Author Topic: IDE/SATA DVD-R/W Problem (Read 1224 times)

balefireone · « **on:** November 17, 2009, 12:14:00 PM »

Hello,

I am having some trouble and hoping that I could get some help. Here is my dilemma:

My DVD drive recently stopped working. It was still getting power and device manager said that it was working properly, but the discs were not reading. I read that this may be a registry problem and so I followed the advice of deleting from HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318} the "upper" and "lower" classes.

The problem was not resolved which lead me to believe that there was a problem with the hardware. I switched out the newer SATA DVD drive with an older IDE version that I had in an old computer. Upon installation, the device is not being detected by the motherboard. It still gets power and spins whatever disc I put in it. I am completely stumped at this point.

I was considering backing up my data and reinstalling windows, but I'm concerned that I will run into a problem because the DVD drive is not reading! Please Help!

My OS is Vista 64.

Best,
Brian

guestolo · « **Reply #1 on:** November 17, 2009, 11:50:17 PM »

Did you install or Uninstall any new Recording software before this started to happen?
How long ago did this start to happen? Just recently?

Download [color=\"#FF0000\"]OTL.exe[/color][/url] by OldTimer to your Desktop.

Close all windows and right click on OTL.exe and choose to "Run as Administrator"
Click Run Scan and let the program run uninterrupted.
It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
You may need to use two posts to get it all.

NOTE: If you have trouble, or an error message trying to post the logs
Can you upload it to a reply box
In a Reply, select "Browse..." on the bottom right and then navigate to the file and select it
Then click "Upload"

balefireone · « **Reply #2 on:** November 18, 2009, 12:26:28 AM »

Thanks for the reply. I have installed some new software over the past few weeks....Adobe Director, Labtec webcam drivers, and an open-source video editor (AVS I think it was called).
I can't be sure exactly how long this is happening but if I were to guess I would say 4-5 weeks. Here are the scan results:

OTL logfile created on: 11/18/2009 12:20:01 AM - Run 2
OTL by OldTimer - Version 3.1.6.0 Folder = C:\Users\Falcon\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18828)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279.46 Gb Total Space | 172.10 Gb Free Space | 61.58% Space Free | Partition Type: NTFS
Drive D: | 409.17 Gb Total Space | 288.45 Gb Free Space | 70.50% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: FALCON-PC
Current User Name: Falcon
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=\"#E56717\"]========== Processes (SafeList) ==========[/color]

PRC - [2009/11/18 00:14:53 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Users\Falcon\Desktop\OTL.exe
PRC - [2009/11/16 21:49:41 | 02,020,120 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG9\avgtray.exe
PRC - [2009/11/16 21:49:41 | 02,020,120 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG9\avgtray.exe
PRC - [2009/11/16 21:49:37 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG9\avgwdsvc.exe
PRC - [2009/10/31 08:58:33 | 00,136,176 | ---- | M] (Google Inc.) -- C:\Users\Falcon\AppData\Local\Google\Update\1.2.183.13\GoogleCrashHandler.exe
PRC - [2009/09/21 15:36:12 | 00,305,440 | ---- | M] (Apple Inc.) -- C:\iTunes\iTunesHelper.exe
PRC - [2009/08/22 03:26:07 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
PRC - [2009/08/22 03:26:07 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
PRC - [2009/08/22 03:26:07 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
PRC - [2009/08/22 03:26:07 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
PRC - [2009/08/22 03:26:07 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
PRC - [2009/08/22 03:26:07 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
PRC - [2009/08/22 03:26:07 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
PRC - [2009/08/05 23:00:00 | 05,497,856 | ---- | M] () -- C:\x\xampp\mysql\bin\mysqld.exe
PRC - [2009/08/05 23:00:00 | 00,024,640 | ---- | M] (Apache Software Foundation) -- C:\x\xampp\apache\bin\httpd.exe
PRC - [2009/08/05 23:00:00 | 00,024,640 | ---- | M] (Apache Software Foundation) -- C:\x\xampp\apache\bin\httpd.exe
PRC - [2009/07/25 04:23:12 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\jusched.exe
PRC - [2009/06/10 05:33:00 | 00,232,960 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvSCPAPISvr.exe
PRC - [2009/06/10 05:33:00 | 00,232,960 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvSCPAPISvr.exe
PRC - [2009/06/05 10:48:14 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/05/19 10:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/04/23 05:29:18 | 07,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2009/04/23 05:29:14 | 07,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2009/03/31 03:37:40 | 05,748,736 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
PRC - [2009/03/31 03:37:40 | 05,748,736 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
PRC - [2009/03/31 03:37:40 | 05,748,736 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
PRC - [2009/03/31 03:37:40 | 05,748,736 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
PRC - [2008/12/17 01:35:36 | 00,621,568 | R--- | M] () -- C:\Program Files (x86)\ASUS\AASP\1.00.82\aaCenter.exe
PRC - [2008/12/17 01:35:36 | 00,621,568 | R--- | M] () -- C:\Program Files (x86)\ASUS\AASP\1.00.82\aaCenter.exe
PRC - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe
PRC - [2008/06/11 21:43:26 | 00,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2008/02/12 05:10:00 | 00,394,856 | R--- | M] (WinZip Computing, S.L.) -- C:\Program Files (x86)\WinZip\WZQKPICK.EXE
PRC - [2008/02/12 05:10:00 | 00,394,856 | R--- | M] (WinZip Computing, S.L.) -- C:\Program Files (x86)\WinZip\WZQKPICK.EXE
PRC - [2007/03/06 16:58:16 | 01,060,376 | ---- | M] () -- C:\WebCam10.exe
PRC - [2007/03/06 16:51:26 | 00,252,704 | ---- | M] (Labtec Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\LVComSX.exe
PRC - [2007/03/06 16:51:26 | 00,252,704 | ---- | M] (Labtec Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\LVComSX.exe
PRC - [2007/03/06 16:48:46 | 00,488,984 | ---- | M] (Labtec Inc,) -- C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
PRC - [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe
PRC - [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe
PRC - [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe

