 | 000,798,734 | ---- | C] () -- C:\\Windows\\SysWow64\\amdocl_ld32.exe

[2013/03/28 22:13:12 | 000,995,342 | ---- | C] () -- C:\\Windows\\SysWow64\\amdocl_as32.exe

[2012/12/10 21:45:50 | 000,002,048 | ---- | C] () -- C:\\Users\\Evan Kopilow\\comdrv8z.bin

[2012/11/20 00:17:57 | 000,000,193 | ---- | C] () -- C:\\ProgramData\\Microsoft.SqlServer.Compact.351.64.bc

[2012/10/10 03:22:28 | 000,272,928 | ---- | C] () -- C:\\Windows\\SysWow64\\igvpkrng600.bin

[2012/10/10 03:22:20 | 000,963,452 | ---- | C] () -- C:\\Windows\\SysWow64\\igcodeckrng600.bin

[2012/05/06 12:57:06 | 000,001,057 | ---- | C] () -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\vso_ts_preview.xml

[2012/05/06 12:56:42 | 000,099,384 | ---- | C] () -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\inst.exe

[2012/05/06 12:56:42 | 000,007,859 | ---- | C] () -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\pcouffin.cat

[2012/05/06 12:56:42 | 000,001,167 | ---- | C] () -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\pcouffin.inf

[2012/04/13 10:54:19 | 000,007,601 | ---- | C] () -- C:\\Users\\Evan Kopilow\\AppData\\Local\\Resmon.ResmonCfg

========== ZeroAccess Check ==========

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\\Windows\\assembly\\Desktop.ini

[HKEY_CURRENT_USER\\Software\\Classes\\clsid\\{42aedc87-2188-41fd-b9a3-0c966feabec1}\\InProcServer32] /64

[HKEY_CURRENT_USER\\Software\\Classes\\Wow6432node\\clsid\\{42aedc87-2188-41fd-b9a3-0c966feabec1}\\InProcServer32]

[HKEY_CURRENT_USER\\Software\\Classes\\clsid\\{fbeb8a05-beee-4442-804e-409d6c4515e9}\\InProcServer32] /64

[HKEY_CURRENT_USER\\Software\\Classes\\Wow6432node\\clsid\\{fbeb8a05-beee-4442-804e-409d6c4515e9}\\InProcServer32]

[HKEY_LOCAL_MACHINE\\Software\\Classes\\clsid\\{42aedc87-2188-41fd-b9a3-0c966feabec1}\\InProcServer32] /64

\"\" = C:\\Windows\\SysNative\\shell32.dll -- [2014/03/24 22:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)

\"ThreadingModel\" = Apartment

[HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\Classes\\clsid\\{42aedc87-2188-41fd-b9a3-0c966feabec1}\\InProcServer32]

\"\" = %SystemRoot%\\system32\\shell32.dll -- [2014/03/24 22:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)

\"ThreadingModel\" = Apartment

[HKEY_LOCAL_MACHINE\\Software\\Classes\\clsid\\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\\InProcServer32] /64

\"\" = C:\\Windows\\SysNative\\wbem\\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

\"ThreadingModel\" = Free

[HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\Classes\\clsid\\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\\InProcServer32]

\"\" = %systemroot%\\system32\\wbem\\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)

\"ThreadingModel\" = Free

[HKEY_LOCAL_MACHINE\\Software\\Classes\\clsid\\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\\InProcServer32] /64

\"\" = C:\\Windows\\SysNative\\wbem\\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

\"ThreadingModel\" = Both

[HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\Classes\\clsid\\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\\InProcServer32]

< End of report >

Sorry about that

Tech Clinic / 2nd GPU running at 99% load

« on: July 03, 2014, 10:29:08 AM »

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.4 (04.06.2014:1)

OS: Windows 7 Home Premium x64

Ran by Evan Kopilow on Thu 07/03/2014 at 11:19:27.41

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

Successfully deleted: [Folder] \"C:\\Users\\Evan Kopilow\\AppData\\Roaming\\getrighttogo\"

Successfully deleted: [Folder] \"C:\\Windows\\syswow64\\ai_recyclebin\"

~~~ FireFox

Successfully deleted: [File] C:\\user.js

Successfully deleted the following from C:\\Users\\Evan Kopilow\\AppData\\Roaming\\mozilla\\firefox\\profiles\\qpz899co.default\\prefs.js

user_pref(\"extensions.atlantis.profile.XG33v9.doneTime\", \"0\");

user_pref(\"extensions.atlantis.profile.XG33v9.efficiency\", \"3\");

user_pref(\"extensions.atlantis.profile.XG33v9.overnights\", \"\");

user_pref(\"extensions.atlantis.profile.XG33v9.rotation_file_fmt\", 3);

user_pref(\"extensions.atlantis.profile.XG33v9.showTime\", \"0\");

Emptied folder: C:\\Users\\Evan Kopilow\\AppData\\Roaming\\mozilla\\firefox\\profiles\\qpz899co.default\\minidumps [160 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Thu 07/03/2014 at 11:23:53.69

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Tech Clinic / 2nd GPU running at 99% load

« on: July 03, 2014, 10:18:58 AM »

ADW Cleaner log

# AdwCleaner v3.214 - Report created 03/07/2014 at 11:12:26

# Updated 29/06/2014 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : Evan Kopilow - LJSMONSTER

# Running from : C:\\Users\\Evan Kopilow\\Desktop\\AdwCleaner.exe

# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\\ProgramData\\Babylon

Folder Deleted : C:\\ProgramData\\Winamp Toolbar

Folder Deleted : C:\\Program Files (x86)\\Conduit

Folder Deleted : C:\\Program Files (x86)\\Winamp Toolbar

Folder Deleted : C:\\Program Files (x86)\\uTorrentControl2

Folder Deleted : C:\\Program Files (x86)\\Common Files\\Software Update Utility

Folder Deleted : C:\\Users\\Evan Kopilow\\AppData\\Local\\Babylon

Folder Deleted : C:\\Users\\Evan Kopilow\\AppData\\Local\\Conduit

Folder Deleted : C:\\Users\\Evan Kopilow\\AppData\\Local\\Winamp Toolbar

Folder Deleted : C:\\Users\\Evan Kopilow\\AppData\\LocalLow\\Conduit

Folder Deleted : C:\\Users\\Evan Kopilow\\AppData\\LocalLow\\PriceGong

Folder Deleted : C:\\Users\\Evan Kopilow\\AppData\\LocalLow\\uTorrentControl2

Folder Deleted : C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Babylon

Folder Deleted : C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\ConduitCommon

Folder Deleted : C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\Smartbar

Folder Deleted : C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\WinampToolbarData

Folder Deleted : C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\CT3072253

Folder Deleted : C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\Extensions\\{0B38152B-1B20-484D-A11F-5E04A9B0661F}

Folder Deleted : C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\Extensions\\{687578b9-7132-4a7a-80e4-30ee31099e03}

File Deleted : C:\\Users\\EVANKO~1\\AppData\\Local\\Temp\\Uninstall.exe

File Deleted : C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\npdnu.dll

File Deleted : C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\npdnu.xpt

File Deleted : C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\npdnupdater2.dll

File Deleted : C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\npdnupdater2.xpt

File Deleted : C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\user.js

File Deleted : C:\\Windows\\System32\\Tasks\\BackgroundContainer Startup Task

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\\Software\\Microsoft\\Internet Explorer\\LowRegistry\\DOMStorage\\conduit.com

Key Deleted : HKCU\\Software\\Microsoft\\Internet Explorer\\LowRegistry\\DOMStorage\\conduitapps.com

Value Deleted : HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Run [BackgroundContainer]

Key Deleted : HKLM\\SOFTWARE\\Classes\\AppID\\dnu.EXE

Key Deleted : HKLM\\SOFTWARE\\Classes\\AppID\\escort.DLL

Key Deleted : HKLM\\SOFTWARE\\Classes\\AppID\\ScriptHelper.EXE

Key Deleted : HKLM\\SOFTWARE\\Classes\\AppID\\winamptbServer.exe

Key Deleted : HKLM\\SOFTWARE\\Classes\\dnUpdate

Key Deleted : HKLM\\SOFTWARE\\Classes\\dnUpdater.DownloadUIBrowser

Key Deleted : HKLM\\SOFTWARE\\Classes\\dnUpdater.DownloadUIBrowser.1

Key Deleted : HKLM\\SOFTWARE\\Classes\\dnUpdater.DownloadUpdController

Key Deleted : HKLM\\SOFTWARE\\Classes\\dnUpdater.DownloadUpdController.1

Key Deleted : HKLM\\SOFTWARE\\Classes\\Prod.cap

Key Deleted : HKLM\\SOFTWARE\\Classes\\WinampTb.AOLTBSearch

Key Deleted : HKLM\\SOFTWARE\\Classes\\WinampTb.AOLTBSearch.1

Key Deleted : HKLM\\SOFTWARE\\Classes\\WinampTb.AOLToolBand

Key Deleted : HKLM\\SOFTWARE\\Classes\\WinampTb.AOLToolBand.1

Key Deleted : HKLM\\SOFTWARE\\Classes\\WinampTb.Downloader

Key Deleted : HKLM\\SOFTWARE\\Classes\\WinampTb.Downloader.1

Key Deleted : HKLM\\SOFTWARE\\Classes\\WinampTb.ToolbarInfo

Key Deleted : HKLM\\SOFTWARE\\Classes\\WinampTb.ToolbarInfo.1

Key Deleted : HKLM\\SOFTWARE\\Classes\\WinampTb.ToolbarParams

Key Deleted : HKLM\\SOFTWARE\\Classes\\WinampTb.ToolbarParams.1

Key Deleted : HKLM\\SOFTWARE\\Classes\\WinampTbServer.AolToolbarHelper

Key Deleted : HKLM\\SOFTWARE\\Classes\\WinampTbServer.AolToolbarHelper.1

Key Deleted : HKLM\\SOFTWARE\\Microsoft\\Tracing\\apnstub_RASAPI32

Key Deleted : HKLM\\SOFTWARE\\Microsoft\\Tracing\\apnstub_RASMANCS

Key Deleted : HKLM\\SOFTWARE\\Microsoft\\Tracing\\au__rasapi32

Key Deleted : HKLM\\SOFTWARE\\Microsoft\\Tracing\\au__rasmancs

Key Deleted : HKLM\\SOFTWARE\\Microsoft\\Tracing\\MyBabylontb_RASAPI32

Key Deleted : HKLM\\SOFTWARE\\Microsoft\\Tracing\\MyBabylontb_RASMANCS

Key Deleted : HKLM\\SOFTWARE\\Classes\\Toolbar.CT3072253

Key Deleted : HKLM\\SOFTWARE\\Classes\\AppID\\{09C554C3-109B-483C-A06B-F14172F1A947}

Key Deleted : HKLM\\SOFTWARE\\Classes\\AppID\\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}

Key Deleted : HKLM\\SOFTWARE\\Classes\\AppID\\{B27D9527-3762-4D71-963D-FB7A94FDD678}

Key Deleted : HKLM\\SOFTWARE\\Classes\\AppID\\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}

Key Deleted : HKLM\\SOFTWARE\\Classes\\AppID\\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}

Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}

Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{408CFAD9-8F13-4747-8EC7-770A339C7237}

Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}

Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{687578B9-7132-4A7A-80E4-30EE31099E03}

Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{6EF4E91D-DDD5-4478-BCA7-DA04435934C0}

Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}

Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{841FD004-57A2-4B49-BBDB-5897394619DB}

Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{94496571-6AC5-4836-82D5-D46260C44B17}

Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{B38D6EDE-390B-4620-8365-29E16459EBDA}

Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{BC9FD17D-30F6-4464-9E53-596A90AFF023}

Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}

Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}

Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{E1164984-B567-47BD-A7FF-240C2594404A}

Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{E15A9BFD-D16D-496D-8222-44CADF316E70}

Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}

Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{F20F11FD-203E-45A9-B7BB-AFC1B4FEA7A6}

Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{FE178B09-C8AA-4734-804D-1849BCCA0C29}

Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}

Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{0F54B66A-21CF-4548-AE59-A6B83EE6676F}

Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}

Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{51A971CA-D36E-4D13-A799-2CF0A491D04D}

Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B}

Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{660E6F4F-840D-436D-B668-433D9591BAC5}

Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{66DD22B9-6521-4B05-97DB-0EBC00B1DA5D}

Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5}

Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{841FD004-57A2-4B49-BBDB-5897394619DB}

Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{E1164984-B567-47BD-A7FF-240C2594404A}

Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F}

Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{E7435878-65B9-44D1-A443-81754E5DFC90}

Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057}

Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{FE0273D1-99DF-4AC0-87D5-1371C6271785}

Key Deleted : HKLM\\SOFTWARE\\Classes\\TypeLib\\{07CAC314-E962-4F78-89AB-DD002F2490EE}

Key Deleted : HKLM\\SOFTWARE\\Classes\\TypeLib\\{13ABD093-D46F-40DF-A608-47E162EC799D}

Key Deleted : HKLM\\SOFTWARE\\Classes\\TypeLib\\{507591C2-2F4E-46A7-92D6-E6CFF82E5F26}

Key Deleted : HKLM\\SOFTWARE\\Classes\\TypeLib\\{538CD77C-BFDD-49B0-9562-77419CAB89D1}

Key Deleted : HKLM\\SOFTWARE\\Classes\\TypeLib\\{92380354-381A-471F-BE2E-DD9ACD9777EA}

Key Deleted : HKLM\\SOFTWARE\\Classes\\TypeLib\\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}

Key Deleted : HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects\\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}

Key Deleted : HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects\\{687578B9-7132-4A7A-80E4-30EE31099E03}

Key Deleted : HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects\\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Stats\\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}

Key Deleted : HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Stats\\{687578B9-7132-4A7A-80E4-30EE31099E03}

Key Deleted : HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Stats\\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}

Key Deleted : HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Stats\\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Stats\\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}

Key Deleted : HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Settings\\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}

Key Deleted : HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Settings\\{687578B9-7132-4A7A-80E4-30EE31099E03}

Key Deleted : HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Settings\\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}

Key Deleted : HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Ext\\PreApproved\\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}

Key Deleted : HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Ext\\PreApproved\\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}

Key Deleted : HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\Low Rights\\ElevationPolicy\\{A8C2644D-BF72-4A89-A88C-D85F565F2F46}

Key Deleted : HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\Low Rights\\ElevationPolicy\\{357E7254-CBD5-4AEA-AD32-8622993457EB}

Key Deleted : HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\Low Rights\\ElevationPolicy\\{E74B6F30-AA4B-465B-9E7B-B13E3C2AF45E}

Key Deleted : HKCU\\Software\\Microsoft\\Internet Explorer\\SearchScopes\\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Key Deleted : HKCU\\Software\\Microsoft\\Internet Explorer\\SearchScopes\\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}

Key Deleted : HKCU\\Software\\Microsoft\\Internet Explorer\\SearchScopes\\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Value Deleted : HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\Toolbar [{687578B9-7132-4A7A-80E4-30EE31099E03}]

Value Deleted : HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\Toolbar [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]

Value Deleted : HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar\\WebBrowser [{687578B9-7132-4A7A-80E4-30EE31099E03}]

Value Deleted : HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar\\WebBrowser [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]

Value Deleted : HKCU\\Software\\Microsoft\\Internet Explorer\\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]

Value Deleted : HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]

Key Deleted : [x64] HKLM\\SOFTWARE\\Classes\\Interface\\{0F54B66A-21CF-4548-AE59-A6B83EE6676F}

Key Deleted : [x64] HKLM\\SOFTWARE\\Classes\\Interface\\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}

Key Deleted : [x64] HKLM\\SOFTWARE\\Classes\\Interface\\{51A971CA-D36E-4D13-A799-2CF0A491D04D}

Key Deleted : [x64] HKLM\\SOFTWARE\\Classes\\Interface\\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B}

Key Deleted : [x64] HKLM\\SOFTWARE\\Classes\\Interface\\{660E6F4F-840D-436D-B668-433D9591BAC5}

Key Deleted : [x64] HKLM\\SOFTWARE\\Classes\\Interface\\{66DD22B9-6521-4B05-97DB-0EBC00B1DA5D}

Key Deleted : [x64] HKLM\\SOFTWARE\\Classes\\Interface\\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5}

Key Deleted : [x64] HKLM\\SOFTWARE\\Classes\\Interface\\{841FD004-57A2-4B49-BBDB-5897394619DB}

Key Deleted : [x64] HKLM\\SOFTWARE\\Classes\\Interface\\{E1164984-B567-47BD-A7FF-240C2594404A}

Key Deleted : [x64] HKLM\\SOFTWARE\\Classes\\Interface\\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F}

Key Deleted : [x64] HKLM\\SOFTWARE\\Classes\\Interface\\{E7435878-65B9-44D1-A443-81754E5DFC90}

Key Deleted : [x64] HKLM\\SOFTWARE\\Classes\\Interface\\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057}

Key Deleted : [x64] HKLM\\SOFTWARE\\Classes\\Interface\\{FE0273D1-99DF-4AC0-87D5-1371C6271785}

Key Deleted : HKCU\\Software\\2YourFace

Key Deleted : HKCU\\Software\\Conduit

Key Deleted : HKCU\\Software\\IGearSettings

Key Deleted : HKCU\\Software\\Winamp Toolbar

Key Deleted : HKCU\\Software\\AppDataLow\\Toolbar

Key Deleted : HKCU\\Software\\AppDataLow\\Software\\BackgroundContainer

Key Deleted : HKCU\\Software\\AppDataLow\\Software\\Conduit

Key Deleted : HKCU\\Software\\AppDataLow\\Software\\PriceGong

Key Deleted : HKCU\\Software\\AppDataLow\\Software\\SmartBar

Key Deleted : HKCU\\Software\\AppDataLow\\Software\\uTorrentControl2

Key Deleted : HKLM\\Software\\Babylon

Key Deleted : HKLM\\Software\\Conduit

Key Deleted : HKLM\\Software\\Winamp Toolbar

Key Deleted : HKLM\\Software\\uTorrentControl2

Key Deleted : HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Winamp Toolbar

Key Deleted : HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\SoftwareUpdUtility

Key Deleted : HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Winamp Toolbar

Key Deleted : HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\uTorrentControl2 Toolbar

***** [ Browsers ] *****

-\\\\ Internet Explorer v11.0.9600.17126

-\\\\ Mozilla Firefox v30.0 (en-US)

[ File : C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\prefs.js ]

Line Deleted : user_pref(\"CT3072253..clientLogIsEnabled\", true);

Line Deleted : user_pref(\"CT3072253.ALLOW_SHOWING_HIDDEN_TOOLBAR\", false);

Line Deleted : user_pref(\"CT3072253.BrowserCompStateIsOpen_129573915102477663\", true);

Line Deleted : user_pref(\"CT3072253.BrowserCompStateIsOpen_129749445530228833\", true);

Line Deleted : user_pref(\"CT3072253.BrowserCompStateIsOpen_129749445881800338\", true);

Line Deleted : user_pref(\"CT3072253.BrowserCompStateIsOpen_129805375651312503\", true);

Line Deleted : user_pref(\"CT3072253.BrowserCompStateIsOpen_130067979083742856\", true);

Line Deleted : user_pref(\"CT3072253.BrowserCompStateIsOpen_1359634299000\", true);

Line Deleted : user_pref(\"CT3072253.CTID\", \"CT3072253\");

Line Deleted : user_pref(\"CT3072253.ConfigurationLastCheckTime\", \"Mon Nov 11 2013 14:41:55 GMT-0500 (Eastern Standard Time)\");

Line Deleted : user_pref(\"CT3072253.CurrentServerDate\", \"12-11-2013\");

Line Deleted : user_pref(\"CT3072253.DSInstall\", false);

Line Deleted : user_pref(\"CT3072253.DialogsAlignMode\", \"LTR\");

Line Deleted : user_pref(\"CT3072253.DialogsGetterLastCheckTime\", \"Wed Nov 06 2013 12:10:44 GMT-0500 (Eastern Standard Time)\");

Line Deleted : user_pref(\"CT3072253.DownloadReferralCookieData\", \"\");

Line Deleted : user_pref(\"CT3072253.ENABALE_HISTORY\", \"{\\\"dataType\\\":\\\"string\\\",\\\"data\\\":\\\"true\\\"}\");

Line Deleted : user_pref(\"CT3072253.FirstServerDate\", \"13-4-2012\");

Line Deleted : user_pref(\"CT3072253.FirstTime\", true);

Line Deleted : user_pref(\"CT3072253.FirstTimeFF3\", true);

Line Deleted : user_pref(\"CT3072253.FixPageNotFoundErrors\", true);

Line Deleted : user_pref(\"CT3072253.GroupingServerCheckInterval\", 1440);

Line Deleted : user_pref(\"CT3072253.HPInstall\", false);

Line Deleted : user_pref(\"CT3072253.HasUserGlobalKeys\", true);

Line Deleted : user_pref(\"CT3072253.HomePageProtectorEnabled\", false);

Line Deleted : user_pref(\"CT3072253.Initialize\", true);

Line Deleted : user_pref(\"CT3072253.InitializeCommonPrefs\", true);

Line Deleted : user_pref(\"CT3072253.InstallationAndCookieDataSentCount\", 3);

Line Deleted : user_pref(\"CT3072253.InstallationId\", \"ConduitXPEIntegration\");

Line Deleted : user_pref(\"CT3072253.InstallationType\", \"ConduitXPEIntegration\");

Line Deleted : user_pref(\"CT3072253.InstalledDate\", \"Sat Apr 14 2012 02:20:20 GMT-0400 (Eastern Daylight Time)\");

Line Deleted : user_pref(\"CT3072253.IsAlertDBUpdated\", true);

Line Deleted : user_pref(\"CT3072253.IsGrouping\", false);

Line Deleted : user_pref(\"CT3072253.IsInitSetupIni\", true);

Line Deleted : user_pref(\"CT3072253.IsMulticommunity\", false);

Line Deleted : user_pref(\"CT3072253.IsOpenThankYouPage\", true);

Line Deleted : user_pref(\"CT3072253.IsOpenUninstallPage\", false);

Line Deleted : user_pref(\"CT3072253.LanguagePackLastCheckTime\", \"Mon Nov 11 2013 14:41:55 GMT-0500 (Eastern Standard Time)\");

Line Deleted : user_pref(\"CT3072253.LanguagePackReloadIntervalMM\", 1440);

Line Deleted : user_pref(\"CT3072253.LastLogin_3.10.0.1\", \"Sun Apr 15 2012 23:16:07 GMT-0400 (Eastern Daylight Time)\");

Line Deleted : user_pref(\"CT3072253.LastLogin_3.12.2.3\", \"Thu May 31 2012 01:02:48 GMT-0400 (Eastern Daylight Time)\");

Line Deleted : user_pref(\"CT3072253.LastLogin_3.13.0.6\", \"Wed Jul 18 2012 00:43:20 GMT-0400 (Eastern Daylight Time)\");

Line Deleted : user_pref(\"CT3072253.LastLogin_3.14.1.0\", \"Mon Aug 27 2012 23:35:38 GMT-0400 (Eastern Daylight Time)\");

Line Deleted : user_pref(\"CT3072253.LastLogin_3.15.1.0\", \"Mon Nov 19 2012 01:26:46 GMT-0500 (Eastern Standard Time)\");

Line Deleted : user_pref(\"CT3072253.LastLogin_3.16.0.3\", \"Sun Feb 10 2013 13:27:59 GMT-0500 (Eastern Standard Time)\");

Line Deleted : user_pref(\"CT3072253.LastLogin_3.18.0.7\", \"Sun Jul 14 2013 23:15:02 GMT-0400 (Eastern Standard Time)\");

Line Deleted : user_pref(\"CT3072253.LastLogin_3.19.0.3\", \"Mon Sep 09 2013 15:49:38 GMT-0400 (Eastern Standard Time)\");

Line Deleted : user_pref(\"CT3072253.LastLogin_3.20.0.4\", \"Mon Nov 11 2013 18:41:55 GMT-0500 (Eastern Standard Time)\");

Line Deleted : user_pref(\"CT3072253.LatestVersion\", \"3.20.0.4\");

Line Deleted : user_pref(\"CT3072253.Locale\", \"en\");

Line Deleted : user_pref(\"CT3072253.MCDetectTooltipHeight\", \"83\");

Line Deleted : user_pref(\"CT3072253.MCDetectTooltipWidth\", \"295\");

Line Deleted : user_pref(\"CT3072253.MyStuffEnabledAtInstallation\", true);

Line Deleted : user_pref(\"CT3072253.OriginalFirstVersion\", \"3.10.0.1\");

Line Deleted : user_pref(\"CT3072253.SearchAPILastCheckTime\", \"Mon Nov 11 2013 14:41:55 GMT-0500 (Eastern Standard Time)\");

Line Deleted : user_pref(\"CT3072253.SearchCaption\", \"uTorrentControl2 Customized Web Search\");

Line Deleted : user_pref(\"CT3072253.SearchEngineBeforeUnload\", \"Google\");

Line Deleted : user_pref(\"CT3072253.SearchFromAddressBarIsInit\", true);

Line Deleted : user_pref(\"CT3072253.SearchInNewTabEnabled\", true);

Line Deleted : user_pref(\"CT3072253.SearchInNewTabIntervalMM\", 1440);

Line Deleted : user_pref(\"CT3072253.SearchInNewTabLastCheckTime\", \"Mon Sep 09 2013 10:44:59 GMT-0400 (Eastern Standard Time)\");

Line Deleted : user_pref(\"CT3072253.SearchInNewTabUserEnabled\", false);

Line Deleted : user_pref(\"CT3072253.SearchProtectorEnabled\", false);

Line Deleted : user_pref(\"CT3072253.SearchProtectorToolbarDisabled\", false);

Line Deleted : user_pref(\"CT3072253.SendProtectorDataViaLogin\", true);

Line Deleted : user_pref(\"CT3072253.ServiceMapLastCheckTime\", \"Mon Nov 11 2013 14:41:55 GMT-0500 (Eastern Standard Time)\");

Line Deleted : user_pref(\"CT3072253.SettingsLastCheckTime\", \"Mon Nov 11 2013 14:41:54 GMT-0500 (Eastern Standard Time)\");

Line Deleted : user_pref(\"CT3072253.SettingsLastUpdate\", \"1384160275\");

Line Deleted : user_pref(\"CT3072253.ThirdPartyComponentsInterval\", 504);

Line Deleted : user_pref(\"CT3072253.ThirdPartyComponentsLastCheck\", \"Sat Apr 14 2012 02:20:20 GMT-0400 (Eastern Daylight Time)\");

Line Deleted : user_pref(\"CT3072253.ThirdPartyComponentsLastUpdate\", \"1312887586\");

Line Deleted : user_pref(\"CT3072253.ToolbarShrinkedFromSetup\", false);

Line Deleted : user_pref(\"CT3072253.TrustedApiDomains\", \"conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]

Line Deleted : user_pref(\"CT3072253.UserID\", \"UN66950574046415219\");

Line Deleted : user_pref(\"CT3072253.ValidationData_Toolbar\", 0);

Line Deleted : user_pref(\"CT3072253.addressBarTakeOverEnabledInHidden\", \"true\");

Line Deleted : user_pref(\"CT3072253.alertChannelId\", \"1463702\");

Line Deleted : user_pref(\"CT3072253.autoDisableScopes\", -1);

Line Deleted : user_pref(\"CT3072253.backendstorage.cbcountry_000\", \"5553\");

Line Deleted : user_pref(\"CT3072253.backendstorage.cbfirsttime\", \"5361742041707220313420323031322030323A32303A323120474D542D3034303020284561737465726E204461796C696768742054696D6529\");

Line Deleted : user_pref(\"CT3072253.backendstorage.url_history0001\", \"68747470733A2F2F7777772E66616365626F6F6B2E636F6D2F3F7265663D6C6F676F3A3A3A636C69636B68616E646C65723A3A3A313333343532313139313635302C2C2C687474707[...]

Line Deleted : user_pref(\"CT3072253.cbcountry_000.from_oldbar.enc\", \"VVM=\");

Line Deleted : user_pref(\"CT3072253.cbfirsttime.from_oldbar.enc\", \"U2F0IEFwciAxNCAyMDEyIDAyOjIwOjIxIEdNVC0wNDAwIChFYXN0ZXJuIERheWxpZ2h0IFRpbWUp\");

Line Deleted : user_pref(\"CT3072253.countryCode\", \"US\");

Line Deleted : user_pref(\"CT3072253.firstTimeDialogOpened\", true);

Line Deleted : user_pref(\"CT3072253.fixPageNotFoundErrorByUser\", \"TRUE\");

Line Deleted : user_pref(\"CT3072253.fixPageNotFoundErrorInHidden\", \"true\");

Line Deleted : user_pref(\"CT3072253.fullUserID\", \"UN66950574046415219.UP.2133\");

Line Deleted : user_pref(\"CT3072253.globalFirstTimeInfoLastCheckTime\", \"Sat Apr 14 2012 02:20:20 GMT-0400 (Eastern Daylight Time)\");

Line Deleted : user_pref(\"CT3072253.homepageProtectorEnableByLogin\", true);

Line Deleted : user_pref(\"CT3072253.initDone\", true);

Line Deleted : user_pref(\"CT3072253.installId\", \"ConduitXPEIntegration\");

Line Deleted : user_pref(\"CT3072253.installType\", \"ConduitXPEIntegration\");

Line Deleted : user_pref(\"CT3072253.isAppTrackingManagerOn\", true);

Line Deleted : user_pref(\"CT3072253.isCheckedStartAsHidden\", true);

Line Deleted : user_pref(\"CT3072253.isEnableAllDialogs\", \"{\\\"dataType\\\":\\\"string\\\",\\\"data\\\":\\\"true\\\"}\");

Line Deleted : user_pref(\"CT3072253.isFirstTimeToolbarLoading\", \"false\");

Line Deleted : user_pref(\"CT3072253.isPerformedSmartBarTransition\", \"true\");

Line Deleted : user_pref(\"CT3072253.isToolbarShrinked\", \"{\\\"dataType\\\":\\\"string\\\",\\\"data\\\":\\\"false\\\"}\");

Line Deleted : user_pref(\"CT3072253.keyword\", true);

Line Deleted : user_pref(\"CT3072253.lastVersion\", \"10.20.101.5\");

Line Deleted : user_pref(\"CT3072253.myStuffEnabled\", true);

Line Deleted : user_pref(\"CT3072253.myStuffPublihserMinWidth\", 400);

Line Deleted : user_pref(\"CT3072253.myStuffServiceIntervalMM\", 1440);

Line Deleted : user_pref(\"CT3072253.navigateToUrlOnSearch\", false);

Line Deleted : user_pref(\"CT3072253.navigationAliasesJson\", \"{\\\"EB_SEARCH_TERM\\\":\\\"\\\",\\\"EB_MAIN_FRAME_URL\\\":\\\"hxxp%3A%2F%2Fwww.reddit.com%2Fr%2FOkCupid%2Fcomments%2F1s0och%2Fhow_i_spent_the_last_8_months_hello_again[...]

Line Deleted : user_pref(\"CT3072253.originalSearchEngine\", \"Google\");

Line Deleted : user_pref(\"CT3072253.revertSettingsEnabled\", true);

Line Deleted : user_pref(\"CT3072253.searchFromAddressBarEnabledByUser\", \"true\");

Line Deleted : user_pref(\"CT3072253.searchInNewTabEnabledByUser\", \"false\");

Line Deleted : user_pref(\"CT3072253.searchInNewTabEnabledInHidden\", \"true\");

Line Deleted : user_pref(\"CT3072253.searchProtectorDialogDelayInSec\", 10);

Line Deleted : user_pref(\"CT3072253.searchProtectorEnableByLogin\", true);

Line Deleted : user_pref(\"CT3072253.searchSuggestEnabledByUser\", \"true\");

Line Deleted : user_pref(\"CT3072253.selectToSearchBoxEnabled\", \"{\\\"dataType\\\":\\\"string\\\",\\\"data\\\":\\\"true\\\"}\");

Line Deleted : user_pref(\"CT3072253.serviceLayer_service_login_isFirstLoginInvoked\", \"{\\\"dataType\\\":\\\"boolean\\\",\\\"data\\\":\\\"true\\\"}\");

Line Deleted : user_pref(\"CT3072253.serviceLayer_service_login_loginCount\", \"{\\\"dataType\\\":\\\"number\\\",\\\"data\\\":\\\"4\\\"}\");

Line Deleted : user_pref(\"CT3072253.serviceLayer_service_toolbarGrouping_activeCTID\", \"{\\\"dataType\\\":\\\"string\\\",\\\"data\\\":\\\"CT3072253\\\"}\");

Line Deleted : user_pref(\"CT3072253.serviceLayer_service_toolbarGrouping_activeToolbarName\", \"{\\\"dataType\\\":\\\"string\\\",\\\"data\\\":\\\"uTorrentControl2 \\\"}\");

Line Deleted : user_pref(\"CT3072253.serviceLayer_service_toolbarGrouping_invoked\", \"{\\\"dataType\\\":\\\"string\\\",\\\"data\\\":\\\"true\\\"}\");

Line Deleted : user_pref(\"CT3072253.serviceLayer_service_usage_toolbarUsageCount\", \"{\\\"dataType\\\":\\\"number\\\",\\\"data\\\":\\\"2\\\"}\");

Line Deleted : user_pref(\"CT3072253.serviceLayer_services_Configuration_lastUpdate\", \"1386110715870\");

Line Deleted : user_pref(\"CT3072253.serviceLayer_services_login_10.20.101.5_lastUpdate\", \"1386110715707\");

Line Deleted : user_pref(\"CT3072253.serviceLayer_services_searchAPI_lastUpdate\", \"1386110715828\");

Line Deleted : user_pref(\"CT3072253.serviceLayer_services_serviceMap_lastUpdate\", \"1386110715684\");

Line Deleted : user_pref(\"CT3072253.serviceLayer_services_toolbarSettings_lastUpdate\", \"1386117915829\");