[color=\"#E56717\"]========== Modules (SafeList) ==========[/color]

MOD - [2009/11/18 00:14:53 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Users\Falcon\Desktop\OTL.exe
MOD - [2009/07/17 09:35:11 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2008/02/29 01:53:38 | 00,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2008/01/20 21:52:09 | 00,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2008/01/20 21:50:01 | 00,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll
MOD - [2008/01/20 21:49:43 | 01,076,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2008/01/20 21:49:43 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2008/01/20 21:49:32 | 00,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\authz.dll
MOD - [2008/01/20 21:48:06 | 01,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll

[color=\"#E56717\"]========== Win32 Services (SafeList) ==========[/color]

SRV:64bit: - [2009/09/21 15:36:16 | 00,660,256 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV:64bit: - [2009/07/15 01:14:38 | 00,202,752 | ---- | M] () -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/08 10:27:48 | 01,038,088 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2008/01/20 21:52:15 | 01,216,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV:64bit: - [2008/01/20 21:47:32 | 00,383,544 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/03/06 16:53:08 | 00,173,344 | ---- | M] (Labtec Inc.) -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2009/11/16 21:49:37 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2009/09/30 07:50:28 | 00,316,664 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/08/22 03:26:07 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\ccSvcHst.exe -- (N360)
SRV - [2009/08/05 23:00:00 | 05,497,856 | ---- | M] () -- C:\x\xampp\mysql\bin\mysqld.exe -- (MySQL)
SRV - [2009/08/05 23:00:00 | 00,024,640 | ---- | M] (Apache Software Foundation) -- C:\x\xampp\apache\bin\httpd.exe -- (Apache2.2)
SRV - [2009/07/08 10:26:41 | 00,655,624 | ---- | M] (Acresso Software Inc.) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/06/10 05:33:00 | 00,232,960 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2009/06/05 10:48:14 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/05/19 10:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/12/08 16:01:58 | 00,533,344 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2008/08/15 04:46:20 | 00,284,016 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)
SRV - [2008/07/27 13:03:13 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/07/27 13:01:49 | 00,093,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2008/06/19 20:17:12 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2008/06/19 20:16:53 | 00,859,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008/01/20 21:51:36 | 00,344,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr)
SRV - [2008/01/20 21:51:36 | 00,153,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched)
SRV - [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/11/02 10:03:48 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart)
SRV - [2006/11/02 08:34:14 | 00,000,000 | ---D | M] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2006/11/02 01:35:15 | 00,060,994 | ---- | M] () -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2006/11/02 01:35:15 | 00,055,846 | ---- | M] () -- C:\Windows\SysWOW64\wbem\vss.mof -- (VSS)

[color=\"#E56717\"]========== Driver Services (SafeList) ==========[/color]