Line Deleted : user_pref(\"CT3072253.serviceLayer_services_translation_lastUpdate\", \"1386110715524\");

Line Deleted : user_pref(\"CT3072253.settingsINI\", true);

Line Deleted : user_pref(\"CT3072253.showToolbarPermission\", \"false\");

Line Deleted : user_pref(\"CT3072253.smartbar.CTID\", \"CT3072253\");

Line Deleted : user_pref(\"CT3072253.smartbar.Uninstall\", \"0\");

Line Deleted : user_pref(\"CT3072253.smartbar.toolbarName\", \"uTorrentControl2 \");

Line Deleted : user_pref(\"CT3072253.testingCtid\", \"\");

Line Deleted : user_pref(\"CT3072253.toolbarAppMetaDataLastCheckTime\", \"Mon Nov 11 2013 14:41:55 GMT-0500 (Eastern Standard Time)\");

Line Deleted : user_pref(\"CT3072253.toolbarBornServerTime\", \"13-4-2012\");

Line Deleted : user_pref(\"CT3072253.toolbarContextMenuLastCheckTime\", \"Sat Apr 14 2012 02:20:20 GMT-0400 (Eastern Daylight Time)\");

Line Deleted : user_pref(\"CT3072253.toolbarCurrentServerTime\", \"4-12-2013\");

Line Deleted : user_pref(\"CT3072253.toolbarDisabled\", \"true\");

Line Deleted : user_pref(\"CT3072253.toolbarLoginClientTime\", \"Mon Nov 11 2013 21:52:26 GMT-0500 (Eastern Standard Time)\");

Line Deleted : user_pref(\"CT3072253.upgradeFromOBVersion\", true);

Line Deleted : user_pref(\"CT3072253.url_history0001.from_oldbar.enc\", \"aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tLz9yZWY9bG9nbzo6OmNsaWNraGFuZGxlcjo6OjEzMzQ1MjExOTE2NTAsLCxodHRwczovL3d3dy5mYWNlYm9vay5jb20vP3JlZj1sb2dvOjo6Y2xp[...]

Line Deleted : user_pref(\"CT3072253.usagesFlag\", 2);

Line Deleted : user_pref(\"CT3072253_Firefox.csv\", \"[{\\\"from\\\":\\\"Abs Layer\\\",\\\"action\\\":\\\"loading toolbar\\\",\\\"time\\\":1386110713356,\\\"isWithState\\\":\\\"\\\",\\\"timeFromStart\\\":0,\\\"timeFromPrev\\\":0}]\");

Line Deleted : user_pref(\"CommunityToolbar.LatestToolbarVersionInstalled\", \"3.16.0.3\");

Line Deleted : user_pref(\"CommunityToolbar.ToolbarsList\", \"CT3072253\");

Line Deleted : user_pref(\"CommunityToolbar.ToolbarsList2\", \"CT3072253\");

Line Deleted : user_pref(\"CommunityToolbar.ToolbarsList4\", \"CT3072253\");

Line Deleted : user_pref(\"CommunityToolbar.globalUserId\", \"149f1479-f2d8-4f9d-9a82-b65ee4eb3b4a\");

Line Deleted : user_pref(\"CommunityToolbar.isAlertUrlAddedToFeedItemTable\", true);

Line Deleted : user_pref(\"CommunityToolbar.isClickActionAddedToFeedItemTable\", true);

Line Deleted : user_pref(\"CommunityToolbar.keywordURLSelectedCTID\", \"CT3072253\");

Line Deleted : user_pref(\"CommunityToolbar.notifications.alertDialogsGetterLastCheckTime\", \"Mon Dec 03 2012 00:09:28 GMT-0500 (Eastern Standard Time)\");

Line Deleted : user_pref(\"CommunityToolbar.notifications.alertInfoInterval\", 60);

Line Deleted : user_pref(\"CommunityToolbar.notifications.alertInfoLastCheckTime\", \"Mon Dec 03 2012 00:09:36 GMT-0500 (Eastern Standard Time)\");

Line Deleted : user_pref(\"CommunityToolbar.notifications.locale\", \"en\");

Line Deleted : user_pref(\"CommunityToolbar.notifications.loginIntervalMin\", 1440);

Line Deleted : user_pref(\"CommunityToolbar.notifications.loginLastCheckTime\", \"Mon Dec 03 2012 00:09:28 GMT-0500 (Eastern Standard Time)\");

Line Deleted : user_pref(\"CommunityToolbar.notifications.loginLastUpdateTime\", \"1313487611\");

Line Deleted : user_pref(\"CommunityToolbar.notifications.messageShowTimeSec\", 20);

Line Deleted : user_pref(\"CommunityToolbar.notifications.showTrayIcon\", false);

Line Deleted : user_pref(\"CommunityToolbar.notifications.userCloseIntervalMin\", 300);

Line Deleted : user_pref(\"CommunityToolbar.notifications.userId\", \"a9177cd5-4d39-4b41-b3e3-2d67f050c1fa\");

Line Deleted : user_pref(\"CommunityToolbar.originalSearchEngine\", \"Google\");

Line Deleted : user_pref(\"Smartbar.keywordURLSelectedCTID\", \"CT3072253\");

Line Deleted : user_pref(\"browser.babylon.HPOnNewTab\", \"search.babylon.com\");

Line Deleted : user_pref(\"extensions.BabylonToolbar_i.newTab\", true);

Line Deleted : user_pref(\"extensions.atlantis.sys.delta2\", 5);

Line Deleted : user_pref(\"extensions.fvd_single.surfcanyon.ramp.start_time\", \"1394021605488\");

Line Deleted : user_pref(\"smartbar.addressBarOwnerCTID\", \"CT3072253\");

Line Deleted : user_pref(\"smartbar.machineId\", \"5MZW3UMCXOO+YBLFZD/DWABDK78SWWZVCDQXZMYTPM3JENDXBLVXVRG2HJ0HJYJMSBGN8X5HR+MYJLKHCCX4NG\");

*************************

AdwCleaner[R0].txt - [37042 octets] - [03/07/2014 11:11:56]

AdwCleaner[S0].txt - [36261 octets] - [03/07/2014 11:12:26]

########## EOF - C:\\AdwCleaner\\AdwCleaner[S0].txt - [36322 octets] ##########

Tech Clinic / 2nd GPU running at 99% load

« on: July 01, 2014, 11:46:32 PM »

OTL log:

OTL logfile created on: 7/2/2014 12:40:39 AM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\\Users\\Evan Kopilow\\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.11.9600.17126)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

15.92 Gb Total Physical Memory | 13.15 Gb Available Physical Memory | 82.58% Memory free

31.84 Gb Paging File | 28.75 Gb Available in Paging File | 90.32% Paging File free

Paging file location(s): c:\\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\\Windows | %ProgramFiles% = C:\\Program Files (x86)

Drive C: | 232.78 Gb Total Space | 146.28 Gb Free Space | 62.84% Space Free | Partition Type: NTFS

Drive D: | 931.51 Gb Total Space | 594.45 Gb Free Space | 63.82% Space Free | Partition Type: NTFS

Drive E: | 931.51 Gb Total Space | 865.01 Gb Free Space | 92.86% Space Free | Partition Type: NTFS

Drive F: | 111.79 Gb Total Space | 71.39 Gb Free Space | 63.86% Space Free | Partition Type: NTFS

Drive G: | 702.83 Mb Total Space | 479.74 Mb Free Space | 68.26% Space Free | Partition Type: UDF

Drive H: | 55.90 Gb Total Space | 45.31 Gb Free Space | 81.06% Space Free | Partition Type: NTFS

Computer Name: LJSMONSTER | User Name: Evan Kopilow | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/07/02 00:39:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\\Users\\Evan Kopilow\\Desktop\\OTL.exe

PRC - [2014/06/10 16:25:03 | 001,176,632 | ---- | M] (Spotify Ltd) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe

PRC - [2014/05/31 16:26:48 | 000,585,048 | ---- | M] (Razer Inc.) -- C:\\Program Files (x86)\\Razer\\Synapse\\RzSynapse.exe

PRC - [2014/05/29 13:36:52 | 000,543,424 | ---- | M] (Valve Corporation) -- C:\\Program Files (x86)\\Common Files\\Steam\\SteamService.exe

PRC - [2014/05/29 13:36:48 | 001,754,816 | ---- | M] (Valve Corporation) -- D:\\Program Files (x86)\\Steam\\Steam.exe

PRC - [2014/05/19 20:45:22 | 033,322,312 | ---- | M] (Dropbox, Inc.) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe

PRC - [2014/05/19 20:34:36 | 004,737,440 | ---- | M] (Samsung Electronics.) -- C:\\Program Files (x86)\\Samsung Magician\\Samsung Magician.exe

PRC - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\armsvc.exe

PRC - [2013/10/15 19:06:12 | 001,016,712 | ---- | M] (Flux Software LLC) -- C:\\Users\\Evan Kopilow\\AppData\\Local\\FluxSoftware\\Flux\\flux.exe

PRC - [2011/08/08 17:39:32 | 002,656,536 | ---- | M] (Intel Corporation) -- C:\\Program Files (x86)\\Intel\\Intel(R) Management Engine Components\\UNS\\UNS.exe

PRC - [2011/08/08 17:39:26 | 000,325,912 | ---- | M] (Intel Corporation) -- C:\\Program Files (x86)\\Intel\\Intel(R) Management Engine Components\\LMS\\LMS.exe

PRC - [2010/04/22 15:05:26 | 001,011,712 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\\Program Files (x86)\\GIGABYTE\\smart6\\timelock\\AlarmClock.exe

PRC - [2009/10/13 16:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\\Program Files (x86)\\GIGABYTE\\smart6\\timelock\\TimeMgmtDaemon.exe

========== Modules (No Company Name) ==========

MOD - [2014/07/02 00:34:08 | 000,043,008 | ---- | M] () -- c:\\Users\\Evan Kopilow\\AppData\\Local\\Temp\\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppwy5tq.dll

MOD - [2014/05/29 13:37:34 | 002,139,840 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\video.dll

MOD - [2014/05/29 13:36:54 | 001,116,864 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\bin\\chromehtml.dll

MOD - [2014/05/19 20:20:50 | 000,103,424 | ---- | M] () -- C:\\Program Files (x86)\\Samsung Magician\\PAL.dll

MOD - [2014/05/19 20:20:10 | 000,039,424 | ---- | M] () -- C:\\Program Files (x86)\\Samsung Magician\\SATA.dll

MOD - [2014/05/19 20:20:10 | 000,031,232 | ---- | M] () -- C:\\Program Files (x86)\\Samsung Magician\\SMINI.dll

MOD - [2014/05/19 20:19:48 | 000,029,696 | ---- | M] () -- C:\\Program Files (x86)\\Samsung Magician\\SAS.dll

MOD - [2014/05/19 20:19:46 | 000,038,400 | ---- | M] () -- C:\\Program Files (x86)\\Samsung Magician\\SAT.dll

MOD - [2014/05/16 21:36:10 | 000,756,224 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\SDL2.dll

MOD - [2014/05/06 11:24:38 | 000,013,824 | ---- | M] () -- C:\\Program Files (x86)\\Samsung Magician\\SAMSUNG_SSD.dll

MOD - [2014/05/01 19:35:22 | 020,628,160 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\bin\\libcef.dll

MOD - [2014/04/29 20:08:08 | 001,135,104 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\libavcodec-55.dll

MOD - [2014/04/29 20:08:08 | 000,471,552 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\libavutil-53.dll

MOD - [2014/04/29 20:08:08 | 000,404,992 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\libavformat-55.dll

MOD - [2014/04/29 20:08:08 | 000,340,992 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\libavresample-1.dll

MOD - [2014/04/28 20:37:22 | 000,519,168 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\libswscale-2.dll

MOD - [2014/02/12 13:56:33 | 000,399,872 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Xml.Linq\\b6c7a1ca929c1b10f36b683c9f1a0517\\System.Xml.Linq.ni.dll

MOD - [2014/02/12 13:56:15 | 000,190,976 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\UIAutomationTypes\\75b6a68103e1b76063d9f69b8275ae61\\UIAutomationTypes.ni.dll

MOD - [2014/02/12 13:56:14 | 000,018,944 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\Presentatio49d6fefe#\\47e7fc401facd4a5d3f2237f16948f36\\PresentationFramework-SystemXml.ni.dll

MOD - [2014/02/12 13:56:14 | 000,014,336 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\Presentatio4b37ff64#\\0d3cb1df8b6af32cebdc6e2cc4948c69\\PresentationFramework-SystemXmlLinq.ni.dll

MOD - [2014/02/12 00:24:08 | 018,813,440 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\Presentatio5ae0f00f#\\a4b45c44490c75bc2fb22780e7ef087d\\PresentationFramework.ni.dll

MOD - [2014/02/12 00:24:01 | 001,889,792 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Xaml\\3fe705796c6a41d4889d9001d1c56af8\\System.Xaml.ni.dll

MOD - [2014/02/12 00:23:59 | 012,894,208 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Windows.Forms\\f4f6ee0df2aa4189bf36e6335cb92761\\System.Windows.Forms.ni.dll

MOD - [2014/02/12 00:23:59 | 001,180,672 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Management\\0893e0e7137e3b2da905da6216b75344\\System.Management.ni.dll

MOD - [2014/02/12 00:23:55 | 011,025,920 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\PresentationCore\\a74542efbeb46445949a39026c501132\\PresentationCore.ni.dll

MOD - [2014/02/12 00:23:50 | 006,990,336 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Core\\dce99d8de14d8a015313db98c72552ee\\System.Core.ni.dll

MOD - [2014/02/12 00:23:50 | 001,644,544 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Drawing\\5cd2aee5e7c07227c694d89219688ab3\\System.Drawing.ni.dll

MOD - [2014/02/12 00:23:49 | 007,662,080 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Xml\\bada32953bb6b16a53d653eae23d78dc\\System.Xml.ni.dll

MOD - [2014/02/12 00:23:49 | 000,806,400 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Servd1dec626#\\34b53ecafa1d7ccc7ca961d722b5d983\\System.ServiceModel.Internals.ni.dll

MOD - [2014/02/12 00:23:49 | 000,122,880 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\SMDiagnostics\\78652b7fa68ee058bff6a118c657f565\\SMDiagnostics.ni.dll

MOD - [2014/02/12 00:23:48 | 002,825,216 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Runteb92aa12#\\f6d7bb59f318c130d68816a89335d05e\\System.Runtime.Serialization.ni.dll

MOD - [2014/02/12 00:23:47 | 003,950,080 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\WindowsBase\\acf97bfe2a931d4a47253b26b7218991\\WindowsBase.ni.dll

MOD - [2014/02/12 00:23:45 | 000,470,528 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\Presentatio1c9175f8#\\75f8bc4cf08030c4a53b6d5e0ae20046\\PresentationFramework.Aero.ni.dll

MOD - [2014/02/12 00:23:44 | 010,060,800 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System\\ff26cc03e6d57d8abd13b990332e67c6\\System.ni.dll

MOD - [2014/02/12 00:23:44 | 000,976,384 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Configuration\\bbc48ec4245e502ae19b0601d3799c9e\\System.Configuration.ni.dll

MOD - [2014/02/12 00:23:39 | 016,953,856 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\mscorlib\\ce5f61c5754789df97be8dc991c47d07\\mscorlib.ni.dll

MOD - [2014/01/20 14:17:04 | 000,073,544 | ---- | M] () -- C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\zlib1.dll

MOD - [2014/01/20 14:16:38 | 001,044,808 | ---- | M] () -- C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\libxml2.dll

MOD - [2014/01/02 21:09:26 | 003,610,624 | ---- | M] () -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Dropbox\\bin\\wxmsw28uh_vc.dll

MOD - [2013/08/23 15:01:44 | 025,100,288 | ---- | M] () -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Dropbox\\bin\\libcef.dll

MOD - [2013/06/14 19:49:12 | 001,100,800 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\bin\\avcodec-53.dll

MOD - [2013/06/14 19:49:12 | 000,192,000 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\bin\\avformat-53.dll

MOD - [2013/06/14 19:49:12 | 000,124,416 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\bin\\avutil-51.dll

========== Services (SafeList) ==========

SRV:64bit: - [2014/05/30 05:21:05 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\\Windows\\SysNative\\IEEtwCollector.exe -- (IEEtwCollectorService)

SRV:64bit: - [2014/03/11 12:34:10 | 000,347,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\\Program Files\\Microsoft Security Client\\NisSrv.exe -- (NisSrv)

SRV:64bit: - [2014/03/11 12:34:10 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe -- (MsMpSvc)

SRV:64bit: - [2013/12/06 16:52:10 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\\Windows\\SysNative\\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\\Program Files\\Windows Defender\\MpSvc.dll -- (WinDefend)

SRV:64bit: - [2013/04/21 14:23:50 | 000,182,848 | ---- | M] (Soluto) [Auto | Running] -- C:\\Program Files\\Soluto\\SolutoLauncherService.exe -- (SolutoLauncherService)

SRV:64bit: - [2013/04/21 14:23:48 | 000,721,472 | ---- | M] (Soluto) [Auto | Running] -- C:\\Program Files\\Soluto\\SolutoService.exe -- (SolutoService)

SRV:64bit: - [2013/04/21 14:16:00 | 001,245,248 | ---- | M] (Soluto) [On_Demand | Stopped] -- C:\\Program Files\\Soluto\\SolutoRemoteService.exe -- (SolutoRemoteService)

SRV:64bit: - [2010/04/06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\\Windows\\SysNative\\AppleChargerSrv.exe -- (AppleChargerSrv)

SRV - [2014/06/18 02:23:30 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\\Program Files (x86)\\Mozilla Maintenance Service\\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2014/06/11 10:48:44 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2014/05/29 13:36:52 | 000,543,424 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\\Program Files (x86)\\Common Files\\Steam\\SteamService.exe -- (Steam Client Service)

SRV - [2014/05/21 09:32:04 | 000,358,984 | ---- | M] (Verizon) [Auto | Running] -- C:\\Program Files (x86)\\Verizon\\IHA_MessageCenter\\Bin\\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)

SRV - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\armsvc.exe -- (AdobeARMservice)

SRV - [2013/11/07 02:52:56 | 000,279,000 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\\Windows\\SysWOW64\\IntelCpHeciSvc.exe -- (cphs)

SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [On_Demand | Running] -- C:\\Program Files (x86)\\Skype\\Updater\\Updater.exe -- (SkypeUpdate)

SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2013/08/14 16:46:02 | 000,101,888 | ---- | M] (Freemake) [On_Demand | Stopped] -- C:\\ProgramData\\Freemake\\FreemakeUtilsService\\FreemakeUtilsService.exe -- (Freemake Improver)

SRV - [2013/05/23 16:12:02 | 000,143,120 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- D:\\Program Files\\SUPERAntiSpyware\\SASCore64.exe -- (!SASCORE)

SRV - [2011/12/09 14:39:52 | 000,135,584 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\\Program Files (x86)\\Futuremark\\Futuremark SystemInfo\\FMSISvc.exe -- (Futuremark SystemInfo Service)

SRV - [2011/08/08 17:39:32 | 002,656,536 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\\Program Files (x86)\\Intel\\Intel(R) Management Engine Components\\UNS\\UNS.exe -- (UNS)

SRV - [2011/08/08 17:39:26 | 000,325,912 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\\Program Files (x86)\\Intel\\Intel(R) Management Engine Components\\LMS\\LMS.exe -- (LMS)

SRV - [2009/10/13 16:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) [Auto | Running] -- C:\\Program Files (x86)\\GIGABYTE\\smart6\\timelock\\TimeMgmtDaemon.exe -- (Smart TimeLock)

SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\\Windows\\Microsoft.NET\\Framework\\v2.0.50727\\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2007/01/15 17:14:38 | 000,774,144 | ---- | M] (Nero AG) [On_Demand | Stopped] -- D:\\Program Files (x86)\\Nero 7\\Nero BackItUp\\NBService.exe -- (NBService)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/05/19 02:47:28 | 000,155,816 | ---- | M] (Razer Inc) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\rzudd.sys -- (rzudd)

DRV:64bit: - [2014/03/11 09:52:30 | 000,133,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\\Windows\\SysNative\\drivers\\NisDrvWFP.sys -- (NisDrv)

DRV:64bit: - [2014/01/22 09:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\ssudmdm.sys -- (ssudmdm)

DRV:64bit: - [2014/01/22 09:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\ssudbus.sys -- (dg_ssudbus)

DRV:64bit: - [2013/12/06 17:52:14 | 013,207,552 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\atikmdag.sys -- (amdkmdag)

DRV:64bit: - [2013/12/06 16:21:44 | 000,626,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\atikmpag.sys -- (amdkmdap)

DRV:64bit: - [2013/11/07 02:52:44 | 005,363,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\igdkmd64.sys -- (igfx)

DRV:64bit: - [2013/10/01 22:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2013/09/24 10:53:50 | 000,094,208 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\AtihdW76.sys -- (AtiHDAudioService)

DRV:64bit: - [2013/09/20 11:52:42 | 000,016,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\SWDUMon.sys -- (SWDUMon)

DRV:64bit: - [2013/04/21 14:15:34 | 000,054,728 | ---- | M] (Soluto LTD.) [File_System | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\Soluto.sys -- (Soluto)

DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2012/11/02 16:38:36 | 000,050,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\point64.sys -- (Point64)

DRV:64bit: - [2012/11/01 22:52:50 | 000,075,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\dc3d.sys -- (dc3d)

DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV:64bit: - [2012/08/23 10:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\TsUsbGD.sys -- (TsUsbGD)

DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2012/05/06 12:56:42 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\pcouffin.sys -- (pcouffin)

DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\\Windows\\SysNative\\drivers\\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2011/09/21 10:25:54 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\\Windows\\SysNative\\drivers\\cpuz135_x64.sys -- (cpuz135)

DRV:64bit: - [2011/05/16 10:55:28 | 000,533,096 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\amdsata.sys -- (amdsata)

DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\amdxata.sys -- (amdxata)

DRV:64bit: - [2011/01/10 18:16:08 | 000,021,104 | ---- | M] () [Kernel | System | Running] -- C:\\Windows\\SysNative\\drivers\\AppleCharger.sys -- (AppleCharger)

DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010/10/19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\HECIx64.sys -- (MEIx64)

DRV:64bit: - [2009/08/21 02:52:10 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\xusb21.sys -- (xusb21)

DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [1999/12/31 20:00:00 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\IntcDAud.sys -- (IntcDAud)

DRV:64bit: - [1999/12/31 20:00:00 | 000,088,832 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\EtronXHCI.sys -- (EtronXHCI)

DRV:64bit: - [1999/12/31 20:00:00 | 000,065,152 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\EtronHub3.sys -- (EtronHub3)

DRV - [2014/07/02 00:33:50 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\\Windows\\gdrv.sys -- (gdrv)

DRV - [2013/01/03 15:07:47 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\\Windows\\GVTDrv64.sys -- (GVTDrv64)

DRV - [2012/08/23 17:02:26 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\\Windows\\etdrv.sys -- (etdrv)

DRV - [2011/07/22 12:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\\Program Files\\SUPERAntiSpyware\\sasdifsv64.sys -- (SASDIFSV)

DRV - [2011/07/12 17:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\\Program Files\\SUPERAntiSpyware\\saskutil64.sys -- (SASKUTIL)

DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\\Windows\\SysWOW64\\drivers\\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\\..\\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:64bit: - HKLM\\..\\SearchScopes\\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: \"URL\" = http://www.bing.com/search?q=\'>http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Local Page = C:\\Windows\\SysWOW64\\blank.htm

IE - HKLM\\..\\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\\Program Files (x86)\\uTorrentControl2\\prxtbuTor.dll (Conduit Ltd.)

IE - HKLM\\..\\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\\..\\SearchScopes\\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: \"URL\" = http://www.bing.com/search?q=\'>http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Secondary Start Pages = [binary data]

IE - HKCU\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Start Page = http://www22.verizon.com/Foryourhome/MyAccount/Unprotected/UserManagement/Login/Login.aspx\'>http://www22.verizon.com/Foryourhome/MyAccount/Unprotected/UserManagement/Login/Login.aspx

IE - HKCU\\..\\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\\Program Files (x86)\\uTorrentControl2\\prxtbuTor.dll (Conduit Ltd.)

IE - HKCU\\..\\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\\..\\SearchScopes\\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: \"URL\" = http://www.bing.com/search?q=\'>http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR

IE - HKCU\\..\\SearchScopes\\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: \"URL\" = http://search.babylon.com/?q=\'>http://search.babylon.com/?q={searchTerms}&AF=110018&babsrc=SP_ss&mntrId=d4f84c3200000000000050e549e97722

IE - HKCU\\..\\SearchScopes\\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: \"URL\" = http://searchservices.verizon.com/search/ws.portal?&_nfpb=true&_pageLabel=google_results&rs=&web_search_type=basic&sc=web&clientid=vz-cnsmr-tlbr&channel=Brwsr-v6IE&q=\'>http://searchservices.verizon.com/search/ws.portal?&_nfpb=true&_pageLabel=google_results&rs=&web_search_type=basic&sc=web&clientid=vz-cnsmr-tlbr&channel=Brwsr-v6IE&q={searchTerms}

IE - HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings: \"ProxyEnable\" = 0

IE - HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings: \"ProxyOverride\" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: \"Google\"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: \"http://www.google.com/\'>http://www.google.com/\"

FF - prefs.js..extensions.enabledAddons: TFToolbarX%40torrent-finder:1.3.1

FF - prefs.js..extensions.enabledAddons: ex1%40icrewmax.com:3.6

FF - prefs.js..extensions.enabledAddons: artur.dubovoy%40gmail.com:5.9.1

FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.8.29

FF - prefs.js..extensions.enabledAddons: %7B37fa1426-b82d-11db-8314-0800200c9a66%7D:3.4.2

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0

FF - prefs.js..keyword.URL: \"http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&CUI=UN66950574046415219&UM=&q=\'>http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&CUI=UN66950574046415219&UM=&q=\"

FF:64bit: - HKLM\\Software\\MozillaPlugins\\@adobe.com/FlashPlayer: C:\\Windows\\system32\\Macromed\\Flash\\NPSWF64_14_0_0_125.dll File not found

FF:64bit: - HKLM\\Software\\MozillaPlugins\\@microsoft.com/GENUINE: disabled File not found

FF:64bit: - HKLM\\Software\\MozillaPlugins\\@Microsoft.com/NpCtrl,version=1.0: C:\\Program Files\\Microsoft Silverlight\\5.1.30214.0\\npctrl.dll ( Microsoft Corporation)

FF - HKLM\\Software\\MozillaPlugins\\@adobe.com/FlashPlayer: C:\\Windows\\SysWOW64\\Macromed\\Flash\\NPSWF32_14_0_0_125.dll ()

FF - HKLM\\Software\\MozillaPlugins\\@Apple.com/iTunes,version=: File not found

FF - HKLM\\Software\\MozillaPlugins\\@Apple.com/iTunes,version=1.0: D:\\iTunes\\Mozilla Plugins\\npitunes.dll ()

FF - HKLM\\Software\\MozillaPlugins\\@java.com/DTPlugin,version=10.55.2: C:\\Program Files (x86)\\Java\\jre7\\bin\\dtplugin\\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\\Software\\MozillaPlugins\\@java.com/JavaPlugin,version=10.55.2: C:\\Program Files (x86)\\Java\\jre7\\bin\\plugin2\\npjp2.dll (Oracle Corporation)

FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\\Software\\MozillaPlugins\\@Microsoft.com/NpCtrl,version=1.0: C:\\Program Files (x86)\\Microsoft Silverlight\\5.1.30214.0\\npctrl.dll ( Microsoft Corporation)

FF - HKLM\\Software\\MozillaPlugins\\@pandonetworks.com/PandoWebPlugin: C:\\Program Files (x86)\\Pando Networks\\Media Booster\\npPandoWebPlugin.dll (Pando Networks)

FF - HKLM\\Software\\MozillaPlugins\\@raidcall.en/RCplugin: C:\\Users\\Evan Kopilow\\AppData\\Roaming\\raidcall\\plugins\\nprcplugin.dll (Raidcall)

FF - HKLM\\Software\\MozillaPlugins\\@videolan.org/vlc,version=2.0.8: D:\\Program Files (x86)\\VideoLAN\\VLC\\npvlc.dll (VideoLAN)

FF - HKLM\\Software\\MozillaPlugins\\@videolan.org/vlc,version=2.1.0: C:\\Program Files (x86)\\VideoLAN\\VLC\\npvlc.dll (VideoLAN)

FF - HKLM\\Software\\MozillaPlugins\\@videolan.org/vlc,version=2.1.1: C:\\Program Files (x86)\\VideoLAN\\VLC\\npvlc.dll (VideoLAN)

FF - HKLM\\Software\\MozillaPlugins\\@videolan.org/vlc,version=2.1.2: C:\\Program Files (x86)\\VideoLAN\\VLC\\npvlc.dll (VideoLAN)

FF - HKLM\\Software\\MozillaPlugins\\@videolan.org/vlc,version=2.1.3: C:\\Program Files (x86)\\VideoLAN\\VLC\\npvlc.dll (VideoLAN)

FF - HKLM\\Software\\MozillaPlugins\\Adobe Reader: C:\\Program Files (x86)\\Adobe\\Reader 11.0\\Reader\\AIR\\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\\Software\\MozillaPlugins\\pandonetworks.com/PandoWebPlugin: C:\\Program Files (x86)\\Pando Networks\\Media Booster\\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\\software\\mozilla\\Mozilla Firefox 30.0\\extensions\\\\Components: C:\\Program Files (x86)\\Mozilla Firefox\\components [2014/06/18 02:23:15 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\\software\\mozilla\\Mozilla Firefox 30.0\\extensions\\\\Plugins: C:\\Program Files (x86)\\Mozilla Firefox\\plugins [2014/06/18 02:23:15 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\\software\\mozilla\\Mozilla Firefox 30.0\\extensions\\\\Components: C:\\Program Files (x86)\\Mozilla Firefox\\components [2014/06/18 02:23:15 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\\software\\mozilla\\Mozilla Firefox 30.0\\extensions\\\\Plugins: C:\\Program Files (x86)\\Mozilla Firefox\\plugins [2014/06/18 02:23:15 | 000,000,000 | ---D | M]

[2012/04/10 10:50:54 | 000,000,000 | ---D | M] (No name found) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Extensions

[2014/06/27 19:29:50 | 000,000,000 | ---D | M] (No name found) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\extensions

[2013/04/07 13:02:48 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\extensions\\{0b38152b-1b20-484d-a11f-5e04a9b0661f}

[2013/11/11 22:52:22 | 000,000,000 | ---D | M] (uTorrentControl2) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\extensions\\{687578b9-7132-4a7a-80e4-30ee31099e03}

[2014/05/14 17:37:37 | 000,000,000 | ---D | M] (\"Flash Video Downloader - Full HD Download\") -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\extensions\\[email protected]

[2014/04/24 15:50:52 | 000,057,781 | ---- | M] () (No name found) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\extensions\\[email protected]

[2014/04/08 03:16:26 | 000,625,308 | ---- | M] () (No name found) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\extensions\\[email protected]

[2013/01/30 10:35:10 | 000,119,925 | ---- | M] () (No name found) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\extensions\\[email protected]

[2014/06/20 21:41:17 | 000,009,259 | ---- | M] () (No name found) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\extensions\\[email protected]

[2014/06/27 19:29:50 | 000,220,046 | ---- | M] () (No name found) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\extensions\\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi

[2014/06/24 08:52:53 | 000,516,098 | ---- | M] () (No name found) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\extensions\\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi

[2014/06/10 17:17:35 | 000,967,387 | ---- | M] () (No name found) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\extensions\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

[2014/06/18 02:23:15 | 000,000,000 | ---D | M] (No name found) -- C:\\Program Files (x86)\\Mozilla Firefox\\extensions

[2014/06/18 02:23:15 | 000,000,000 | ---D | M] (Java Console) -- C:\\Program Files (x86)\\Mozilla Firefox\\extensions\\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

[2014/06/18 02:23:15 | 000,000,000 | ---D | M] (Java Console) -- C:\\Program Files (x86)\\Mozilla Firefox\\extensions\\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

[2014/06/18 02:23:15 | 000,000,000 | ---D | M] (No name found) -- C:\\Program Files (x86)\\Mozilla Firefox\\browser\\extensions

[2014/06/18 02:23:31 | 000,000,000 | ---D | M] (Default) -- C:\\Program Files (x86)\\Mozilla Firefox\\browser\\extensions\\{972ce4c6-7e08-4474-a285-3208198ce6fd}

File not found (No name found) -- C:\\PROGRAMDATA\\AVG SECURE SEARCH\\FIREFOXEXT\\17.2.0.38

[2011/12/09 13:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\\Program Files (x86)\\mozilla firefox\\plugins\\npwachk.dll

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\\Windows\\SysNative\\drivers\\etc\\hosts

O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\\Program Files (x86)\\Winamp Toolbar\\winamptb.dll (AOL Inc.)

O2 - BHO: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\\Program Files (x86)\\uTorrentControl2\\prxtbuTor.dll (Conduit Ltd.)

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\\Program Files (x86)\\Java\\jre7\\bin\\ssv.dll (Oracle Corporation)

O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.

O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\\Program Files (x86)\\Java\\jre7\\bin\\jp2ssv.dll (Oracle Corporation)

O3 - HKLM\\..\\Toolbar: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\\Program Files (x86)\\uTorrentControl2\\prxtbuTor.dll (Conduit Ltd.)

O3 - HKLM\\..\\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\\Program Files (x86)\\Winamp Toolbar\\winamptb.dll (AOL Inc.)

O3 - HKCU\\..\\Toolbar\\WebBrowser: (uTorrentControl2 Toolbar) - {687578B9-7132-4A7A-80E4-30EE31099E03} - C:\\Program Files (x86)\\uTorrentControl2\\prxtbuTor.dll (Conduit Ltd.)

O3 - HKCU\\..\\Toolbar\\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\\Program Files (x86)\\Winamp Toolbar\\winamptb.dll (AOL Inc.)

O4:64bit: - HKLM..\\Run: [HotKeysCmds] C:\\Windows\\SysNative\\hkcmd.exe (Intel Corporation)

O4:64bit: - HKLM..\\Run: [IgfxTray] C:\\Windows\\SysNative\\igfxtray.exe (Intel Corporation)

O4:64bit: - HKLM..\\Run: [IntelliPoint] C:\\Program Files\\Microsoft Mouse and Keyboard Center\\ipoint.exe (Microsoft Corporation)

O4:64bit: - HKLM..\\Run: [IntelliType Pro] C:\\Program Files\\Microsoft Mouse and Keyboard Center\\itype.exe (Microsoft Corporation)

O4:64bit: - HKLM..\\Run: [MSC] C:\\Program Files\\Microsoft Security Client\\msseces.exe (Microsoft Corporation)

O4:64bit: - HKLM..\\Run: [Persistence] C:\\Windows\\SysNative\\igfxpers.exe (Intel Corporation)

O4:64bit: - HKLM..\\Run: [RtHDVCpl] C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe (Realtek Semiconductor)

O4 - HKLM..\\Run: [] File not found

O4 - HKLM..\\Run: [APSDaemon] C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\\Run: [Razer Synapse] C:\\Program Files (x86)\\Razer\\Synapse\\RzSynapse.exe (Razer Inc.)

O4 - HKLM..\\Run: [StartCCC] C:\\Program Files (x86)\\ATI Technologies\\ATI.ACE\\Core-Static\\amd64\\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKCU..\\Run: [BackgroundContainer] C:\\Users\\Evan Kopilow\\AppData\\Local\\Conduit\\BackgroundContainer\\BackgroundContainer.dll (Conduit Ltd.)

O4 - HKCU..\\Run: [f.lux] C:\\Users\\Evan Kopilow\\AppData\\Local\\FluxSoftware\\Flux\\flux.exe (Flux Software LLC)

O4:64bit: - HKLM..\\RunOnce: [RPMKickstart] C:\\Program Files\\GIGABYTE\\SMART6\\Recovery\\RPMKickstart.exe (Gigabyte Technology CO., LTD.)

O4 - Startup: C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Samsung Magician.lnk = C:\\Windows\\SysWOW64\\schtasks.exe (Microsoft Corporation)

O4 - Startup: C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\SpeedFan.lnk = File not found

O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\Explorer: NoActiveDesktop = 1

O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\System: PromptOnSecureDesktop = 0

O10:64bit: - NameSpace_Catalog5\\Catalog_Entries64\\000000000007 [] - C:\\Program Files\\Bonjour\\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\\Catalog_Entries\\000000000007 [] - C:\\Program Files (x86)\\Bonjour\\mdnsNSP.dll (Apple Inc.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O15 - HKCU\\..Trusted Domains: verizon.net ([activate] https in Trusted sites)

O15 - HKCU\\..Trusted Domains: verizon.net ([activatemydsl] https in Trusted sites)

O15 - HKCU\\..Trusted Domains: verizon.net ([activatemyfios] https in Trusted sites)

O15 - HKCU\\..Trusted Domains: verizon.net ([activatemyhsi] https in Trusted sites)

O15 - HKCU\\..Trusted Domains: verizon.net ([activatemywifi] https in Trusted sites)

O15 - HKCU\\..Trusted Domains: verizon.net ([wbadownload] https in Trusted sites)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab\'>http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab (Java Plug-in 10.55.2)

O16 - DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab\'>http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab (Java Plug-in 1.7.0_51)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab\'>http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab (Java Plug-in 10.55.2)

O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters\\Interfaces\\{0D22C8E2-A8B1-4FA7-8886-7DFC39D6AA92}: DhcpNameServer = 192.168.1.1

O18:64bit: - Protocol\\Handler\\skype4com - No CLSID value found

O18 - Protocol\\Handler\\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\\Program Files (x86)\\Common Files\\Skype\\Skype4COM.dll (Skype Technologies)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\\Windows\\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (c:\\windows\\system32\\userinit.exe) - C:\\Windows\\SysNative\\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (c:\\program files\\soluto\\soluto.exe /userinit) - c:\\program files\\soluto\\soluto.exe (Soluto)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\\Windows\\SysWow64\\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\\Windows\\SysWow64\\userinit.exe (Microsoft Corporation)

O20:64bit: - Winlogon\\Notify\\igfxcui: DllName - (igfxdev.dll) - C:\\Windows\\SysNative\\igfxdev.dll (Intel Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\\{5625bff4-8119-11e2-a428-50e549e97722}\\Shell - \"\" = AutoRun

O33 - MountPoints2\\{5625bff4-8119-11e2-a428-50e549e97722}\\Shell\\AutoRun\\command - \"\" = H:\\ToolLauncher-Bootstrap.exe

O33 - MountPoints2\\{8fec731b-8330-11e1-982c-806e6f6e6963}\\Shell - \"\" = AutoRun

O33 - MountPoints2\\{8fec731b-8330-11e1-982c-806e6f6e6963}\\Shell\\AutoRun\\command - \"\" = D:\\Run.exe

O33 - MountPoints2\\{a0a3cf5c-c480-11e2-b96d-50e549e97722}\\Shell - \"\" = AutoRun

O33 - MountPoints2\\{a0a3cf5c-c480-11e2-b96d-50e549e97722}\\Shell\\AutoRun\\command - \"\" = J:\\VZW_Software_upgrade_assistant.exe

O33 - MountPoints2\\J\\Shell - \"\" = AutoRun

O33 - MountPoints2\\J\\Shell\\AutoRun\\command - \"\" = J:\\VZW_Software_upgrade_assistant.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\\..comfile [open] -- \"%1\" %*

O35:64bit: - HKLM\\..exefile [open] -- \"%1\" %*

O35 - HKLM\\..comfile [open] -- \"%1\" %*

O35 - HKLM\\..exefile [open] -- \"%1\" %*

O37:64bit: - HKLM\\...com [@ = comfile] -- \"%1\" %*

O37:64bit: - HKLM\\...exe [@ = exefile] -- \"%1\" %*

O37 - HKLM\\...com [@ = comfile] -- \"%1\" %*

O37 - HKLM\\...exe [@ = exefile] -- \"%1\" %*

O38 - SubSystems\\\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/07/02 00:39:55 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\\Users\\Evan Kopilow\\Desktop\\OTL.exe

[2014/07/02 00:35:13 | 000,000,000 | ---D | C] -- C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Samsung Magician

[2014/06/29 19:18:35 | 000,000,000 | ---D | C] -- C:\\Program Files (x86)\\Trend Micro

[2014/06/29 19:18:35 | 000,000,000 | ---D | C] -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\HiJackThis

[2014/06/24 13:19:18 | 000,000,000 | ---D | C] -- C:\\Users\\Evan Kopilow\\Desktop\\Phone pictures

[2014/06/18 02:23:15 | 000,000,000 | ---D | C] -- C:\\Program Files (x86)\\Mozilla Firefox

[2014/06/14 18:36:14 | 000,000,000 | ---D | C] -- C:\\Users\\Evan Kopilow\\AppData\\Local\\Adobe

[2014/06/10 16:26:01 | 000,000,000 | ---D | C] -- C:\\Program Files (x86)\\Common Files\\Skype

[2014/06/10 16:05:12 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\jscript9diag.dll

[2014/06/10 16:05:12 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\mshtmled.dll

[2014/06/10 16:05:12 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\ieetwproxystub.dll

[2014/06/10 16:05:12 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\ieetwproxystub.dll

[2014/06/10 16:05:12 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\JavaScriptCollectionAgent.dll

[2014/06/10 16:05:11 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\iesetup.dll

[2014/06/10 16:05:11 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\JavaScriptCollectionAgent.dll

[2014/06/10 16:05:10 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\inetcpl.cpl

[2014/06/10 16:05:10 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\msfeeds.dll

[2014/06/10 16:05:10 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\dxtmsft.dll

[2014/06/10 16:05:10 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\ieui.dll

[2014/06/10 16:05:10 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\ieetwcollector.exe

[2014/06/10 16:05:10 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\iernonce.dll

[2014/06/10 16:05:10 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\ieetwcollectorres.dll

[2014/06/10 16:05:09 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\inetcpl.cpl

[2014/06/10 16:05:09 | 000,608,768 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\ie4uinit.exe

[2014/06/10 16:05:09 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\iesetup.dll

[2014/06/10 16:05:08 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\mshtmlmedia.dll

[2014/06/10 16:05:08 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\ieapfltr.dll

[2014/06/10 16:05:08 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\ieUnatt.exe

[2014/06/10 16:05:08 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\iernonce.dll

[2014/06/10 16:05:07 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\ieui.dll

[2014/06/10 16:05:07 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\dxtrans.dll

[2014/06/10 16:05:07 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\msrating.dll

[2014/06/10 16:05:06 | 005,782,528 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\jscript9.dll

[2014/06/10 16:05:06 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\mshtmlmedia.dll

[2014/06/10 16:05:06 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\jscript9diag.dll

[2014/06/10 16:05:06 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\vbscript.dll

[2014/06/10 16:05:06 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\ieUnatt.exe

[2014/06/10 16:05:06 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\mshtmled.dll

[2014/06/10 16:05:05 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\MsSpellCheckingFacility.exe

[2014/06/10 16:05:05 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\ieapfltr.dll

[2014/06/10 16:05:05 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\msrating.dll

[2014/06/10 16:04:58 | 003,178,496 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\rdpcorets.dll

[2014/06/10 16:04:58 | 000,288,192 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\drivers\\FWPKCLNT.SYS

[2014/06/10 16:04:58 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\RdpGroupPolicyExtension.dll

[2014/06/10 16:04:57 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\usp10.dll

[2014/06/10 16:04:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\msxml6r.dll

[2014/06/10 16:04:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\msxml6r.dll

[2014/06/10 16:04:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\msxml3r.dll

[2014/06/10 16:04:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\msxml3r.dll

[2014/06/10 16:04:56 | 000,506,368 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\aepdu.dll

[2014/06/10 16:04:55 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\aeinv.dll

[2012/05/06 12:56:42 | 000,082,816 | ---- | C] (VSO Software) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2014/07/02 00:40:51 | 000,022,064 | -H-- | M] () -- C:\\Windows\\SysNative\\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2014/07/02 00:40:51 | 000,022,064 | -H-- | M] () -- C:\\Windows\\SysNative\\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2014/07/02 00:39:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\\Users\\Evan Kopilow\\Desktop\\OTL.exe

[2014/07/02 00:39:42 | 000,782,510 | ---- | M] () -- C:\\Windows\\SysNative\\PerfStringBackup.INI

[2014/07/02 00:39:42 | 000,662,400 | ---- | M] () -- C:\\Windows\\SysNative\\perfh009.dat

[2014/07/02 00:39:42 | 000,122,268 | ---- | M] () -- C:\\Windows\\SysNative\\perfc009.dat

[2014/07/02 00:35:13 | 000,001,744 | ---- | M] () -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Samsung Magician.lnk

[2014/07/02 00:33:50 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\\Windows\\gdrv.sys

[2014/07/02 00:33:48 | 000,000,350 | ---- | M] () -- C:\\Windows\\tasks\\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job

[2014/07/02 00:33:48 | 000,000,350 | ---- | M] () -- C:\\Windows\\tasks\\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job

[2014/07/02 00:33:41 | 000,067,584 | --S- | M] () -- C:\\Windows\\bootstat.dat

[2014/07/02 00:33:34 | 4229,779,454 | -HS- | M] () -- C:\\hiberfil.sys

[2014/06/29 20:06:00 | 000,000,830 | ---- | M] () -- C:\\Windows\\tasks\\Adobe Flash Player Updater.job

[2014/06/29 19:23:04 | 000,016,037 | ---- | M] () -- C:\\Users\\Evan Kopilow\\Desktop\\99 load.gif

[2014/06/29 19:18:35 | 000,003,007 | ---- | M] () -- C:\\Users\\Evan Kopilow\\Desktop\\HiJackThis.lnk

[2014/06/29 19:17:30 | 001,402,880 | ---- | M] () -- C:\\Users\\Evan Kopilow\\Desktop\\HiJackThis.msi

[2014/06/28 06:46:28 | 580,129,489 | ---- | M] () -- C:\\Windows\\MEMORY.DMP

[2014/06/25 13:30:44 | 000,001,117 | ---- | M] () -- C:\\Users\\Public\\Desktop\\Vz In-Home Agent.lnk

[2014/06/24 13:20:03 | 000,001,058 | ---- | M] () -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk

[2014/06/18 11:46:14 | 000,002,044 | ---- | M] () -- C:\\Users\\Evan Kopilow\\Application Data\\Microsoft\\Internet Explorer\\Quick Launch\\Mozilla Firefox.lnk

[2014/06/11 10:48:44 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\\Windows\\SysWow64\\FlashPlayerApp.exe

[2014/06/11 10:48:44 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\\Windows\\SysWow64\\FlashPlayerCPLApp.cpl

[2014/06/08 05:13:05 | 000,506,368 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\SysNative\\aepdu.dll

[2014/06/08 05:08:04 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\SysNative\\aeinv.dll

========== Files Created - No Company Name ==========

[2014/07/02 00:35:13 | 000,001,744 | ---- | C] () -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Samsung Magician.lnk

[2014/06/29 19:23:04 | 000,016,037 | ---- | C] () -- C:\\Users\\Evan Kopilow\\Desktop\\99 load.gif

[2014/06/29 19:18:35 | 000,003,007 | ---- | C] () -- C:\\Users\\Evan Kopilow\\Desktop\\HiJackThis.lnk

[2014/06/29 19:17:29 | 001,402,880 | ---- | C] () -- C:\\Users\\Evan Kopilow\\Desktop\\HiJackThis.msi

[2014/06/25 13:30:44 | 000,001,117 | ---- | C] () -- C:\\Users\\Public\\Desktop\\Vz In-Home Agent.lnk

[2014/06/24 08:59:45 | 000,001,058 | ---- | C] () -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk

[2014/02/12 12:05:09 | 000,000,114 | ---- | C] () -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Dogecoin.conf

[2013/12/06 17:44:26 | 000,038,912 | ---- | C] () -- C:\\Windows\\SysWow64\\kdbsdk32.dll

[2013/11/07 02:52:42 | 000,077,312 | ---- | C] () -- C:\\Windows\\SysWow64\\igdde32.dll

[2013/03/28 22:13:14 | 000,798,734 | ---- | C] () -- C:\\Windows\\SysWow64\\amdocl_ld32.exe

[2013/03/28 22:13:12 | 000,995,342 | ---- | C] () -- C:\\Windows\\SysWow64\\amdocl_as32.exe

[2012/12/10 21:45:50 | 000,002,048 | ---- | C] () -- C:\\Users\\Evan Kopilow\\comdrv8z.bin

[2012/11/20 00:17:57 | 000,000,193 | ---- | C] () -- C:\\ProgramData\\Microsoft.SqlServer.Compact.351.64.bc

[2012/10/10 03:22:28 | 000,272,928 | ---- | C] () -- C:\\Windows\\SysWow64\\igvpkrng600.bin

[2012/10/10 03:22:20 | 000,963,452 | ---- | C] () -- C:\\Windows\\SysWow64\\igcodeckrng600.bin

[2012/05/06 12:57:06 | 000,001,057 | ---- | C] () -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\vso_ts_preview.xml

[2012/05/06 12:56:42 | 000,099,384 | ---- | C] () -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\inst.exe

[2012/05/06 12:56:42 | 000,007,859 | ---- | C] () -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\pcouffin.cat

[2012/05/06 12:56:42 | 000,001,167 | ---- | C] () -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\pcouffin.inf

[2012/04/13 10:54:19 | 000,007,601 | ---- | C] () -- C:\\Users\\Evan Kopilow\\AppData\\Local\\Resmon.ResmonCfg

========== ZeroAccess Check ==========

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\\Windows\\assembly\\Desktop.ini

[HKEY_CURRENT_USER\\Software\\Classes\\clsid\\{42aedc87-2188-41fd-b9a3-0c966feabec1}\\InProcServer32] /64

[HKEY_CURRENT_USER\\Software\\Classes\\Wow6432node\\clsid\\{42aedc87-2188-41fd-b9a3-0c966feabec1}\\InProcServer32]

[HKEY_CURRENT_USER\\Software\\Classes\\clsid\\{fbeb8a05-beee-4442-804e-409d6c4515e9}\\InProcServer32] /64

[HKEY_CURRENT_USER\\Software\\Classes\\Wow6432node\\clsid\\{fbeb8a05-beee-4442-804e-409d6c4515e9}\\InProcServer32]

[HKEY_LOCAL_MACHINE\\Software\\Classes\\clsid\\{42aedc87-2188-41fd-b9a3-0c966feabec1}\\InProcServer32] /64

\"\" = C:\\Windows\\SysNative\\shell32.dll -- [2014/03/24 22:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)

\"ThreadingModel\" = Apartment

[HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\Classes\\clsid\\{42aedc87-2188-41fd-b9a3-0c966feabec1}\\InProcServer32]

\"\" = %SystemRoot%\\system32\\shell32.dll -- [2014/03/24 22:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)

\"ThreadingModel\" = Apartment

[HKEY_LOCAL_MACHINE\\Software\\Classes\\clsid\\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\\InProcServer32] /64

\"\" = C:\\Windows\\SysNative\\wbem\\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

\"ThreadingModel\" = Free

[HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\Classes\\clsid\\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\\InProcServer32]

\"\" = %systemroot%\\system32\\wbem\\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)

\"ThreadingModel\" = Free

[HKEY_LOCAL_MACHINE\\Software\\Classes\\clsid\\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\\InProcServer32] /64

\"\" = C:\\Windows\\SysNative\\wbem\\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

\"ThreadingModel\" = Both

[HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\Classes\\clsid\\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\\InProcServer32]

< End of report >

Extras Log

OTL Extras logfile created on: 7/2/2014 12:40:39 AM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\\Users\\Evan Kopilow\\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.11.9600.17126)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

15.92 Gb Total Physical Memory | 13.15 Gb Available Physical Memory | 82.58% Memory free

31.84 Gb Paging File | 28.75 Gb Available in Paging File | 90.32% Paging File free

Paging file location(s): c:\\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\\Windows | %ProgramFiles% = C:\\Program Files (x86)

Drive C: | 232.78 Gb Total Space | 146.28 Gb Free Space | 62.84% Space Free | Partition Type: NTFS

Drive D: | 931.51 Gb Total Space | 594.45 Gb Free Space | 63.82% Space Free | Partition Type: NTFS

Drive E: | 931.51 Gb Total Space | 865.01 Gb Free Space | 92.86% Space Free | Partition Type: NTFS

Drive F: | 111.79 Gb Total Space | 71.39 Gb Free Space | 63.86% Space Free | Partition Type: NTFS

Drive G: | 702.83 Mb Total Space | 479.74 Mb Free Space | 68.26% Space Free | Partition Type: UDF

Drive H: | 55.90 Gb Total Space | 45.31 Gb Free Space | 81.06% Space Free | Partition Type: NTFS

Computer Name: LJSMONSTER | User Name: Evan Kopilow | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\<extension>]

.html[@ = htmlfile] -- C:\\Program Files\\Internet Explorer\\iexplore.exe (Microsoft Corporation)

.url[@ = InternetShortcut] -- C:\\Windows\\SysNative\\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\<extension>]

.cpl [@ = cplfile] -- C:\\Windows\\SysWow64\\control.exe (Microsoft Corporation)

.html [@ = htmlfile] -- C:\\Program Files\\Internet Explorer\\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\\SOFTWARE\\Classes\\<extension>]

.html [@ = FirefoxHTML] -- C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\<key>\\shell\\[command]\\command]

batfile [open] -- \"%1\" %*

cmdfile [open] -- \"%1\" %*

comfile [open] -- \"%1\" %*

exefile [open] -- \"%1\" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [open] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1 (Microsoft Corporation)

htmlfile [opennew] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1 (Microsoft Corporation)

htmlfile [print] -- \"%systemroot%\\system32\\rundll32.exe\" \"%systemroot%\\system32\\mshtml.dll\",PrintHTML \"%1\"

http [open] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1 (Microsoft Corporation)

https [open] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\\System32\\InfDefaultInstall.exe \"%1\" (Microsoft Corporation)

InternetShortcut [open] -- \"C:\\Windows\\System32\\rundll32.exe\" \"C:\\Windows\\System32\\ieframe.dll\",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- \"C:\\Windows\\System32\\rundll32.exe\" \"C:\\Windows\\System32\\mshtml.dll\",PrintHTML \"%1\" (Microsoft Corporation)

piffile [open] -- \"%1\" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- \"%1\"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- \"%1\" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\\system32\\rundll32.exe %SystemRoot%\\system32\\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- \"C:\\Program Files (x86)\\VideoLAN\\VLC\\vlc.exe\" --started-from-file --playlist-enqueue \"%1\" (VideoLAN)