DRV:64bit: - [2009/11/16 21:49:55 | 00,422,920 | ---- | M] () -- C:\Windows\SysNative\Drivers\avgldx64.sys -- (AvgLdx64)
DRV:64bit: - [2009/11/16 21:49:47 | 00,034,248 | ---- | M] () -- C:\Windows\SysNative\Drivers\avgmfx64.sys -- (AvgMfx64)
DRV:64bit: - [2009/08/22 03:26:08 | 00,583,296 | ---- | M] () -- C:\Windows\SysNative\Drivers\N360x64\0305020.00B\ccHPx64.sys -- (ccHP)
DRV:64bit: - [2009/08/22 03:26:08 | 00,476,720 | ---- | M] () -- C:\Windows\SysNative\Drivers\N360x64\0305020.00B\SRTSP64.SYS -- (SRTSP)
DRV:64bit: - [2009/08/22 03:26:08 | 00,402,992 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0305020.00B\SYMEFA64.SYS -- (SymEFA)
DRV:64bit: - [2009/08/22 03:26:08 | 00,334,384 | ---- | M] () -- C:\Windows\SysNative\Drivers\N360x64\0305020.00B\BHDrvx64.sys -- (BHDrvx64)
DRV:64bit: - [2009/08/22 03:26:08 | 00,278,576 | ---- | M] () -- C:\Windows\SysNative\Drivers\N360x64\0305020.00B\SYMTDI.SYS -- (SYMTDI)
DRV:64bit: - [2009/08/22 03:26:08 | 00,120,880 | ---- | M] () -- C:\Windows\SysNative\Drivers\N360x64\0305020.00B\SYMFW.SYS -- (SYMFW)
DRV:64bit: - [2009/08/22 03:26:08 | 00,056,880 | ---- | M] () -- C:\Windows\SysNative\Drivers\N360x64\0305020.00B\SYMNDISV.SYS -- (SYMNDISV)
DRV:64bit: - [2009/08/22 03:26:08 | 00,032,304 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0305020.00B\SRTSPX64.SYS -- (SRTSPX)
DRV:64bit: - [2009/08/20 07:56:20 | 00,172,592 | ---- | M] () -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2009/08/20 07:55:56 | 00,034,152 | R--- | M] () -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/08/18 14:21:16 | 00,031,280 | R--- | M] () -- C:\Windows\SysNative\DRIVERS\SymIMv.sys -- (SymIM)
DRV:64bit: - [2009/07/15 03:23:30 | 06,096,896 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/06/05 10:42:38 | 00,048,640 | ---- | M] () -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/01/20 09:49:48 | 00,195,584 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2009/01/19 16:41:48 | 00,609,280 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\netr28x.sys -- (netr28x)
DRV:64bit: - [2008/12/08 16:35:52 | 00,061,792 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2008/06/27 06:51:10 | 00,088,632 | ---- | M] () -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV:64bit: - [2008/01/20 21:47:28 | 00,046,080 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2008/01/20 21:47:04 | 00,098,816 | ---- | M] () -- C:\Windows\SysNative\drivers\usbaudio.sys -- (usbaudio)
DRV:64bit: - [2007/03/06 16:52:46 | 00,058,400 | ---- | M] () -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64)
DRV:64bit: - [2007/03/06 16:50:30 | 02,496,928 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\LVMVDrv.sys -- (LVMVDrv)
DRV:64bit: - [2007/03/06 16:48:58 | 01,029,024 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\LVcKap64.sys -- (LVcKap64)
DRV:64bit: - [2007/03/06 16:48:02 | 01,160,864 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\LV302V64.SYS -- (PID_PEPI)
DRV:64bit: - [2007/03/06 16:47:50 | 00,016,160 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\lv302a64.sys -- (lvpepf64)
DRV:64bit: - [2006/11/02 00:28:10 | 00,273,920 | ---- | M] () -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)
DRV:64bit: - [2006/10/31 18:23:42 | 00,015,680 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2006/10/18 21:09:19 | 01,930,176 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (ialm)
DRV - [2009/10/28 17:37:21 | 00,466,992 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091111.001\IDSviA64.sys -- (IDSVia64)
DRV - [2009/08/26 03:00:00 | 00,475,696 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2009/08/26 03:00:00 | 00,132,656 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/08/25 03:00:00 | 01,742,896 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091117.020\EX64.SYS -- (NAVEX15)
DRV - [2009/08/25 03:00:00 | 00,116,272 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091117.020\ENG64.SYS -- (NAVENG)
DRV - [2009/05/05 16:26:54 | 00,024,576 | ---- | M] (Exent Technologies Ltd.) -- C:\Program Files (x86)\GameTap Web Player\bin\release\X4HSX32.sys -- (X4HSX32)
DRV - [2008/08/14 06:57:42 | 00,074,720 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\drivers\adfs.sys -- (adfs)
DRV - [2008/01/04 07:34:48 | 00,011,832 | ---- | M] () -- C:\Windows\SysWOW64\drivers\AsInsHelp64.sys -- (ASInsHelp)
DRV - [2007/12/17 12:14:14 | 00,014,392 | R--- | M] () -- C:\Windows\SysWOW64\drivers\AsIO.sys -- (AsIO)
DRV - [2006/09/18 16:36:40 | 00,003,066 | ---- | M] () -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip)
DRV - [2006/09/18 16:35:23 | 00,001,088 | ---- | M] () -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)