Directory [cmd] -- cmd.exe /s /k pushd \"%V\" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- \"C:\\Program Files (x86)\\VideoLAN\\VLC\\vlc.exe\" --started-from-file --no-playlist-enqueue \"%1\" (VideoLAN)

Directory [Winamp.Bookmark] -- \"C:\\Program Files (x86)\\Winamp\\winamp.exe\" /BOOKMARK \"%1\" (Nullsoft, Inc.)

Directory [Winamp.Enqueue] -- \"C:\\Program Files (x86)\\Winamp\\winamp.exe\" /ADD \"%1\" (Nullsoft, Inc.)

Directory [Winamp.Play] -- \"C:\\Program Files (x86)\\Winamp\\winamp.exe\" \"%1\" (Nullsoft, Inc.)

Folder [open] -- %SystemRoot%\\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\\Explorer.exe (Microsoft Corporation)

Applications\\iexplore.exe [open] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1 (Microsoft Corporation)

CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\<key>\\shell\\[command]\\command]

batfile [open] -- \"%1\" %*

cmdfile [open] -- \"%1\" %*

comfile [open] -- \"%1\" %*

cplfile [cplopen] -- %SystemRoot%\\System32\\control.exe \"%1\",%* (Microsoft Corporation)

exefile [open] -- \"%1\" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [open] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1 (Microsoft Corporation)

htmlfile [opennew] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1 (Microsoft Corporation)

htmlfile [print] -- \"%systemroot%\\system32\\rundll32.exe\" \"%systemroot%\\system32\\mshtml.dll\",PrintHTML \"%1\"

http [open] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1 (Microsoft Corporation)

https [open] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\\System32\\InfDefaultInstall.exe \"%1\" (Microsoft Corporation)

piffile [open] -- \"%1\" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- \"%1\"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- \"%1\" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\\system32\\rundll32.exe %SystemRoot%\\system32\\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- \"C:\\Program Files (x86)\\VideoLAN\\VLC\\vlc.exe\" --started-from-file --playlist-enqueue \"%1\" (VideoLAN)

Directory [cmd] -- cmd.exe /s /k pushd \"%V\" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- \"C:\\Program Files (x86)\\VideoLAN\\VLC\\vlc.exe\" --started-from-file --no-playlist-enqueue \"%1\" (VideoLAN)

Directory [Winamp.Bookmark] -- \"C:\\Program Files (x86)\\Winamp\\winamp.exe\" /BOOKMARK \"%1\" (Nullsoft, Inc.)

Directory [Winamp.Enqueue] -- \"C:\\Program Files (x86)\\Winamp\\winamp.exe\" /ADD \"%1\" (Nullsoft, Inc.)

Directory [Winamp.Play] -- \"C:\\Program Files (x86)\\Winamp\\winamp.exe\" \"%1\" (Nullsoft, Inc.)

Folder [open] -- %SystemRoot%\\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\\Explorer.exe (Microsoft Corporation)

Applications\\iexplore.exe [open] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1 (Microsoft Corporation)

CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Security Center]

\"cval\" = 1

64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Security Center\\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Security Center\\Svc]

\"VistaSp1\" = 28 4D B2 76 41 04 CA 01 [binary data]

\"AntiVirusOverride\" = 0

\"AntiSpywareOverride\" = 0

\"FirewallOverride\" = 0

64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Security Center

Tech Clinic / 2nd GPU running at 99% load

« on: June 29, 2014, 06:26:41 PM »

So my 2nd GPU a Saphire 7850 has sometimes over the last week started up and gone straight to 99% load while my main GPU an XFX 280x is at idle.

This is with the computer idling nothing opened except speedfan and then GPU-Z to check the gpu usage.

Task manager doesn\'t show anything running out of the ordinary that I can tell so here is the log, any help is much appreciated.

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 7:21:18 PM, on 6/29/2014

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.17126)

Boot mode: Normal

Running processes:

C:\\Windows\\SysWOW64\\Rundll32.exe

C:\\Users\\Evan Kopilow\\AppData\\Local\\FluxSoftware\\Flux\\flux.exe

C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe

C:\\Program Files (x86)\\Razer\\Synapse\\RzSynapse.exe

C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe

D:\\iTunes\\iTunesHelper.exe

D:\\Program Files (x86)\\Steam\\steam.exe

C:\\Program Files (x86)\\Samsung Magician\\Samsung Magician.exe

D:\\Program Files (x86)\\SpeedFan\\speedfan.exe

C:\\Users\\Evan Kopilow\\Desktop\\GPU-Z.0.7.8.exe

C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe

C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe

C:\\Program Files (x86)\\Trend Micro\\HiJackThis\\HiJackThis.exe

R1 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896\'>http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://www22.verizon.com/Foryourhome/MyAccount/Unprotected/UserManagement/Login/Login.aspx\'>http://www22.verizon.com/Foryourhome/MyAccount/Unprotected/UserManagement/Login/Login.aspx

R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141\'>http://go.microsoft.com/fwlink/p/?LinkId=255141

R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896\'>http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896\'>http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141\'>http://go.microsoft.com/fwlink/p/?LinkId=255141

R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,SearchAssistant =

R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,CustomizeSearch =

R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Local Page = C:\\Windows\\SysWOW64\\blank.htm

R1 - HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings,ProxyOverride = *.local

R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar,LinksFolderName =

R3 - URLSearchHook: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\\Program Files (x86)\\uTorrentControl2\\prxtbuTor.dll

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\\Program Files (x86)\\Winamp Toolbar\\winamptb.dll

O2 - BHO: uTorrentControl2 - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\\Program Files (x86)\\uTorrentControl2\\prxtbuTor.dll

O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\\Program Files (x86)\\Java\\jre7\\bin\\ssv.dll

O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)

O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\\Program Files (x86)\\Java\\jre7\\bin\\jp2ssv.dll

O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\\Program Files (x86)\\Winamp Toolbar\\winamptb.dll

O3 - Toolbar: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\\Program Files (x86)\\uTorrentControl2\\prxtbuTor.dll

O4 - HKLM\\..\\Run: [APSDaemon] \"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"

O4 - HKLM\\..\\Run: [StartCCC] \"C:\\Program Files (x86)\\ATI Technologies\\ATI.ACE\\Core-Static\\amd64\\CLIStart.exe\" MSRun

O4 - HKLM\\..\\Run: [Adobe ARM] \"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"

O4 - HKLM\\..\\Run: [Razer Synapse] \"C:\\Program Files (x86)\\Razer\\Synapse\\RzSynapse.exe\"

O4 - HKLM\\..\\Run: [SunJavaUpdateSched] \"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"

O4 - HKLM\\..\\Run: [iTunesHelper] \"D:\\iTunes\\iTunesHelper.exe\"

O4 - HKLM\\..\\Run: [QuickTime Task] \"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime

O4 - HKCU\\..\\Run: [f.lux] \"C:\\Users\\Evan Kopilow\\AppData\\Local\\FluxSoftware\\Flux\\flux.exe\" /noshow

O4 - HKCU\\..\\Run: [Spotify Web Helper] \"C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\"

O4 - HKCU\\..\\Run: [Skype] \"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun

O4 - HKUS\\S-1-5-19\\..\\Run: [Sidebar] %ProgramFiles%\\Windows Sidebar\\Sidebar.exe /autoRun (User \'LOCAL SERVICE\')

O4 - HKUS\\S-1-5-19\\..\\RunOnce: [mctadmin] C:\\Windows\\System32\\mctadmin.exe (User \'LOCAL SERVICE\')

O4 - HKUS\\S-1-5-20\\..\\Run: [Sidebar] %ProgramFiles%\\Windows Sidebar\\Sidebar.exe /autoRun (User \'NETWORK SERVICE\')

O4 - HKUS\\S-1-5-20\\..\\RunOnce: [mctadmin] C:\\Windows\\System32\\mctadmin.exe (User \'NETWORK SERVICE\')

O4 - Startup: Dropbox.lnk = Evan Kopilow\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe

O4 - Startup: Samsung Magician.lnk = C:\\Program Files (x86)\\Samsung Magician\\Samsung Magician.exe

O4 - Startup: SpeedFan.lnk = C:\\Program Files (x86)\\SpeedFan\\speedfan.exe

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\\PROGRA~2\\COMMON~1\\Skype\\SKYPE4~1.DLL

O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - D:\\Program Files\\SUPERAntiSpyware\\SASCORE64.EXE

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\\system32\\Alg.exe,-112 (ALG) - Unknown owner - C:\\Windows\\System32\\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\\Windows\\system32\\atiesrxx.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\\Program Files (x86)\\Common Files\\Apple\\Mobile Device Support\\AppleMobileDeviceService.exe

O23 - Service: AppleChargerSrv - Unknown owner - C:\\Windows\\system32\\AppleChargerSrv.exe (file missing)

O23 - Service: Bonjour Service - Apple Inc. - C:\\Program Files\\Bonjour\\mDNSResponder.exe

O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\\Windows\\SysWow64\\IntelCpHeciSvc.exe

O23 - Service: @%SystemRoot%\\system32\\efssvc.dll,-100 (EFS) - Unknown owner - C:\\Windows\\System32\\lsass.exe (file missing)

O23 - Service: @%systemroot%\\system32\\fxsresm.dll,-118 (Fax) - Unknown owner - C:\\Windows\\system32\\fxssvc.exe (file missing)

O23 - Service: Freemake Improver - Freemake - C:\\ProgramData\\Freemake\\FreemakeUtilsService\\FreemakeUtilsService.exe

O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\\Program Files (x86)\\Futuremark\\Futuremark SystemInfo\\FMSISvc.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\\Program Files (x86)\\Common Files\\InstallShield\\Driver\\11\\Intel 32\\IDriverT.exe

O23 - Service: @%SystemRoot%\\system32\\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\\Windows\\system32\\IEEtwCollector.exe (file missing)

O23 - Service: IHA_MessageCenter - Verizon - C:\\Program Files (x86)\\Verizon\\IHA_MessageCenter\\Bin\\Verizon_IHAMessageCenter.exe

O23 - Service: iPod Service - Apple Inc. - C:\\Program Files\\iPod\\bin\\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing)

O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\\Program Files (x86)\\Intel\\Intel(R) Management Engine Components\\LMS\\LMS.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\\Program Files (x86)\\Mozilla Maintenance Service\\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\\Windows\\System32\\msdtc.exe (file missing)

O23 - Service: NBService - Nero AG - D:\\Program Files (x86)\\Nero 7\\Nero BackItUp\\NBService.exe

O23 - Service: @%SystemRoot%\\System32\\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing)

O23 - Service: NMIndexingService - Nero AG - C:\\Program Files (x86)\\Common Files\\Ahead\\Lib\\NMIndexingService.exe

O23 - Service: @%systemroot%\\system32\\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing)

O23 - Service: @%systemroot%\\system32\\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\\Windows\\system32\\locator.exe (file missing)

O23 - Service: @%SystemRoot%\\system32\\samsrv.dll,-1 (SamSs) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\\Program Files (x86)\\Skype\\Updater\\Updater.exe

O23 - Service: Smart TimeLock Service (Smart TimeLock) - Gigabyte Technology CO., LTD. - C:\\Program Files (x86)\\GIGABYTE\\Smart6\\Timelock\\TimeMgmtDaemon.exe

O23 - Service: @%SystemRoot%\\system32\\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\\Windows\\System32\\snmptrap.exe (file missing)

O23 - Service: Soluto Launcher Service (SolutoLauncherService) - Soluto - C:\\Program Files\\Soluto\\SolutoLauncherService.exe

O23 - Service: Soluto Remote Service (SolutoRemoteService) - Soluto - C:\\Program Files\\Soluto\\SolutoRemoteService.exe

O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\\Program Files\\Soluto\\SolutoService.exe

O23 - Service: @%systemroot%\\system32\\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\\Windows\\System32\\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\\system32\\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\\Windows\\system32\\sppsvc.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:\\Program Files (x86)\\Common Files\\Steam\\SteamService.exe

O23 - Service: @%SystemRoot%\\system32\\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\\Windows\\system32\\UI0Detect.exe (file missing)

O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\\Program Files (x86)\\Intel\\Intel(R) Management Engine Components\\UNS\\UNS.exe

O23 - Service: @%SystemRoot%\\system32\\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\\system32\\vds.exe,-100 (vds) - Unknown owner - C:\\Windows\\System32\\vds.exe (file missing)

O23 - Service: @%systemroot%\\system32\\vssvc.exe,-102 (VSS) - Unknown owner - C:\\Windows\\system32\\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\\system32\\Wat\\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\\Windows\\system32\\Wat\\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\\system32\\wbengine.exe,-104 (wbengine) - Unknown owner - C:\\Windows\\system32\\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\\system32\\wbem\\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\\Windows\\system32\\wbem\\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\\Windows Media Player\\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\\Program Files (x86)\\Windows Media Player\\wmpnetwk.exe (file missing)

--

End of file - 10896 bytes

Tech Clinic / BSOD and freezing comp

« on: August 28, 2010, 03:22:09 PM »

[quote name='guestolo' date='28 August 2010 - 04:14 PM' timestamp='1283026467' post='471587']
I don't see any driver support for Windows 7, did you upgrade from Vista?

It may just be a driver support problem
[/quote]

Yes I did upgrade maybe 9 months ago? I'm not exactly sure when.

Tech Clinic / BSOD and freezing comp

« on: August 28, 2010, 02:52:03 PM »

[quote name='guestolo' date='28 August 2010 - 03:41 PM' timestamp='1283024512' post='471585']
Maybe you want to check for any software/driver updates

Too many models to choose from
Which one is yours?
http://h20180.www2.hp.com/apps/Lookup?h_lang=en&h_cc=us&cc=us&h_page=hpcom&lang=en&h_client=S-A-R163-1&h_query=HP+Pavilion+dv9000&submit.x=10&submit.y=5
[/quote]

HP Pavilion dv9700 CTO Entertainment Notebook PC

Tech Clinic / BSOD and freezing comp

« on: August 28, 2010, 02:35:58 PM »

[quote name='guestolo' date='28 August 2010 - 03:31 PM' timestamp='1283023883' post='471583']
What's the exact Make/model of this laptop?
[/quote]

HP Pavilion dv9000 need a spec rundown? Its win7 home 64bit if you didn't get that already from the scans.

Tech Clinic / BSOD and freezing comp

« on: August 28, 2010, 01:56:13 PM »

[quote name='guestolo' date='28 August 2010 - 02:51 PM' timestamp='1283021487' post='471581']
Look for Extras.txt on your desktop and post it's contents
Take note: It appears you may not of run OTL from your desktop
But the following location:
C:\Users\Lj

You may find Extras.txt in that location
[/quote]

OTL Extras logfile created on: 8/28/2010 2:13:15 PM - Run 4
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Lj
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 52.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 98.47 Gb Total Space | 30.78 Gb Free Space | 31.25% Space Free | Partition Type: NTFS
Drive D: | 111.79 Gb Total Space | 21.14 Gb Free Space | 18.91% Space Free | Partition Type: NTFS
Drive E: | 13.31 Gb Total Space | 2.39 Gb Free Space | 17.97% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LJS_LAPPY
Current User Name: Lj
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files (x86)\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- (EarthLink, Inc.)
"C:\Program Files (x86)\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files (x86)\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- (EarthLink, Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.5500
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{11192F89-510C-4E23-A62A-D3BEA9139596}" = HP QuickTouch 1.00 C3
"{17E02F38-FF2D-4c3d-83DF-ECE2A1D20A5E}" = AIO_CDB_ToolboxIni64
"{209CDA54-D390-46A2-A97C-7BF61734418D}" = WeatherBug Gadget
"{328CC232-CFDC-468B-A214-2E21300E4CB5}" = Apple Mobile Device Support
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3F5D0650-63D7-4850-A87E-9A934962511C}" = DigitalPersona Personal 4.11
"{591362D4-590B-457E-9BA3-F4D9508B88BA}" = MobileMe Control Panel
"{8F790958-2107-48F2-88E0-B352A0C225AB}" = iTunes
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{9301985B-D116-4A93-A93D-94580084FF86}" = 64 Bit HP CIO Components Installer
"{9F560BEB-021F-43AC-825F-AA60442D8DE4}" = 64 Bit HP CIO Components Installer
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B80CC46C-5839-4A48-B051-3CACF23A2718}_is1" = Eraser 5.86
"{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}" = Bonjour
"{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}" = HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Connectify" = Connectify
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"HPOCR" = HP OCR Software 8.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
"SMSERIAL" = Motorola SM56 Data Fax Modem
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{021C4C4F-C93C-4425-BFFD-C2D16776BFAE}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{06E74B9B-631F-4378-BF3A-40D868450C05}" = HPPhotoSmartPhotobookHolidayPack1
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{082F8ABA-84D5-4837-9DFC-F365D91A07D4}" = HP Smart Web Printing
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{17271AB7-D7EC-4a95-9861-FAFE5A4664AD}" = 6300Trb
"{172AEB5E-CBB2-4CDD-A4CF-388600825839}" = HPPhotoSmartPhotobookPlayfulPack1
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1A0D2EFC-C4FC-446A-8BC3-57A54CE5EADD}" = Opera 10.53
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{2284D904-C138-4B58-93EC-5C362AB5130A}" = The Sims™ Life Stories
"{250E9609-E830-43EB-B379-DAB7546A2422}" = muvee autoProducer 6.1
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{25771101-7948-4591-ABF3-B1ECE7A7F45F}" = HP Update
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java(TM) 6 Update 21
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{2FA41EBB-3F5A-35C3-85D6-51EC72A11FBD}" = Google Gears
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.30 E1
"{3522CB4C-4B0F-4914-8774-51C5C254B1CE}_is1" = CSMenu 1.0
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{38EAC694-0D90-445F-8C17-8B50ADFE3162}" = Slingbox Flash Tour
"{39CB30DB-27F8-4dd4-A294-CB4AE3B584FD}" = Copy
"{3D08333C-C366-425D-8C2D-D05630D68A46}" = SlingPlayer
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.6
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{4D12D805-50B2-4287-B3B9-AD4D74F85693}" = BOINC
"{508CE775-4BA4-4748-82DF-FE28DA9F03B0}" = Windows Live Messenger
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{68CC54AC-EFE5-4CE4-81F8-BE0C834E2D86}" = Mobile Broadband Generic Drivers
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D6C1253-F5A2-4E0C-9070-F3C1176C1033}" = Nero 7 Ultra Edition
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.0.0.13
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7F362F06-A9A3-440F-8B19-6A01A72723C4}" = AuthenTec Fingerprint Sensor Minimum Install
"{8347A7A5-4AB8-433F-82AA-496B0D189A9B}" = HP User Guides 0088
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83F136F0-2AE5-420C-A0B6-A440AD42591C}" = AuthenTec Fingerprint Software
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{89E052B2-5CA5-4B7A-AF0C-28CA2836B030}" = HPPhotoSmartPhotobookModernPack1
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{9885A11E-60E4-417C-B58B-8B31B21C0B8A}" = HP Easy Setup - Frontend
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{A07840FC-CE63-4CB8-8030-EF4B9805925A}" = HPPhotoSmartDiscLabel_PaperLabel
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}" = Windows Live installer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}" = Apple Application Support
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.3
"{AC95121F-1576-45B8-82F7-3911D27882E6}" = HPPhotoSmartPhotobookScrapbookPack1
"{ADFB9653-F44C-460C-BF58-189CC552DFFE}" = hpphotosmartdisclabelplugin
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4E91E95-A5BA-4E50-A465-DB7EFEB176E8}" = HPPhotoSmartDiscLabel_PrintOnDisc
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BD0E2B92-3814-46F0-893B-4612EA010C7E}" = HP Customer Experience Enhancements
"{BDEDBDD9-C97B-4333-B7BE-6979A34F6F74}" = 6300_Help
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C21C30F2-521C-4F86-882E-60CDCE615FBD}" = Intel(R) IPP Run-Time Installer 5.3 for Windows* on IA-32
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}" = HP Wireless Assistant
"{CC4A73BF-938E-4C19-A553-853C035C9BA1}" = LightScribe System Software 1.10.13.1
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D43908B1-76F6-42FB-B97D-0F4694769ACF}" = Start Killer
"{DD3C88A0-C53C-41D0-A21B-6D021981D23E}" = HPPhotoSmartDiscLabelContent1
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = AusLogics Disk Defrag
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E09575B2-498D-4C8B-A9D2-623F78574F29}" = AIO_CDB_Software
"{E2CB21A2-FD45-4353-888B-FFD071270F35}" = 6300
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{EAFEF30E-3789-49C7-A6D9-77C12E005BAC}" = Safari
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F}" = Fax
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5577101-33CC-4711-8235-3A95BCD49DB0}" = EA Link
"{F636EE9A-F9EC-4606-BCFA-77DD0E210788}" = HPPhotoSmartDiscLabel_Tattoo
"{FA61D601-A0FC-48BD-AE7A-54946BCD7FB6}_is1" = BitPim 1.0.6
"{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}" = ooVoo
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AIM_7" = AIM 7
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.3
"Aspell English Dictionary_is1" = Aspell English Dictionary-0.50-2
"AVG9Uninstall" = AVG Free 9.0
"CCleaner" = CCleaner
"Defraggler" = Defraggler (remove only)
"Diablo II" = Diablo II
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"ExtractNow_is1" = ExtractNow
"Final Fantasy VII_is1" = Final Fantasy VII - Ultima Edition
"FLV Player" = FLV Player 2.0 (build 25)
"Free FLV Converter_is1" = Free FLV Converter V 6.92.0
"GNU Aspell_is1" = GNU Aspell 0.50-3
"Google Updater" = Google Updater
"GTK 2.0" = GTK+ Runtime 2.14.7 rev a (remove only)
"Hauppauge MCE2005 Software Encoder" = Hauppauge MCE XP/Vista Software Encoder (2.0.25149)
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Smart Web Printing" = HP Smart Web Printing
"Imtec Imtec Battery Mark 1.1" = Imtec Imtec Battery Mark 1.1
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{3D08333C-C366-425D-8C2D-D05630D68A46}" = SlingPlayer
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{F5577101-33CC-4711-8235-3A95BCD49DB0}" = EA Link
"Mozilla Firefox (2.0.0.14)" = Mozilla Firefox (2.0.0.14)
"Mozilla Firefox (3.6.

" = Mozilla Firefox (3.6.

"MP4-Converter_is1" = MP4-Converter 3.9.3
"oovootb" = ooVoo Toolbar (Remove Toolbar Only)
"Orb" = Winamp Remote
"Pidgin" = Pidgin
"RadLight 4.0" = RadLight 4.0 FINAL
"RealPlayer 12.0" = RealPlayer
"SlingMedia.QPSlingPlayer_is1" = QuickPlay SlingPlayer 0.4.6
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SpeedFan" = SpeedFan (remove only)
"SpywareBlaster_is1" = SpywareBlaster 4.3
"ST6UNST #1" = Hero Editor V0.96
"Starcraft" = Starcraft
"SystemRequirementsLab" = System Requirements Lab
"The Rosetta Stone" = The Rosetta Stone
"V CAST Music with Rhapsody" = V CAST Music with Rhapsody
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 1.1.1
"VZAccess Manager" = VZAccess Manager
"WildTangent hp Master Uninstall" = My HP Games
"WinAce Archiver 2.0" = WinAce Archiver 2.0
"Winamp" = Winamp
"WinRAR archiver" = WinRAR archiver

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Diablo II" = Diablo II
"Facebook Plug-In" = Facebook Plug-In
"HuluDesktop" = HuluDesktop
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
"uTorrent" = µTorrent
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

Tech Clinic / BSOD and freezing comp

« on: August 28, 2010, 01:25:39 PM »

[quote name='guestolo' date='28 August 2010 - 01:40 PM' timestamp='1283017213' post='471579']
Sorry for the delay, before running OTL
Open OTL.exe and put all selections to NONE
but under "Extra Registry" Set to "USE SAFELIST"
Then click on RUN SCAN
[/quote]

OTL logfile created on: 8/28/2010 2:13:15 PM - Run 4
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Lj
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 52.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 98.47 Gb Total Space | 30.78 Gb Free Space | 31.25% Space Free | Partition Type: NTFS
Drive D: | 111.79 Gb Total Space | 21.14 Gb Free Space | 18.91% Space Free | Partition Type: NTFS
Drive E: | 13.31 Gb Total Space | 2.39 Gb Free Space | 17.97% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LJS_LAPPY
Current User Name: Lj
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Files/Folders - Created Within 30 Days ==========

[2010/08/26 10:52:46 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Lj\OTL.exe
[2010/08/24 16:02:36 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2010/08/19 21:08:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Software Update Utility
[2010/08/19 05:14:51 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010/08/19 05:14:51 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010/08/19 05:14:51 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010/08/19 05:13:00 | 000,874,272 | ---- | C] (Sun Microsystems, Inc.) -- C:\Users\Lj\Desktop\jxpiinstall.exe
[2010/08/18 01:38:26 | 000,000,000 | ---D | C] -- C:\Users\Lj\AppData\Roaming\QuickScan
[2010/08/18 01:27:03 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Lj\Desktop\HijackThis.exe
[2010/08/12 18:43:22 | 005,507,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010/08/12 18:43:21 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2010/08/12 18:43:21 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2010/08/12 18:43:11 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010/08/12 18:43:10 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010/08/12 18:43:10 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010/08/12 18:43:10 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010/08/12 18:43:10 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010/08/12 18:43:10 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010/08/12 18:43:08 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2010/08/12 18:43:08 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[2010/08/12 18:43:07 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2008/06/24 22:57:18 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Lj\AppData\Roaming\pcouffin.sys
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/08/28 14:15:00 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010/08/28 14:14:57 | 008,650,752 | -HS- | M] () -- C:\Users\Lj\NTUSER.DAT
[2010/08/28 14:13:16 | 000,720,488 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/08/28 14:13:16 | 000,619,502 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/08/28 14:13:16 | 000,105,646 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/08/28 14:13:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/08/28 14:09:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/08/28 12:24:19 | 000,000,000 | ---- | M] () -- C:\Users\Lj\AppData\Local\prvlcl.dat
[2010/08/28 06:30:11 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/08/28 06:22:44 | 064,032,736 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm
[2010/08/27 11:34:29 | 000,000,322 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForLj.job
[2010/08/27 06:21:47 | 000,009,728 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/08/27 06:21:47 | 000,009,728 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/08/26 10:52:54 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Lj\OTL.exe
[2010/08/26 10:33:03 | 000,000,253 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2010/08/26 10:32:44 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/08/26 10:32:15 | 3219,988,480 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/26 10:01:58 | 002,529,048 | -H-- | M] () -- C:\Users\Lj\AppData\Local\IconCache.db
[2010/08/22 21:10:43 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010/08/19 21:08:53 | 000,001,039 | -H-- | M] () -- C:\IPH.PH
[2010/08/19 05:13:01 | 000,874,272 | ---- | M] (Sun Microsystems, Inc.) -- C:\Users\Lj\Desktop\jxpiinstall.exe
[2010/08/18 01:27:03 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Lj\Desktop\HijackThis.exe
[2010/08/13 00:27:16 | 000,357,352 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/08/11 23:50:28 | 000,307,200 | ---- | M] (Koyote Soft - http://www.koyotesoft.com) -- C:\Windows\SysWow64\TubeFinder.exe
[2010/08/08 10:21:39 | 000,416,086 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2010/08/08 10:18:46 | 000,000,973 | ---- | M] () -- C:\Users\Lj\Desktop\CCleaner.lnk
[2010/08/04 03:01:14 | 000,151,060 | ---- | M] () -- C:\Users\Lj\Desktop\Carter.jpg
[2010/08/01 12:03:52 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/08/20 10:21:42 | 000,000,322 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForLj.job
[2010/08/03 23:44:04 | 000,151,060 | ---- | C] () -- C:\Users\Lj\Desktop\Carter.jpg
[2010/06/12 12:05:09 | 000,000,492 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2010/03/20 01:07:58 | 000,000,000 | ---- | C] () -- C:\Users\Lj\AppData\Local\prvlcl.dat
[2010/02/17 22:47:22 | 000,000,000 | ---- | C] () -- C:\Users\Lj\AppData\Local\QSwitch.txt
[2010/02/17 22:47:22 | 000,000,000 | ---- | C] () -- C:\Users\Lj\AppData\Local\DSwitch.txt
[2010/02/17 22:47:22 | 000,000,000 | ---- | C] () -- C:\Users\Lj\AppData\Local\AtStart.txt
[2010/02/01 17:56:03 | 000,004,608 | ---- | C] () -- C:\Users\Lj\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/23 17:08:30 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/30 23:26:10 | 000,000,510 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2009/06/01 14:36:09 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/02/28 00:25:48 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2008/08/22 14:08:02 | 000,870,128 | ---- | C] () -- C:\Users\Lj\AppData\Roaming\mcs.rma
[2008/08/22 14:08:02 | 000,000,004 | ---- | C] () -- C:\Users\Lj\AppData\Roaming\7B892B
[2008/06/24 23:19:08 | 000,000,668 | ---- | C] () -- C:\Users\Lj\AppData\Roaming\vso_ts_preview.xml
[2008/06/24 22:57:57 | 000,000,034 | ---- | C] () -- C:\Users\Lj\AppData\Roaming\pcouffin.log
[2008/06/24 22:57:18 | 000,099,384 | ---- | C] () -- C:\Users\Lj\AppData\Roaming\inst.exe
[2008/06/24 22:57:18 | 000,007,859 | ---- | C] () -- C:\Users\Lj\AppData\Roaming\pcouffin.cat
[2008/06/24 22:57:18 | 000,001,167 | ---- | C] () -- C:\Users\Lj\AppData\Roaming\pcouffin.inf
[2008/06/03 14:45:07 | 000,083,586 | ---- | C] () -- C:\Users\Lj\AppData\Roaming\nvModes.001
[2008/06/03 14:44:46 | 000,083,586 | ---- | C] () -- C:\Users\Lj\AppData\Roaming\nvModes.dat
[2006/05/19 04:39:58 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini

========== Alternate Data Streams ==========

@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:5C321E34
< End of report >

Tech Clinic / BSOD and freezing comp

« on: August 26, 2010, 10:02:29 AM »

OTL logfile created on: 8/26/2010 10:58:53 AM - Run 3
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Lj\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 59.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 98.47 Gb Total Space | 30.94 Gb Free Space | 31.42% Space Free | Partition Type: NTFS
Drive D: | 111.79 Gb Total Space | 21.48 Gb Free Space | 19.22% Space Free | Partition Type: NTFS
Drive E: | 13.31 Gb Total Space | 2.39 Gb Free Space | 17.97% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LJS_LAPPY
Current User Name: Lj
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/08/26 10:52:54 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Lj\Desktop\OTL.exe
PRC - [2010/07/20 11:03:38 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgemc.exe
PRC - [2010/07/16 09:49:56 | 002,065,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgtray.exe
PRC - [2010/07/16 09:49:53 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
PRC - [2010/07/16 09:49:29 | 000,723,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe
PRC - [2010/06/24 16:48:24 | 001,100,800 | ---- | M] (Connectify) -- C:\Program Files (x86)\Connectify\Connectify.exe
PRC - [2010/06/24 16:48:18 | 000,108,544 | ---- | M] (Connectify) -- C:\Program Files (x86)\Connectify\ConnectifyService.exe
PRC - [2010/06/24 16:48:14 | 000,840,704 | ---- | M] (Connectify) -- C:\Program Files (x86)\Connectify\Connectifyd.exe
PRC - [2010/06/17 23:08:22 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.2.183.29\GoogleCrashHandler.exe
PRC - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2009/11/25 09:24:14 | 004,009,592 | ---- | M] (Almico Software (www.almico.com)) -- C:\Program Files (x86)\SpeedFan\speedfan.exe
PRC - [2009/11/06 17:58:02 | 004,793,088 | ---- | M] (Space Sciences Laboratory) -- C:\Program Files (x86)\BOINC\boincmgr.exe
PRC - [2009/11/06 17:58:02 | 000,058,112 | ---- | M] (Space Sciences Laboratory) -- C:\Program Files (x86)\BOINC\boinctray.exe
PRC - [2009/11/06 17:58:00 | 000,783,104 | ---- | M] (Space Sciences Laboratory) -- C:\Program Files (x86)\BOINC\boinc.exe
PRC - [2009/09/29 09:52:54 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
PRC - [2009/09/29 09:52:52 | 000,842,816 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe
PRC - [2009/09/11 14:51:48 | 001,811,704 | ---- | M] (AuthenTec, Inc.) -- C:\Program Files (x86)\Fingerprint Sensor\AtService.exe
PRC - [2009/04/27 18:09:52 | 000,093,960 | ---- | M] (Sling Media Inc.) -- C:\Program Files (x86)\Sling Media\SlingAgent\SlingAgentService.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/12/17 15:19:40 | 000,258,048 | R--- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\LogTransport2.exe
PRC - [2008/12/04 14:00:26 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/12/04 14:00:20 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/11/07 11:49:58 | 001,787,184 | ---- | M] (Smith Micro Software, Inc.) -- C:\Program Files (x86)\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe
PRC - [2007/09/05 16:45:32 | 000,014,376 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2007/03/29 18:41:26 | 000,222,128 | ---- | M] (Macrovision Corporation) -- D:\FNC60_COMMON.6ED28686_7B19_420C_B255_5B6C1BD2C705\ISUSPM.exe

========== Modules (SafeList) ==========

MOD - [2010/08/26 10:52:54 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Lj\Desktop\OTL.exe
MOD - [2009/09/29 09:52:54 | 000,502,848 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpOFeedb.dll
MOD - [2009/09/29 09:52:54 | 000,363,584 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpOSet.dll
MOD - [2009/07/13 21:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009/07/13 21:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/07/20 11:03:38 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/07/16 09:49:53 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/06/24 16:48:18 | 000,108,544 | ---- | M] (Connectify) [Auto | Running] -- C:\Program Files (x86)\Connectify\ConnectifyService.exe -- (Connectify)
SRV - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/18 14:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/10/30 09:09:52 | 000,249,856 | ---- | M] (SMServer) [On_Demand | Stopped] -- C:\Windows\SysWOW64\snmvtsvc.exe -- (SMServer)
SRV - [2009/09/29 09:52:54 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe -- (DpHost)
SRV - [2009/09/11 14:51:48 | 001,811,704 | ---- | M] (AuthenTec, Inc.) [Auto | Running] -- C:\Program Files (x86)\Fingerprint Sensor\AtService.exe -- (ATService)
SRV - [2009/04/27 18:09:52 | 000,093,960 | ---- | M] (Sling Media Inc.) [Auto | Running] -- C:\Program Files (x86)\Sling Media\SlingAgent\SlingAgentService.exe -- (SlingAgentService)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/12/04 14:00:26 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2007/10/25 15:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc)
SRV - [2007/10/18 11:31:54 | 000,098,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Live\Messenger\usnsvc.exe -- (usnjsvc)
SRV - [2007/03/05 13:30:06 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/07/16 09:49:56 | 000,317,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (AvgTdiA)
DRV:64bit: - [2010/07/16 09:49:30 | 000,269,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (AvgLdx64)
DRV:64bit: - [2010/06/24 10:15:40 | 000,034,880 | ---- | M] (Connectify) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\connctfy.sys -- (connctfyMP)
DRV:64bit: - [2010/06/24 10:15:40 | 000,034,880 | ---- | M] (Connectify) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\connctfy.sys -- (connctfy)
DRV:64bit: - [2010/06/02 09:01:29 | 000,035,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (AvgMfx64)
DRV:64bit: - [2010/05/27 22:32:56 | 000,320,560 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/04/19 20:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/10/30 13:02:26 | 000,033,336 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MP4ConverterAudio.sys -- (MP4ConverterAudio)
DRV:64bit: - [2009/10/09 22:41:20 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/09/14 11:31:54 | 000,734,720 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV:64bit: - [2009/07/13 21:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 21:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/25 06:51:00 | 000,207,872 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/02/26 17:56:15 | 000,868,848 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2008/12/04 13:48:52 | 000,407,064 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2008/05/09 11:08:40 | 000,213,120 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nwusbser2.sys -- (NWUSBPort2)
DRV:64bit: - [2008/05/09 11:08:40 | 000,213,120 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nwusbser.sys -- (NWUSBPort)
DRV:64bit: - [2008/05/09 11:08:40 | 000,213,120 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nwusbmdm.sys -- (NWUSBModem)
DRV:64bit: - [2007/10/31 18:44:38 | 003,197,440 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETw4v64.sys -- (NETw4v64) Intel(R)
DRV:64bit: - [2007/09/18 09:12:34 | 000,095,784 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2007/08/22 12:50:34 | 001,792,640 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2007/08/08 17:39:46 | 000,060,928 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2007/07/27 19:45:52 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2007/07/26 20:33:54 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2007/07/23 09:23:58 | 000,029,696 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem)
DRV:64bit: - [2007/07/23 09:23:58 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag)
DRV:64bit: - [2007/07/23 09:23:56 | 000,016,896 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus)
DRV:64bit: - [2007/07/11 13:30:34 | 000,009,088 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqRemHid.sys -- (HpqRemHid)
DRV:64bit: - [2007/06/18 20:13:12 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2007/05/14 17:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2007/01/17 09:48:30 | 001,455,616 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\smserial.sys -- (smserial)
DRV - [2007/02/07 14:27:46 | 000,014,104 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://hp-laptop.aol.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.845
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.6
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 49
FF - prefs.js..extensions.enabledItems: [email protected]:1.1
FF - prefs.js..extensions.enabledItems: [email protected]:0.9.8
FF - prefs.js..extensions.enabledItems: [email protected]:5.0.0.3790
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8
FF - prefs.js..extensions.enabledItems: {582195F5-92E7-40a0-A127-DB71295901D7}:0.6
FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.071101000055
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.2.3
FF - prefs.js..extensions.enabledItems: TFToolbarX@torrent-finder:1.2.5
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100503
FF - prefs.js..extensions.enabledItems: {37fa1426-b82d-11db-8314-0800200c9a66}:2.5.6
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:1.6
FF - prefs.js..extensions.enabledItems: {99E00A4C-D35E-11DD-BA95-9B6A56D89593}:2.2
FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:0.9.5.2
FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.30
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..network.proxy.type: 4

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG9\Firefox [2010/07/21 09:33:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ [2009/11/06 17:37:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files (x86)\Google\Google Gears\Firefox\ [2010/03/04 21:02:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.14\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox 2.0\components [2010/04/02 13:21:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.14\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox 2.0\plugins [2010/07/21 22:03:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/07/29 11:12:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/07/29 11:12:45 | 000,000,000 | ---D | M]

[2009/10/23 16:42:53 | 000,000,000 | ---D | M] -- C:\Users\Lj\AppData\Roaming\Mozilla\Extensions
[2010/08/26 08:35:46 | 000,000,000 | ---D | M] -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions
[2010/04/30 23:13:23 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/08/18 23:45:21 | 000,000,000 | ---D | M] (WebMail Notifier) -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}
[2010/08/24 00:46:16 | 000,000,000 | ---D | M] (Old Lockerz Wave Updater Toolbar) -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\{540cb5e5-8508-4f09-a16b-d36b2b28e74c}
[2010/01/28 10:40:58 | 000,000,000 | ---D | M] (Gmail Manager) -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\{582195F5-92E7-40a0-A127-DB71295901D7}
[2010/08/24 00:46:15 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2009/10/23 16:43:00 | 000,000,000 | ---D | M] (IE Tab) -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2010/07/18 15:21:59 | 000,000,000 | ---D | M] (ReloadEvery) -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}
[2010/07/15 10:22:12 | 000,000,000 | ---D | M] (ooVoo Toolbar) -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\{99E00A4C-D35E-11DD-BA95-9B6A56D89593}
[2010/05/11 19:53:13 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010/07/28 00:29:43 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/08/18 01:06:07 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/07/16 00:36:39 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010/05/30 08:52:44 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2010/08/18 23:45:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2009/11/20 23:50:44 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010/04/23 18:41:30 | 000,000,000 | ---D | M] -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\[email protected]
[2010/06/03 15:20:55 | 000,000,000 | ---D | M] -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\[email protected]
[2009/12/01 13:10:10 | 000,000,000 | ---D | M] -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\[email protected]
[2009/10/23 16:42:54 | 000,000,000 | ---D | M] -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\[email protected]
[2010/08/24 23:24:38 | 000,000,000 | ---D | M] -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\[email protected]
[2009/10/23 16:42:56 | 000,000,000 | ---D | M] -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\[email protected]
[2010/08/24 23:24:38 | 000,000,000 | ---D | M] -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\[email protected]
[2009/10/28 01:29:15 | 000,000,000 | ---D | M] -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\TFToolbarX@torrent-finder
[2010/08/26 08:35:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/04/21 17:13:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/19 05:14:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/01/13 18:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll

O1 HOSTS File: ([2010/08/08 10:21:39 | 000,416,086 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1   www.007guard.com
O1 - Hosts: 127.0.0.1   007guard.com
O1 - Hosts: 127.0.0.1   008i.com
O1 - Hosts: 127.0.0.1   www.008k.com
O1 - Hosts: 127.0.0.1   008k.com
O1 - Hosts: 127.0.0.1   www.00hq.com
O1 - Hosts: 127.0.0.1   00hq.com
O1 - Hosts: 127.0.0.1   010402.com
O1 - Hosts: 127.0.0.1   www.032439.com
O1 - Hosts: 127.0.0.1   032439.com
O1 - Hosts: 127.0.0.1   www.0scan.com
O1 - Hosts: 127.0.0.1   0scan.com
O1 - Hosts: 127.0.0.1   www.1000gratisproben.com
O1 - Hosts: 127.0.0.1   1000gratisproben.com
O1 - Hosts: 127.0.0.1   www.1001namen.com
O1 - Hosts: 127.0.0.1   1001namen.com
O1 - Hosts: 127.0.0.1   100888290cs.com
O1 - Hosts: 127.0.0.1   www.100888290cs.com
O1 - Hosts: 127.0.0.1   100sexlinks.com
O1 - Hosts: 127.0.0.1   www.100sexlinks.com
O1 - Hosts: 127.0.0.1   10sek.com
O1 - Hosts: 127.0.0.1   www.10sek.com
O1 - Hosts: 127.0.0.1   www.1-2005-search.com
O1 - Hosts: 14365 more lines...
O2:64bit: - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Updater For ooVoo Toolbar) - {442AE524-EBA5-4b17-82F3-888D68BC999A} - C:\Program Files (x86)\oovootb\auxi\oovooAu.dll (Visicom Media)
O2 - BHO: (no name) - {99E00A4C-D35E-11DD-BA95-9B6A56D89593} - No CLSID value found.
O2 - BHO: (ooVoo Toolbar) - {A1FB2F9A-D35E-11DD-8935-E46A56D89593} - C:\Program Files (x86)\oovootb\oovoodx.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (ooVoo Toolbar) - {A1FB2F9A-D35E-11DD-8935-E46A56D89593} - C:\Program Files (x86)\oovootb\oovoodx.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files (x86)\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [boincmgr] C:\Program Files (x86)\BOINC\boincmgr.exe (Space Sciences Laboratory)
O4 - HKLM..\Run: [boinctray] C:\Program Files (x86)\BOINC\boinctray.exe (Space Sciences Laboratory)
O4 - HKLM..\Run: [DpAgent] C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe (DigitalPersona, Inc.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [Connectify] C:\Program Files (x86)\Connectify\Connectify.exe (Connectify)
O4 - HKCU..\Run: [ISUSPM] D:\FNC60_COMMON.6ED28686_7B19_420C_B255_5B6C1BD2C705\ISUSPM.exe (Macrovision Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Users\Lj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe (Almico Software (www.almico.com))
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Rip YouTube File - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files (x86)\MP4-Converter\YouTubeRipper.dll ()
O9 - Extra 'Tools' menuitem : Rip YouTube file embedded in this page - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files (x86)\MP4-Converter\YouTubeRipper.dll ()
O9 - Extra Button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - c:\Program Files (x86)\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: real.com ([rhap-app-4-0] https in Trusted sites)
O15 - HKCU\..Trusted Domains: real.com ([rhapreg] https in Trusted sites)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (avgrssta.dll) - C:\Windows\SysNative\avgrssta.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop WallPaper: C:\Users\Lj\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Lj\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/09/11 11:18:54 | 000,000,340 | -HS- | M] () - E:\AUTOMODE -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/08/26 10:52:46 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Lj\Desktop\OTL.exe
[2010/08/24 16:02:36 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2010/08/19 21:08:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Software Update Utility
[2010/08/19 05:14:51 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010/08/19 05:14:51 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010/08/19 05:14:51 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010/08/19 05:13:00 | 000,874,272 | ---- | C] (Sun Microsystems, Inc.) -- C:\Users\Lj\Desktop\jxpiinstall.exe
[2010/08/18 01:38:26 | 000,000,000 | ---D | C] -- C:\Users\Lj\AppData\Roaming\QuickScan
[2010/08/18 01:27:03 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Lj\Desktop\HijackThis.exe
[2010/08/12 18:43:22 | 005,507,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010/08/12 18:43:21 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2010/08/12 18:43:21 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2010/08/12 18:43:11 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010/08/12 18:43:10 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010/08/12 18:43:10 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010/08/12 18:43:10 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010/08/12 18:43:10 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010/08/12 18:43:10 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010/08/12 18:43:08 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2010/08/12 18:43:08 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[2010/08/12 18:43:07 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2010/07/31 14:51:35 | 000,000,000 | ---D | C] -- C:\Users\Lj\Desktop\wpsm54g_v20
[2010/07/27 23:27:38 | 000,000,000 | ---D | C] -- C:\Users\Lj\AppData\Roaming\vlc
[2008/06/24 22:57:18 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Lj\AppData\Roaming\pcouffin.sys
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/08/26 10:58:57 | 008,650,752 | -HS- | M] () -- C:\Users\Lj\NTUSER.DAT
[2010/08/26 10:54:27 | 000,000,000 | ---- | M] () -- C:\Users\Lj\AppData\Local\prvlcl.dat
[2010/08/26 10:52:54 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Lj\Desktop\OTL.exe
[2010/08/26 10:41:32 | 000,009,728 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/08/26 10:41:32 | 000,009,728 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/08/26 10:39:10 | 000,720,488 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/08/26 10:39:10 | 000,619,502 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/08/26 10:39:10 | 000,105,646 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/08/26 10:36:34 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010/08/26 10:33:03 | 000,000,253 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2010/08/26 10:32:50 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/08/26 10:32:44 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/08/26 10:32:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/08/26 10:32:15 | 3219,988,480 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/26 10:01:58 | 002,529,048 | -H-- | M] () -- C:\Users\Lj\AppData\Local\IconCache.db
[2010/08/26 09:21:10 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/08/26 08:40:16 | 063,903,826 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm
[2010/08/22 21:10:43 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010/08/21 18:26:34 | 071,486,012 | ---- | M] () -- C:\Users\Lj\Desktop\MEGAVIDEO_-_I_m_watching_it.flv
[2010/08/21 14:20:53 | 000,000,322 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForLj.job
[2010/08/19 21:08:53 | 000,001,039 | -H-- | M] () -- C:\IPH.PH
[2010/08/19 05:13:01 | 000,874,272 | ---- | M] (Sun Microsystems, Inc.) -- C:\Users\Lj\Desktop\jxpiinstall.exe
[2010/08/18 01:27:03 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Lj\Desktop\HijackThis.exe
[2010/08/13 00:27:16 | 000,357,352 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/08/11 23:50:28 | 000,307,200 | ---- | M] (Koyote Soft - http://www.koyotesoft.com) -- C:\Windows\SysWow64\TubeFinder.exe
[2010/08/08 10:21:39 | 000,416,086 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2010/08/08 10:18:46 | 000,000,973 | ---- | M] () -- C:\Users\Lj\Desktop\CCleaner.lnk
[2010/08/04 03:01:14 | 000,151,060 | ---- | M] () -- C:\Users\Lj\Desktop\Carter.jpg
[2010/08/01 12:03:52 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2010/07/29 11:18:31 | 000,002,515 | ---- | M] () -- C:\Users\Lj\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2010/07/29 11:18:31 | 000,002,491 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2010/07/29 11:12:48 | 000,001,929 | ---- | M] () -- C:\Users\Lj\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/07/29 11:12:48 | 000,001,905 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/07/29 02:30:34 | 000,082,944 | ---- | M] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/08/21 18:10:41 | 071,486,012 | ---- | C] () -- C:\Users\Lj\Desktop\MEGAVIDEO_-_I_m_watching_it.flv