[color=\"#E56717\"]========== Standard Registry (SafeList) ==========[/color]

[color=\"#E56717\"]========== Internet Explorer ==========[/color]

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.asus.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.asus.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 03 89 C3 B6 1D 66 CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=\"#E56717\"]========== FireFox ==========[/color]

FF - prefs.js..extensions.enabledItems: [email protected]:1.4.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15
FF - prefs.js..extensions.enabledItems: {7BA52691-1876-45ce-9EE6-54BCB3B04BBC}:3.7
FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.8
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.5

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/07/08 17:59:43 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5\extensions\\Components: C:\Mozilla Firefox\components [2009/11/09 12:30:20 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5\extensions\\Plugins: C:\Mozilla Firefox\plugins [2009/11/09 12:30:23 | 00,000,000 | ---D | M]

[2009/07/08 10:03:21 | 00,000,000 | ---D | M] -- C:\Users\Falcon\AppData\Roaming\Mozilla\Extensions
[2009/07/08 10:03:21 | 00,000,000 | ---D | M] -- C:\Users\Falcon\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/11/17 14:54:49 | 00,000,000 | ---D | M] -- C:\Users\Falcon\AppData\Roaming\Mozilla\Firefox\Profiles\vxmg6rlp.default\extensions
[2009/07/13 15:23:51 | 00,000,000 | ---D | M] -- C:\Users\Falcon\AppData\Roaming\Mozilla\Firefox\Profiles\vxmg6rlp.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/10/27 14:59:20 | 00,000,000 | ---D | M] -- C:\Users\Falcon\AppData\Roaming\Mozilla\Firefox\Profiles\vxmg6rlp.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2009/09/09 14:41:40 | 00,000,000 | ---D | M] -- C:\Users\Falcon\AppData\Roaming\Mozilla\Firefox\Profiles\vxmg6rlp.default\extensions\DefaultManager@Microsoft
[2009/11/05 19:19:06 | 00,000,000 | ---D | M] -- C:\Users\Falcon\AppData\Roaming\Mozilla\Firefox\Profiles\vxmg6rlp.default\extensions\[email protected]

O1 HOSTS File: (761 bytes) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN\Toolbar\3.0.1125.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files (x86)\MSN\Toolbar\3.0.1125.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\CoIEPlg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SKDaemon.exe] C:\Program Files\LTONHIS\Touch Manager\SKDaemon.exe ()
O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [iTunesHelper] C:\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\Communications_Helper.exe (Labtec Inc,)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\WebCam10.exe ()
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corp.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Google Update] C:\Users\Falcon\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - Startup: C:\Users\Falcon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE File not found
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\CoIEPlg.dll (Symantec Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (avgrssta.dll) - C:\Windows\SysNative\avgrssta.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\##Slavic#e\Shell\AutoRun\command - "" = Y:\start.exe -- File not found
O33 - MountPoints2\{060ec094-c7ba-11de-97d6-00248ce66f73}\Shell - "" = AutoRun
O33 - MountPoints2\{060ec094-c7ba-11de-97d6-00248ce66f73}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\SysWow64\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
64bit: O35 - comfile [open] -- "%1" %* File not found
64bit: O35 - exefile [open] -- "%1" %* File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

[color=\"#E56717\"]========== Files/Folders - Created Within 30 Days ==========[/color]