[2010/08/20 10:21:42 | 000,000,322 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForLj.job
[2010/08/03 23:44:04 | 000,151,060 | ---- | C] () -- C:\Users\Lj\Desktop\Carter.jpg
[2010/07/31 13:34:42 | 001,048,576 | ---- | C] () -- C:\Users\Lj\Desktop\WPSM54G_v1019.bin
[2010/07/29 11:18:31 | 000,002,515 | ---- | C] () -- C:\Users\Lj\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2010/07/29 11:18:31 | 000,002,491 | ---- | C] () -- C:\Users\Public\Desktop\Safari.lnk
[2010/07/29 11:12:48 | 000,001,905 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/06/12 12:05:09 | 000,000,492 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2010/03/20 01:07:58 | 000,000,000 | ---- | C] () -- C:\Users\Lj\AppData\Local\prvlcl.dat
[2010/02/17 22:47:22 | 000,000,000 | ---- | C] () -- C:\Users\Lj\AppData\Local\QSwitch.txt
[2010/02/17 22:47:22 | 000,000,000 | ---- | C] () -- C:\Users\Lj\AppData\Local\DSwitch.txt
[2010/02/17 22:47:22 | 000,000,000 | ---- | C] () -- C:\Users\Lj\AppData\Local\AtStart.txt
[2010/02/01 17:56:03 | 000,004,608 | ---- | C] () -- C:\Users\Lj\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/23 17:08:30 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/30 23:26:10 | 000,000,510 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2009/06/01 14:36:09 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/02/28 00:25:48 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2008/08/22 14:08:02 | 000,870,128 | ---- | C] () -- C:\Users\Lj\AppData\Roaming\mcs.rma
[2008/08/22 14:08:02 | 000,000,004 | ---- | C] () -- C:\Users\Lj\AppData\Roaming\7B892B
[2008/06/24 23:19:08 | 000,000,668 | ---- | C] () -- C:\Users\Lj\AppData\Roaming\vso_ts_preview.xml
[2008/06/24 22:57:57 | 000,000,034 | ---- | C] () -- C:\Users\Lj\AppData\Roaming\pcouffin.log
[2008/06/24 22:57:18 | 000,099,384 | ---- | C] () -- C:\Users\Lj\AppData\Roaming\inst.exe
[2008/06/24 22:57:18 | 000,007,859 | ---- | C] () -- C:\Users\Lj\AppData\Roaming\pcouffin.cat
[2008/06/24 22:57:18 | 000,001,167 | ---- | C] () -- C:\Users\Lj\AppData\Roaming\pcouffin.inf
[2008/06/03 14:45:07 | 000,083,586 | ---- | C] () -- C:\Users\Lj\AppData\Roaming\nvModes.001
[2008/06/03 14:44:46 | 000,083,586 | ---- | C] () -- C:\Users\Lj\AppData\Roaming\nvModes.dat
[2006/05/19 04:39:58 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini

========== Alternate Data Streams ==========

@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:5C321E34
< End of report >

Ran the scan twice but never got the "Extras" file, am I doing something wrong, I followed your instructions to the letter.

Ty

Tech Clinic / BSOD and freezing comp

« on: August 18, 2010, 12:35:21 AM »

So I've been getting a BSOD at startup when i scan my finger to access my computer, doesn't happen every time and hasn't happened when i manually put in my password but I only typed the password once.

BSOD says " KERNAL_DATA_INPASE(maybe INPASS)_ERROR

Also I just got a BSOD while using my computer. It froze and gave me this "A process or thread crucial to system operation has unexpectedly exited or been terminated"

When I restarted my computer it said "operating system not found" reset it again and it came back.

When it freezes its not completely stuck the applications freeze, the mouse works and i can watch something running like my sidebar or task manager. Also this doesn't happen every time I run my computer. Lastly I ran AVG updated it first and found nothing.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:28:34 AM, on 8/18/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Windows Sidebar\sidebar.exe
D:\FNC60_COMMON.6ED28686_7B19_420C_B255_5B6C1BD2C705\ISUSPM.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Connectify\Connectify.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\SpeedFan\speedfan.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\HP\QuickPlay\QPService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files (x86)\AVG\AVG9\avgtray.exe
C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\BOINC\boincmgr.exe
C:\Program Files (x86)\BOINC\boinctray.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files (x86)\BOINC\boinc.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Users\Lj\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hp-laptop.aol.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: DigitalPersona Personal Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll
O2 - BHO: Updater For ooVoo Toolbar - {442AE524-EBA5-4b17-82F3-888D68BC999A} - C:\Program Files (x86)\oovootb\auxi\oovooAu.dll
O2 - BHO: (no name) - {99E00A4C-D35E-11DD-BA95-9B6A56D89593} - (no file)
O2 - BHO: ooVoo Toolbar - {A1FB2F9A-D35E-11DD-8935-E46A56D89593} - C:\Program Files (x86)\oovootb\oovoodx.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: ooVoo Toolbar - {A1FB2F9A-D35E-11DD-8935-E46A56D89593} - C:\Program Files (x86)\oovootb\oovoodx.dll
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files (x86)\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [DpAgent] C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\1.0"
O4 - HKLM\..\Run: [boincmgr] "C:\Program Files (x86)\BOINC\boincmgr.exe" /a /s
O4 - HKLM\..\Run: [boinctray] "C:\Program Files (x86)\BOINC\boinctray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [ISUSPM] D:\FNC60_COMMON.6ED28686_7B19_420C_B255_5B6C1BD2C705\ISUSPM.exe -scheduler
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Connectify] C:\Program Files (x86)\Connectify\Connectify.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Rip YouTube File - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files (x86)\MP4-Converter\YouTubeRipper.dll
O9 - Extra 'Tools' menuitem: Rip YouTube file embedded in this page - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files (x86)\MP4-Converter\YouTubeRipper.dll
O9 - Extra button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - c:\Program Files (x86)\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files (x86)\Fingerprint Sensor\AtService.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: Connectify - Connectify - C:\Program Files (x86)\Connectify\ConnectifyService.exe
O23 - Service: @C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Google Update Service (gupdate1c9652664107e92) (gupdate1c9652664107e92) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: SlingAgentService - Sling Media Inc. - C:\Program Files (x86)\Sling Media\SlingAgent\SlingAgentService.exe
O23 - Service: SMServer - SMServer - C:\Windows\SysWOW64\snmvtsvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15132 bytes

Please help, ty

Tech Clinic / Keep getting BSOD

« on: March 22, 2010, 10:37:24 PM »

got it, great...

DRIVER IRQL NOT LESS OR EQUAL

Tech Clinic / Keep getting BSOD

« on: March 21, 2010, 11:51:55 PM »

Yes it does restart, I changed the settings so I'll let you know what the error message is next time.

Tech Clinic / Keep getting BSOD

« on: March 21, 2010, 09:17:45 PM »

OTL logfile created on: 3/21/2010 10:09:45 PM - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Users\Lj\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 59.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 98.47 Gb Total Space | 37.95 Gb Free Space | 38.54% Space Free | Partition Type: NTFS
Drive D: | 111.79 Gb Total Space | 18.61 Gb Free Space | 16.65% Space Free | Partition Type: NTFS
Drive E: | 13.31 Gb Total Space | 2.39 Gb Free Space | 17.97% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 931.28 Gb Total Space | 665.91 Gb Free Space | 71.51% Space Free | Partition Type: FAT32
I: Drive not present or media not loaded

Computer Name: LJS_LAPPY
Current User Name: Lj
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=\"#E56717\"]========== Processes (SafeList) ==========[/color]

PRC - [2010/03/21 21:39:05 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Users\Lj\Desktop\OTL.exe
PRC - [2010/03/18 08:01:48 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.2.183.23\GoogleCrashHandler.exe
PRC - [2010/03/13 14:17:49 | 002,059,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgtray.exe
PRC - [2010/03/13 14:17:44 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
PRC - [2010/03/13 14:17:42 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgemc.exe
PRC - [2010/03/13 14:17:41 | 000,710,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe
PRC - [2009/11/06 17:58:02 | 004,793,088 | ---- | M] (Space Sciences Laboratory) -- C:\Program Files (x86)\BOINC\boincmgr.exe
PRC - [2009/11/06 17:58:02 | 000,058,112 | ---- | M] (Space Sciences Laboratory) -- C:\Program Files (x86)\BOINC\boinctray.exe
PRC - [2009/11/06 17:58:00 | 000,783,104 | ---- | M] (Space Sciences Laboratory) -- C:\Program Files (x86)\BOINC\boinc.exe
PRC - [2009/09/29 09:52:54 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
PRC - [2009/09/29 09:52:52 | 000,842,816 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe
PRC - [2009/09/11 14:51:48 | 001,811,704 | ---- | M] (AuthenTec, Inc.) -- C:\Program Files (x86)\Fingerprint Sensor\AtService.exe
PRC - [2009/04/27 18:09:52 | 000,093,960 | ---- | M] (Sling Media Inc.) -- C:\Program Files (x86)\Sling Media\SlingAgent\SlingAgentService.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/12/04 14:00:26 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/12/04 14:00:20 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007/09/05 16:45:32 | 000,014,376 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2007/03/29 18:41:26 | 000,222,128 | ---- | M] (Macrovision Corporation) -- D:\FNC60_COMMON.6ED28686_7B19_420C_B255_5B6C1BD2C705\ISUSPM.exe

[color=\"#E56717\"]========== Modules (SafeList) ==========[/color]

MOD - [2010/03/21 21:39:05 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Users\Lj\Desktop\OTL.exe
MOD - [2009/09/29 09:52:54 | 000,502,848 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpOFeedb.dll
MOD - [2009/09/29 09:52:54 | 000,363,584 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpOSet.dll
MOD - [2009/07/13 21:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2009/07/13 21:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll

[color=\"#E56717\"]========== Win32 Services (SafeList) ==========[/color]

SRV:64bit: - [2010/03/03 08:09:02 | 001,255,736 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV:64bit: - [2009/07/13 21:41:59 | 000,229,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wwansvc.dll -- (WwanSvc)
SRV:64bit: - [2009/07/13 21:41:56 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbiosrvc.dll -- (WbioSrvc)
SRV:64bit: - [2009/07/13 21:41:56 | 000,163,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpo.dll -- (Power)
SRV:64bit: - [2009/07/13 21:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2009/07/13 21:41:54 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sppuinotify.dll -- (sppuinotify)
SRV:64bit: - [2009/07/13 21:41:54 | 000,029,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sensrsvc.dll -- (SensrSvc)
SRV:64bit: - [2009/07/13 21:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\pnrpsvc.dll -- (PNRPsvc)
SRV:64bit: - [2009/07/13 21:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\pnrpsvc.dll -- (p2pimsvc)
SRV:64bit: - [2009/07/13 21:41:53 | 000,187,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\provsvc.dll -- (HomeGroupProvider)
SRV:64bit: - [2009/07/13 21:41:53 | 000,067,072 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\RpcEpMap.dll -- (RpcEptMapper)
SRV:64bit: - [2009/07/13 21:41:53 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpauto.dll -- (PNRPAutoReg)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:41:18 | 000,231,936 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ListSvc.dll -- (HomeGroupListener)
SRV:64bit: - [2009/07/13 21:40:54 | 001,127,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:64bit: - [2009/07/13 21:40:28 | 000,314,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2009/07/13 21:40:28 | 000,291,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\defragsvc.dll -- (defragsvc)
SRV:64bit: - [2009/07/13 21:40:13 | 000,083,968 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\bthserv.dll -- (bthserv)
SRV:64bit: - [2009/07/13 21:40:10 | 000,100,864 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\bdesvc.dll -- (BDESVC)
SRV:64bit: - [2009/07/13 21:40:05 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AxInstSv.dll -- (AxInstSV)
SRV:64bit: - [2009/07/13 21:40:01 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appidsvc.dll -- (AppIDSvc)
SRV:64bit: - [2009/07/13 21:39:51 | 001,503,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbengine.exe -- (wbengine)
SRV:64bit: - [2009/07/13 21:39:28 | 003,524,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\sppsvc.exe -- (sppsvc)
SRV:64bit: - [2009/07/13 21:39:11 | 000,689,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FXSSVC.exe -- (Fax)
SRV - [2010/03/13 14:17:44 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/03/13 14:17:42 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2009/11/06 10:20:16 | 000,051,168 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus®
SRV - [2009/10/30 09:09:52 | 000,249,856 | ---- | M] (SMServer) [On_Demand | Stopped] -- C:\Windows\SysWOW64\snmvtsvc.exe -- (SMServer)
SRV - [2009/09/29 09:52:54 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe -- (DpHost)
SRV - [2009/09/11 14:51:48 | 001,811,704 | ---- | M] (AuthenTec, Inc.) [Auto | Running] -- C:\Program Files (x86)\Fingerprint Sensor\AtService.exe -- (ATService)
SRV - [2009/07/13 23:20:14 | 000,000,000 | ---D | M] [On_Demand | Stopped] -- C:\Windows\Vss -- (VSS)
SRV - [2009/07/13 23:20:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2009/07/13 21:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/07/13 21:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV - [2009/07/13 16:30:11 | 000,061,056 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2009/06/10 16:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2009/04/27 18:09:52 | 000,093,960 | ---- | M] (Sling Media Inc.) [Auto | Running] -- C:\Program Files (x86)\Sling Media\SlingAgent\SlingAgentService.exe -- (SlingAgentService)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/12/04 14:00:26 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2007/10/25 15:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc)
SRV - [2007/10/18 11:31:54 | 000,098,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Live\Messenger\usnsvc.exe -- (usnjsvc)
SRV - [2007/03/05 13:30:06 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb)

[color=\"#E56717\"]========== Driver Services (SafeList) ==========[/color]

DRV:64bit: - [2010/03/13 14:17:48 | 000,316,936 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (AvgTdiA)
DRV:64bit: - [2010/03/13 14:17:47 | 000,035,464 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (AvgMfx64)
DRV:64bit: - [2010/03/13 14:17:42 | 000,269,320 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (AvgLdx64)
DRV:64bit: - [2009/10/30 13:02:26 | 000,033,336 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MP4ConverterAudio.sys -- (MP4ConverterAudio)
DRV:64bit: - [2009/09/14 11:31:54 | 000,734,720 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV:64bit: - [2009/07/13 21:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 21:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,153,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecpkg.sys -- (KSecPkg)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:48:04 | 000,014,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hwpolicy.sys -- (hwpolicy)
DRV:64bit: - [2009/07/13 21:47:49 | 000,055,376 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fsdepends.sys -- (FsDepends)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:56 | 000,022,096 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wimmount.sys -- (WIMMount)
DRV:64bit: - [2009/07/13 21:45:55 | 000,217,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhdmp.sys -- (vhdmp)
DRV:64bit: - [2009/07/13 21:45:55 | 000,036,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vdrvroot.sys -- (vdrvroot)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 21:45:46 | 000,214,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\rdyboost.sys -- (rdyboost)
DRV:64bit: - [2009/07/13 21:45:45 | 000,050,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pcw.sys -- (pcw)
DRV:64bit: - [2009/07/13 21:43:14 | 000,460,504 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\cng.sys -- (CNG)
DRV:64bit: - [2009/07/13 21:43:13 | 000,223,448 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fvevol.sys -- (fvevol)
DRV:64bit: - [2009/07/13 20:17:46 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpbus.sys -- (rdpbus)
DRV:64bit: - [2009/07/13 20:16:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV:64bit: - [2009/07/13 20:10:24 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV:64bit: - [2009/07/13 20:09:26 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wfplwf.sys -- (WfpLwf)
DRV:64bit: - [2009/07/13 20:08:13 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndiscap.sys -- (NdisCap)
DRV:64bit: - [2009/07/13 20:07:21 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vwifibus.sys -- (vwifibus)
DRV:64bit: - [2009/07/13 20:07:13 | 000,227,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\1394ohci.sys -- (1394ohci)
DRV:64bit: - [2009/07/13 20:07:00 | 000,118,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthpan.sys -- (BthPan) Bluetooth Device (Personal Area Network)
DRV:64bit: - [2009/07/13 20:06:57 | 000,551,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthport.sys -- (BTHPORT)
DRV:64bit: - [2009/07/13 20:06:56 | 000,158,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rfcomm.sys -- (RFCOMM) Bluetooth Device (RFCOMM Protocol TDI)
DRV:64bit: - [2009/07/13 20:06:53 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bthenum.sys -- (BthEnum)
DRV:64bit: - [2009/07/13 20:06:52 | 000,079,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BTHUSB.SYS -- (BTHUSB)
DRV:64bit: - [2009/07/13 20:06:52 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\umpass.sys -- (UmPass)
DRV:64bit: - [2009/07/13 20:06:24 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV:64bit: - [2009/07/13 20:05:37 | 000,112,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WUDFPf.sys -- (WudfPf)
DRV:64bit: - [2009/07/13 20:02:08 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MTConfig.sys -- (MTConfig)
DRV:64bit: - [2009/07/13 20:00:34 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CompositeBus.sys -- (CompositeBus)
DRV:64bit: - [2009/07/13 20:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\beep.sys -- (Beep)
DRV:64bit: - [2009/07/13 19:52:39 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\appid.sys -- (AppID)
DRV:64bit: - [2009/07/13 19:50:17 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\SysNative\drivers\scfilter.sys -- (scfilter)
DRV:64bit: - [2009/07/13 19:37:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\discache.sys -- (discache)
DRV:64bit: - [2009/07/13 19:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/07/13 19:31:06 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbatt.sys -- (HidBatt)
DRV:64bit: - [2009/07/13 19:31:03 | 000,017,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CmBatt.sys -- (CmBatt)
DRV:64bit: - [2009/07/13 19:27:17 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipmi.sys -- (AcpiPmi)
DRV:64bit: - [2009/07/13 19:19:25 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdppm.sys -- (AmdPPM)
DRV:64bit: - [2009/06/10 16:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel®
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/25 06:51:00 | 000,207,872 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/02/26 17:56:15 | 000,868,848 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2008/12/04 13:48:52 | 000,407,064 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2008/06/20 16:37:42 | 000,325,680 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2008/05/09 11:08:40 | 000,213,120 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nwusbser2.sys -- (NWUSBPort2)
DRV:64bit: - [2008/05/09 11:08:40 | 000,213,120 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nwusbser.sys -- (NWUSBPort)
DRV:64bit: - [2008/05/09 11:08:40 | 000,213,120 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nwusbmdm.sys -- (NWUSBModem)
DRV:64bit: - [2007/10/31 18:44:38 | 003,197,440 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETw4v64.sys -- (NETw4v64) Intel®
DRV:64bit: - [2007/08/22 12:50:34 | 001,792,640 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2007/08/08 17:39:46 | 000,060,928 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2007/07/27 19:45:52 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2007/07/26 20:33:54 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2007/07/23 09:23:58 | 000,029,696 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem)
DRV:64bit: - [2007/07/23 09:23:58 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag)
DRV:64bit: - [2007/07/23 09:23:56 | 000,016,896 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus)
DRV:64bit: - [2007/07/11 13:30:34 | 000,009,088 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqRemHid.sys -- (HpqRemHid)
DRV:64bit: - [2007/06/18 20:13:12 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2007/05/14 17:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2007/01/17 09:48:30 | 001,455,616 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\smserial.sys -- (smserial)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/13 21:16:02 | 000,014,336 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysWOW64\netbios.dll -- (NetBIOS)
DRV - [2009/06/10 17:28:14 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)
DRV - [2009/06/10 17:15:18 | 000,003,066 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip)
DRV - [2006/05/19 04:39:58 | 000,015,497 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\snp2uvc.ini -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)

[color=\"#E56717\"]========== Standard Registry (SafeList) ==========[/color]

[color=\"#E56717\"]========== Internet Explorer ==========[/color]

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=\"#E56717\"]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "igoogle.com"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.783
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.6
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 49
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:0.9.8
FF - prefs.js..extensions.enabledItems: [email protected]:5.0.0.3790
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.7
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.2
FF - prefs.js..extensions.enabledItems: [email protected]:0.2.2
FF - prefs.js..extensions.enabledItems: {582195F5-92E7-40a0-A127-DB71295901D7}:0.6
FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.071101000055
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.57
FF - prefs.js..extensions.enabledItems: TFToolbarX@torrent-finder:1.2.5
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20091028
FF - prefs.js..extensions.enabledItems: {37fa1426-b82d-11db-8314-0800200c9a66}:2.3.2
FF - prefs.js..extensions.enabledItems: [email protected]:3.5.10
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.8
FF - prefs.js..network.proxy.type: 4

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG9\Firefox [2010/03/13 23:26:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ [2009/11/06 17:37:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files (x86)\Google\Google Gears\Firefox\ [2010/03/04 21:02:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.14\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox 2.0\components [2010/02/16 21:31:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.14\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox 2.0\plugins [2010/02/16 21:32:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/03/08 13:36:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/02/16 21:32:13 | 000,000,000 | ---D | M]

[2009/10/23 16:42:53 | 000,000,000 | ---D | M] -- C:\Users\Lj\AppData\Roaming\Mozilla\Extensions
[2010/03/21 21:38:10 | 000,000,000 | ---D | M] -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions
[2009/10/23 16:42:59 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/03/14 15:20:07 | 000,000,000 | ---D | M] (WebMail Notifier) -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}
[2009/10/23 16:42:59 | 000,000,000 | ---D | M] (Gmail Notifier) -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\{44d0a1b4-9c90-4f86-ac92-8680b5d6549e}
[2010/01/28 10:40:58 | 000,000,000 | ---D | M] (Gmail Manager) -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\{582195F5-92E7-40a0-A127-DB71295901D7}
[2010/03/21 10:05:08 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2009/10/23 16:43:00 | 000,000,000 | ---D | M] (IE Tab) -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2009/10/23 16:43:00 | 000,000,000 | ---D | M] (Yahoo! Mail Notifier) -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\{89f8dde0-010a-11da-8cd6-0800200c9a66}
[2009/11/05 18:35:22 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010/03/21 10:05:07 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/01/08 00:17:43 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/01/29 10:24:18 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010/03/03 15:09:07 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2009/11/20 23:50:44 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010/01/05 18:13:46 | 000,000,000 | ---D | M] -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\[email protected]
[2009/12/01 13:10:10 | 000,000,000 | ---D | M] -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\[email protected]
[2009/10/23 16:42:54 | 000,000,000 | ---D | M] -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\[email protected]
[2009/11/09 15:20:55 | 000,000,000 | ---D | M] -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\[email protected]
[2010/03/04 10:24:39 | 000,000,000 | ---D | M] -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\[email protected]
[2009/10/23 16:42:56 | 000,000,000 | ---D | M] -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\[email protected]
[2009/10/28 01:29:15 | 000,000,000 | ---D | M] -- C:\Users\Lj\AppData\Roaming\Mozilla\Firefox\Profiles\wjruvjra.default\extensions\TFToolbarX@torrent-finder
[2010/03/21 21:38:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/01/13 18:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll

O1 HOSTS File: ([2010/02/26 02:18:21 | 000,380,358 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1   www.007guard.com
O1 - Hosts: 127.0.0.1   007guard.com
O1 - Hosts: 127.0.0.1   008i.com
O1 - Hosts: 127.0.0.1   www.008k.com
O1 - Hosts: 127.0.0.1   008k.com
O1 - Hosts: 127.0.0.1   www.00hq.com
O1 - Hosts: 127.0.0.1   00hq.com
O1 - Hosts: 127.0.0.1   010402.com
O1 - Hosts: 127.0.0.1   www.032439.com
O1 - Hosts: 127.0.0.1   032439.com
O1 - Hosts: 127.0.0.1   www.0scan.com
O1 - Hosts: 127.0.0.1   0scan.com
O1 - Hosts: 127.0.0.1   www.1000gratisproben.com
O1 - Hosts: 127.0.0.1   1000gratisproben.com
O1 - Hosts: 127.0.0.1   www.1001namen.com
O1 - Hosts: 127.0.0.1   1001namen.com
O1 - Hosts: 127.0.0.1   100888290cs.com
O1 - Hosts: 127.0.0.1   www.100888290cs.com
O1 - Hosts: 127.0.0.1   100sexlinks.com
O1 - Hosts: 127.0.0.1   www.100sexlinks.com
O1 - Hosts: 127.0.0.1   10sek.com
O1 - Hosts: 127.0.0.1   www.10sek.com
O1 - Hosts: 127.0.0.1   www.1-2005-search.com
O1 - Hosts: 13106 more lines...
O2:64bit: - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [POWER PLAN ASSISTANT] C:\Program Files\PowerPlanAssistant\PowerPlanAssistantLauncher.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files (x86)\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [boincmgr] C:\Program Files (x86)\BOINC\boincmgr.exe (Space Sciences Laboratory)
O4 - HKLM..\Run: [boinctray] C:\Program Files (x86)\BOINC\boinctray.exe (Space Sciences Laboratory)
O4 - HKLM..\Run: [DpAgent] C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe (DigitalPersona, Inc.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [ISUSPM] D:\FNC60_COMMON.6ED28686_7B19_420C_B255_5B6C1BD2C705\ISUSPM.exe (Macrovision Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Users\Lj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Power Plan Assistant.lnk = C:\Program Files\PowerPlanAssistant\PowerPlanAssistant.exe (www.powerplan7.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Rip YouTube File - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files (x86)\MP4-Converter\YouTubeRipper.dll ()
O9 - Extra 'Tools' menuitem : Rip YouTube file embedded in this page - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files (x86)\MP4-Converter\YouTubeRipper.dll ()
O9 - Extra Button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - c:\Program Files (x86)\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: real.com ([rhap-app-4-0] https in Trusted sites)
O15 - HKCU\..Trusted Domains: real.com ([rhapreg] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.254.1 167.206.254.2 192.168.1.1 167.206.254.1 167.206.254.2
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (avgrssta.dll) - C:\Windows\SysNative\avgrssta.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop WallPaper: C:\Users\Lj\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Lj\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/09/11 11:18:54 | 000,000,340 | -HS- | M] () - E:\AUTOMODE -- [ NTFS ]
O32 - AutoRun File - [2008/05/05 14:14:18 | 000,000,025 | R--- | M] () - H:\Autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=\"#E56717\"]========== Files/Folders - Created Within 30 Days ==========[/color]

[2010/03/21 21:39:05 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Users\Lj\Desktop\OTL.exe
[2010/03/21 19:25:09 | 000,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Users\Lj\Desktop\HijackThisInstaller.exe
[2010/03/19 13:14:44 | 000,000,000 | ---D | C] -- C:\Users\Lj\Desktop\767 - 300ER
[2010/03/13 14:17:47 | 000,012,976 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\avgrssta.dll
[2010/03/04 11:25:45 | 000,000,000 | ---D | C] -- C:\ProgramData\IBMERS
[2010/03/03 16:00:51 | 000,000,000 | ---D | C] -- C:\Users\Lj\Desktop\Catering Maps 03-03-10
[2010/03/03 08:09:06 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2010/03/03 08:09:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2010/02/25 13:42:36 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/02/25 13:42:35 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/02/24 03:08:01 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2010/02/24 03:08:01 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2010/02/24 03:08:01 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2010/02/24 03:08:01 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2010/02/24 03:08:01 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2010/02/24 03:08:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2010/02/24 03:07:57 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2010/02/24 03:07:57 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2010/02/24 03:07:55 | 000,960,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2010/02/24 03:07:55 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2010/02/24 03:07:55 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2010/02/24 03:07:55 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll
[2010/02/24 03:07:55 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2010/02/24 03:07:55 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2010/02/24 03:07:55 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2010/02/21 11:33:56 | 000,000,000 | ---D | C] -- C:\Users\Lj\Desktop\Tokyo
[2008/06/24 22:57:18 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Lj\AppData\Roaming\pcouffin.sys
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=\"#E56717\"]========== Files - Modified Within 30 Days ==========[/color]

[2010/03/21 22:12:17 | 008,126,464 | -HS- | M] () -- C:\Users\Lj\NTUSER.DAT
[2010/03/21 22:06:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/03/21 21:39:05 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Users\Lj\Desktop\OTL.exe
[2010/03/21 19:55:56 | 000,000,000 | ---- | M] () -- C:\Users\Lj\AppData\Local\prvlcl.dat
[2010/03/21 19:46:46 | 000,002,059 | ---- | M] () -- C:\Users\Lj\Desktop\HijackThis.lnk
[2010/03/21 19:25:10 | 000,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Users\Lj\Desktop\HijackThisInstaller.exe
[2010/03/21 19:07:32 | 000,000,253 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2010/03/21 19:07:18 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/03/21 19:07:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/03/21 16:12:30 | 000,009,728 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/03/21 16:12:30 | 000,009,728 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/03/21 16:07:33 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010/03/21 16:05:25 | 000,000,436 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2010/03/21 16:03:49 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/03/21 16:03:33 | 520,489,051 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/03/21 16:03:30 | 3219,988,480 | -HS- | M] () -- C:\hiberfil.sys
[2010/03/21 10:04:23 | 057,469,473 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm
[2010/03/21 00:49:57 | 004,363,422 | -H-- | M] () -- C:\Users\Lj\AppData\Local\IconCache.db
[2010/03/20 21:34:49 | 000,713,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/03/20 21:34:49 | 000,615,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/03/20 21:34:49 | 000,103,702 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/03/19 23:45:19 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010/03/19 15:39:51 | 000,000,322 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForLj.job
[2010/03/15 13:35:06 | 000,502,838 | ---- | M] () -- C:\Users\Lj\Desktop\SimplyNoise.com - Brown Noise.m4a
[2010/03/15 13:27:33 | 000,246,798 | ---- | M] () -- C:\Users\Lj\Desktop\Domestic_Galley_Manaul_Section_1_A320_Aircraft_Galley_Diagrams.pdf
[2010/03/13 14:17:48 | 000,316,936 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2010/03/13 14:17:47 | 000,035,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys
[2010/03/13 14:17:47 | 000,012,976 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\avgrssta.dll
[2010/03/13 14:17:42 | 000,269,320 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys
[2010/03/12 16:56:49 | 000,000,517 | ---- | M] () -- C:\Users\Lj\Desktop\Places and Numbers EP.m3u
[2010/03/08 15:02:41 | 000,246,928 | ---- | M] () -- C:\Users\Lj\Desktop\777LR_-_NRT_Atlas[1].pdf
[2010/03/08 15:01:02 | 000,534,246 | ---- | M] () -- C:\Users\Lj\Desktop\B777-232ER_NRT_50BC218YC_Eff_050108[1].pdf
[2010/03/08 14:54:19 | 000,253,843 | ---- | M] () -- C:\Users\Lj\Desktop\75E.pdf
[2010/03/08 14:53:13 | 000,157,986 | ---- | M] () -- C:\Users\Lj\Desktop\B767-400C.pdf
[2010/03/08 14:45:43 | 000,499,367 | ---- | M] () -- C:\Users\Lj\Desktop\B767-400_76D.pdf
[2010/03/04 23:19:56 | 000,899,284 | ---- | M] () -- C:\Users\Lj\Desktop\0304001719b.jpg
[2010/03/04 23:19:44 | 000,925,076 | ---- | M] () -- C:\Users\Lj\Desktop\0304001719a.jpg
[2010/03/04 23:19:30 | 000,981,460 | ---- | M] () -- C:\Users\Lj\Desktop\0304001719.jpg
[2010/03/03 22:29:04 | 001,775,463 | ---- | M] () -- C:\Users\Lj\Desktop\auto_damage_claim3.jpg
[2010/03/03 22:29:03 | 001,417,433 | ---- | M] () -- C:\Users\Lj\Desktop\auto_damage_claim2.jpg
[2010/03/03 22:29:02 | 001,195,880 | ---- | M] () -- C:\Users\Lj\Desktop\auto_damage_claim1.jpg
[2010/03/03 22:27:54 | 000,043,432 | ---- | M] () -- C:\Users\Lj\Desktop\auto_damage_claim.pdf
[2010/02/26 02:18:21 | 000,380,358 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2010/02/19 22:13:32 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=\"#E56717\"]========== Files Created - No Company Name ==========[/color]

[2010/03/21 19:46:46 | 000,002,059 | ---- | C] () -- C:\Users\Lj\Desktop\HijackThis.lnk
[2010/03/20 01:07:58 | 000,000,000 | ---- | C] () -- C:\Users\Lj\AppData\Local\prvlcl.dat
[2010/03/15 13:34:35 | 000,502,838 | ---- | C] () -- C:\Users\Lj\Desktop\SimplyNoise.com - Brown Noise.m4a
[2010/03/15 13:27:33 | 000,246,798 | ---- | C] () -- C:\Users\Lj\Desktop\Domestic_Galley_Manaul_Section_1_A320_Aircraft_Galley_Diagrams.pdf
[2010/03/12 16:56:49 | 000,000,517 | ---- | C] () -- C:\Users\Lj\Desktop\Places and Numbers EP.m3u
[2010/03/08 15:02:41 | 000,246,928 | ---- | C] () -- C:\Users\Lj\Desktop\777LR_-_NRT_Atlas[1].pdf
[2010/03/08 15:01:02 | 000,534,246 | ---- | C] () -- C:\Users\Lj\Desktop\B777-232ER_NRT_50BC218YC_Eff_050108[1].pdf
[2010/03/08 14:54:19 | 000,253,843 | ---- | C] () -- C:\Users\Lj\Desktop\75E.pdf
[2010/03/08 14:53:13 | 000,157,986 | ---- | C] () -- C:\Users\Lj\Desktop\B767-400C.pdf
[2010/03/08 14:45:43 | 000,499,367 | ---- | C] () -- C:\Users\Lj\Desktop\B767-400_76D.pdf
[2010/03/08 14:30:47 | 000,981,460 | ---- | C] () -- C:\Users\Lj\Desktop\0304001719.jpg
[2010/03/08 14:30:47 | 000,925,076 | ---- | C] () -- C:\Users\Lj\Desktop\0304001719a.jpg
[2010/03/08 14:30:47 | 000,899,284 | ---- | C] () -- C:\Users\Lj\Desktop\0304001719b.jpg
[2010/03/03 22:29:21 | 001,775,463 | ---- | C] () -- C:\Users\Lj\Desktop\auto_damage_claim3.jpg
[2010/03/03 22:29:18 | 001,417,433 | ---- | C] () -- C:\Users\Lj\Desktop\auto_damage_claim2.jpg
[2010/03/03 22:29:18 | 001,195,880 | ---- | C] () -- C:\Users\Lj\Desktop\auto_damage_claim1.jpg
[2010/03/03 22:27:53 | 000,043,432 | ---- | C] () -- C:\Users\Lj\Desktop\auto_damage_claim.pdf
[2010/02/26 14:46:17 | 520,489,051 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/02/17 22:47:22 | 000,000,000 | ---- | C] () -- C:\Users\Lj\AppData\Local\QSwitch.txt
[2010/02/17 22:47:22 | 000,000,000 | ---- | C] () -- C:\Users\Lj\AppData\Local\DSwitch.txt
[2010/02/17 22:47:22 | 000,000,000 | ---- | C] () -- C:\Users\Lj\AppData\Local\AtStart.txt
[2010/02/01 17:56:03 | 000,004,608 | ---- | C] () -- C:\Users\Lj\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/23 17:08:52 | 000,083,586 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/10/23 17:08:52 | 000,083,586 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/10/23 17:08:30 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/30 23:26:10 | 000,000,510 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2009/06/01 14:36:09 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/02/28 00:25:48 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2008/08/22 14:08:02 | 000,870,128 | ---- | C] () -- C:\Users\Lj\AppData\Roaming\mcs.rma
[2008/08/22 14:08:02 | 000,000,004 | ---- | C] () -- C:\Users\Lj\AppData\Roaming\7B892B
[2008/06/24 23:19:08 | 000,000,668 | ---- | C] () -- C:\Users\Lj\AppData\Roaming\vso_ts_preview.xml
[2008/06/24 22:57:57 | 000,

Tech Clinic / Keep getting BSOD

« on: March 21, 2010, 09:15:24 PM »

Extras.txt

OTL Extras logfile created on: 3/21/2010 10:09:45 PM - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Users\Lj\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 59.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 98.47 Gb Total Space | 37.95 Gb Free Space | 38.54% Space Free | Partition Type: NTFS
Drive D: | 111.79 Gb Total Space | 18.61 Gb Free Space | 16.65% Space Free | Partition Type: NTFS
Drive E: | 13.31 Gb Total Space | 2.39 Gb Free Space | 17.97% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 931.28 Gb Total Space | 665.91 Gb Free Space | 71.51% Space Free | Partition Type: FAT32
I: Drive not present or media not loaded

Computer Name: LJS_LAPPY
Current User Name: Lj
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=\"#E56717\"]========== Extra Registry (SafeList) ==========[/color]

[color=\"#E56717\"]========== File Associations ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=\"#E56717\"]========== Shell Spawning ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=\"#E56717\"]========== Security Center Settings ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=\"#E56717\"]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files (x86)\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- (EarthLink, Inc.)
"C:\Program Files (x86)\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files (x86)\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- (EarthLink, Inc.)

[color=\"#E56717\"]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.5500
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{11192F89-510C-4E23-A62A-D3BEA9139596}" = HP QuickTouch 1.00 C3
"{17E02F38-FF2D-4c3d-83DF-ECE2A1D20A5E}" = AIO_CDB_ToolboxIni64
"{209CDA54-D390-46A2-A97C-7BF61734418D}" = WeatherBug Gadget
"{39107B20-EA1C-4974-881C-607300BB3C99}" = MobileMe Control Panel
"{3F5D0650-63D7-4850-A87E-9A934962511C}" = DigitalPersona Personal 4.11
"{84BC87D4-0480-4E10-B15D-1E7886D55180}" = iTunes
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = IntelÂ® Matrix Storage Manager
"{9301985B-D116-4A93-A93D-94580084FF86}" = 64 Bit HP CIO Components Installer
"{9EFC40E3-5F31-4F75-8445-286273F74D8E}" = Apple Mobile Device Support
"{9F560BEB-021F-43AC-825F-AA60442D8DE4}" = 64 Bit HP CIO Components Installer
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B80CC46C-5839-4A48-B051-3CACF23A2718}_is1" = Eraser 5.86
"{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}" = HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B
"{DAE239CE-EB9D-4EB3-B0D4-528D6BAA48FD}" = Bonjour
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"HPOCR" = HP OCR Software 8.0
"NVIDIA Drivers" = NVIDIA Drivers
"SMSERIAL" = Motorola SM56 Data Fax Modem
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{021C4C4F-C93C-4425-BFFD-C2D16776BFAE}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{06E74B9B-631F-4378-BF3A-40D868450C05}" = HPPhotoSmartPhotobookHolidayPack1
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{082F8ABA-84D5-4837-9DFC-F365D91A07D4}" = HP Smart Web Printing
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{17271AB7-D7EC-4a95-9861-FAFE5A4664AD}" = 6300Trb
"{172AEB5E-CBB2-4CDD-A4CF-388600825839}" = HPPhotoSmartPhotobookPlayfulPack1
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{2284D904-C138-4B58-93EC-5C362AB5130A}" = The Simsâ„¢ Life Stories
"{250E9609-E830-43EB-B379-DAB7546A2422}" = muvee autoProducer 6.1
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{25771101-7948-4591-ABF3-B1ECE7A7F45F}" = HP Update
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java(tm) 6 Update 17
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{2FA41EBB-3F5A-35C3-85D6-51EC72A11FBD}" = Google Gears
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(tm) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(tm) 6 Update 7
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.30 E1
"{3522CB4C-4B0F-4914-8774-51C5C254B1CE}_is1" = CSMenu 1.0
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{38EAC694-0D90-445F-8C17-8B50ADFE3162}" = Slingbox Flash Tour
"{39CB30DB-27F8-4dd4-A294-CB4AE3B584FD}" = Copy
"{3D08333C-C366-425D-8C2D-D05630D68A46}" = SlingPlayer
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.6
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{4D12D805-50B2-4287-B3B9-AD4D74F85693}" = BOINC
"{508CE775-4BA4-4748-82DF-FE28DA9F03B0}" = Windows Live Messenger
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{68CC54AC-EFE5-4CE4-81F8-BE0C834E2D86}" = Mobile Broadband Generic Drivers
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D6C1253-F5A2-4E0C-9070-F3C1176C1033}" = Nero 7 Ultra Edition
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.0.0.13
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7F362F06-A9A3-440F-8B19-6A01A72723C4}" = AuthenTec Fingerprint Sensor Minimum Install
"{8347A7A5-4AB8-433F-82AA-496B0D189A9B}" = HP User Guides 0088
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83F136F0-2AE5-420C-A0B6-A440AD42591C}" = AuthenTec Fingerprint Software
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{89E052B2-5CA5-4B7A-AF0C-28CA2836B030}" = HPPhotoSmartPhotobookModernPack1
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{9885A11E-60E4-417C-B58B-8B31B21C0B8A}" = HP Easy Setup - Frontend
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{A07840FC-CE63-4CB8-8030-EF4B9805925A}" = HPPhotoSmartDiscLabel_PaperLabel
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A67BB21E-D419-45BB-AB86-7D87D14BBCE2}" = Safari
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}" = Windows Live installer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.1
"{AC95121F-1576-45B8-82F7-3911D27882E6}" = HPPhotoSmartPhotobookScrapbookPack1
"{ADFB9653-F44C-460C-BF58-189CC552DFFE}" = hpphotosmartdisclabelplugin
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4E91E95-A5BA-4E50-A465-DB7EFEB176E8}" = HPPhotoSmartDiscLabel_PrintOnDisc
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BD0E2B92-3814-46F0-893B-4612EA010C7E}" = HP Customer Experience Enhancements
"{BDEDBDD9-C97B-4333-B7BE-6979A34F6F74}" = 6300_Help
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C21C30F2-521C-4F86-882E-60CDCE615FBD}" = Intel® IPP Run-Time Installer 5.3 for Windows* on IA-32
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}" = HP Wireless Assistant
"{CC4A73BF-938E-4C19-A553-853C035C9BA1}" = LightScribe System Software 1.10.13.1
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D43908B1-76F6-42FB-B97D-0F4694769ACF}" = Start Killer
"{DD3C88A0-C53C-41D0-A21B-6D021981D23E}" = HPPhotoSmartDiscLabelContent1
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = AusLogics Disk Defrag
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E09575B2-498D-4C8B-A9D2-623F78574F29}" = AIO_CDB_Software
"{E1B2DF7C-A176-4A1D-9D32-3CEC5037A524}" = Apple Application Support
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E2CB21A2-FD45-4353-888B-FFD071270F35}" = 6300
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F}" = Fax
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5577101-33CC-4711-8235-3A95BCD49DB0}" = EA Link
"{F636EE9A-F9EC-4606-BCFA-77DD0E210788}" = HPPhotoSmartDiscLabel_Tattoo
"{FA61D601-A0FC-48BD-AE7A-54946BCD7FB6}_is1" = BitPim 1.0.6
"{FC66E05E-8D39-47A6-8D07-759F33727EB0}" = Opera 10.00
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AIM_7" = AIM 7
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.3
"Aspell English Dictionary_is1" = Aspell English Dictionary-0.50-2
"AVG9Uninstall" = AVG Free 9.0
"CCleaner" = CCleaner
"Defraggler" = Defraggler (remove only)
"Diablo II" = Diablo II
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"ExtractNow_is1" = ExtractNow
"Final Fantasy VII_is1" = Final Fantasy VII - Ultima Edition
"FLV Player" = FLV Player 2.0 (build 25)
"Free FLV Converter_is1" = Free FLV Converter V 6.7.3
"GNU Aspell_is1" = GNU Aspell 0.50-3
"Google Updater" = Google Updater
"GTK 2.0" = GTK+ Runtime 2.14.7 rev a (remove only)
"Hauppauge MCE2005 Software Encoder" = Hauppauge MCE XP/Vista Software Encoder (2.0.25149)
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Smart Web Printing" = HP Smart Web Printing
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{3D08333C-C366-425D-8C2D-D05630D68A46}" = SlingPlayer
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{F5577101-33CC-4711-8235-3A95BCD49DB0}" = EA Link
"Mozilla Firefox (2.0.0.14)" = Mozilla Firefox (2.0.0.14)
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"MP4-Converter_is1" = MP4-Converter 3.9.3
"Orb" = Winamp Remote
"Pidgin" = Pidgin
"Power Plan Assistant for WindowsÂ® 7" = Power Plan Assistant for WindowsÂ® 7
"RadLight 4.0" = RadLight 4.0 FINAL
"RealPlayer 12.0" = RealPlayer
"SlingMedia.QPSlingPlayer_is1" = QuickPlay SlingPlayer 0.4.6
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SpywareBlaster_is1" = SpywareBlaster 4.2
"ST6UNST #1" = Hero Editor V0.96
"Starcraft" = Starcraft
"The Rosetta Stone" = The Rosetta Stone
"V CAST Music with Rhapsody" = V CAST Music with Rhapsody
"ViewpointMediaPlayer" = Viewpoint Media Player
"VZAccess Manager" = VZAccess Manager
"WildTangent hp Master Uninstall" = My HP Games
"WinAce Archiver 2.0" = WinAce Archiver 2.0
"Winamp" = Winamp
"WinRAR archiver" = WinRAR archiver

[color=\"#E56717\"]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Diablo II" = Diablo II
"Facebook Plug-In" = Facebook Plug-In
"HuluDesktop" = HuluDesktop
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
"uTorrent" = ÂµTorrent
"Winamp Detect" = Winamp Detector Plug-in

[color=\"#E56717\"]========== Last 10 Event Log Errors ==========[/color]

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

Tech Clinic / Keep getting BSOD

« on: March 21, 2010, 07:40:02 PM »

Been getting BSODs all week don't have a clue as to why.
Running Win7 64bit home edition.
Only recent install was the newest Safari, was running the old Safari before.

Your help is much appreciated.

Lj

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:57:26 PM, on 3/21/2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Windows Sidebar\sidebar.exe
D:\FNC60_COMMON.6ED28686_7B19_420C_B255_5B6C1BD2C705\ISUSPM.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files (x86)\HP\QuickPlay\QPService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files (x86)\AVG\AVG9\avgtray.exe
C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\BOINC\boincmgr.exe
C:\Program Files (x86)\BOINC\boinctray.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files (x86)\BOINC\boinc.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\SysWOW64\NOTEPAD.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: DigitalPersona Personal Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles(x86)%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [QPService] "C:\Program Files (x86)\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [DpAgent] C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\1.0"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [boincmgr] "C:\Program Files (x86)\BOINC\boincmgr.exe" /a /s
O4 - HKLM\..\Run: [boinctray] "C:\Program Files (x86)\BOINC\boinctray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [ISUSPM] D:\FNC60_COMMON.6ED28686_7B19_420C_B255_5B6C1BD2C705\ISUSPM.exe -scheduler
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Power Plan Assistant.lnk = C:\Program Files\PowerPlanAssistant\PowerPlanAssistant.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Rip YouTube File - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files (x86)\MP4-Converter\YouTubeRipper.dll
O9 - Extra 'Tools' menuitem: Rip YouTube file embedded in this page - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files (x86)\MP4-Converter\YouTubeRipper.dll
O9 - Extra button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - c:\Program Files (x86)\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files (x86)\Fingerprint Sensor\AtService.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: @C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Google Update Service (gupdate1c9652664107e92) (gupdate1c9652664107e92) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: SlingAgentService - Sling Media Inc. - C:\Program Files (x86)\Sling Media\SlingAgent\SlingAgentService.exe
O23 - Service: SMServer - SMServer - C:\Windows\SysWOW64\snmvtsvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14556 bytes

Tech Clinic / spring cleaning

« on: May 02, 2009, 03:52:50 PM »

[quote name=\'guestolo\' post=\'462068\' date=\'May 2 2009, 03:08 PM\']How are things running now?[/quote]

All seems good thank you

Pages: [1] 2 3

TheTechGuide Forum

News:

Show Posts

Messages - rambag3

Tech Clinic / 2nd GPU running at 99% load

Tech Clinic / 2nd GPU running at 99% load

Tech Clinic / 2nd GPU running at 99% load

Tech Clinic / 2nd GPU running at 99% load

Tech Clinic / 2nd GPU running at 99% load

Tech Clinic / 2nd GPU running at 99% load

Tech Clinic / 2nd GPU running at 99% load

Tech Clinic / BSOD and freezing comp

Tech Clinic / BSOD and freezing comp

Tech Clinic / BSOD and freezing comp

Tech Clinic / BSOD and freezing comp

Tech Clinic / BSOD and freezing comp

Tech Clinic / BSOD and freezing comp

Tech Clinic / BSOD and freezing comp

Tech Clinic / Keep getting BSOD

Tech Clinic / Keep getting BSOD

Tech Clinic / Keep getting BSOD

Tech Clinic / Keep getting BSOD

Tech Clinic / Keep getting BSOD

Tech Clinic / spring cleaning