[2009/11/18 00:14:51 | 00,529,408 | ---- | C] (OldTimer Tools) -- C:\Users\Falcon\Desktop\OTL.exe
[2009/11/17 18:06:38 | 00,000,000 | ---D | C] -- C:\Users\Falcon\Desktop\John Mayer - Battle Studies [2009-MP3-Cov][Bubanee]
[2009/11/17 18:02:50 | 00,000,000 | ---D | C] -- C:\Users\Falcon\Desktop\Wu-Tang Meets The Indie Culture Vol. 2 - Enter The Dubstep [Explicit]
[2009/11/17 09:38:58 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\avg
[2009/11/16 22:17:19 | 00,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2009/11/16 22:17:19 | 00,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2009/11/16 21:50:15 | 00,000,000 | -H-D | C] -- C:\$AVG
[2009/11/16 21:49:47 | 00,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\Avg
[2009/11/16 21:49:34 | 00,000,000 | ---D | C] -- C:\ProgramData\avg9
[2009/11/16 21:49:34 | 00,000,000 | ---D | C] -- C:\AVG9
[2009/11/16 21:49:34 | 00,000,000 | ---D | C] -- C:\ProgramData\avg9
[2009/11/16 21:49:34 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2009/11/16 15:18:05 | 00,000,000 | ---D | C] -- C:\Users\Falcon\Desktop\art143pixelvector
[2009/11/14 18:14:35 | 00,000,000 | ---D | C] -- C:\Users\Falcon\Desktop\Social Media Network Icons Komodo Media_white_files
[2009/11/14 18:14:25 | 00,000,000 | ---D | C] -- C:\Users\Falcon\Desktop\Social Media Network Icons Komodo Media_files
[2009/11/13 10:16:26 | 00,000,000 | ---D | C] -- C:\Users\Falcon\Desktop\Doom Presents Unexpected Guests
[2009/11/10 23:13:42 | 00,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSDApi.dll
[2009/11/10 17:04:01 | 00,000,000 | ---D | C] -- C:\Adobe Director
[2009/11/10 16:55:38 | 00,000,000 | ---D | C] -- C:\Adobe Director 11.5
[2009/11/09 12:45:38 | 00,000,000 | ---D | C] -- C:\Users\Falcon\Desktop\JS_LIBS
[2009/11/05 22:59:07 | 00,000,000 | ---D | C] -- C:\Users\Falcon\AppData\Local\Blizzard Entertainment
[2009/11/03 22:07:12 | 05,939,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.dll
[2009/11/03 22:07:11 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.tlb
[2009/10/28 07:54:50 | 00,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unregmp2.exe
[2009/10/28 07:54:49 | 10,624,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2009/10/28 07:54:47 | 08,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2009/10/27 12:17:02 | 00,000,000 | ---D | C] -- C:\Users\Falcon\.thumbnails
[2009/10/26 13:59:58 | 00,000,000 | ---D | C] -- C:\Users\Falcon\.gimp-2.6
[2009/10/26 13:59:57 | 00,000,000 | ---D | C] -- C:\Users\Falcon\Documents\gegl-0.0
[2009/10/26 13:59:32 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\GIMP-2.0
[2009/10/26 13:55:57 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\GIMP-2
[2009/10/26 13:54:02 | 00,000,000 | ---D | C] -- C:\GIMP-2
[2009/10/26 12:46:00 | 00,000,000 | ---D | C] -- C:\Notepad++
[2009/10/26 12:46:00 | 00,000,000 | ---D | C] -- C:\Users\Falcon\AppData\Roaming\Notepad++
[2009/10/20 05:13:18 | 00,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2009/10/20 05:13:18 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2009/10/20 05:13:18 | 00,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2009/10/20 05:13:14 | 00,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2009/10/20 05:13:14 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe

[color=\"#E56717\"]========== Files - Modified Within 30 Days ==========[/color]

[2009/11/18 00:20:15 | 02,097,152 | -HS- | M] () -- C:\Users\Falcon\NTUSER.DAT
[2009/11/18 00:14:53 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Users\Falcon\Desktop\OTL.exe
[2009/11/18 00:03:00 | 00,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2112477045-800725573-1140253011-1000UA.job
[2009/11/17 23:56:14 | 00,000,488 | ---- | M] () -- C:\Users\Falcon\Desktop\Adobe_All_Products_Keymaker_2009.4757229.TPB.torrent
[2009/11/17 22:45:16 | 00,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/11/17 22:45:16 | 00,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/11/17 20:52:02 | 00,012,146 | ---- | M] () -- C:\Users\Falcon\Desktop\WebSitePlanTemplate.pdf
[2009/11/17 18:34:07 | 45,353,170 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm
[2009/11/17 18:33:53 | 00,095,123 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\microavi.avg
[2009/11/17 12:51:39 | 00,690,960 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2009/11/17 12:51:39 | 00,595,446 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2009/11/17 12:51:39 | 00,101,144 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2009/11/17 12:45:45 | 00,000,374 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2009/11/17 12:45:18 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/11/17 12:45:16 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/11/17 12:43:08 | 00,524,288 | -HS- | M] () -- C:\Users\Falcon\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms
[2009/11/17 12:43:08 | 00,065,536 | -HS- | M] () -- C:\Users\Falcon\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf
[2009/11/17 12:24:59 | 03,099,022 | -H-- | M] () -- C:\Users\Falcon\AppData\Local\IconCache.db
[2009/11/17 10:03:00 | 00,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2112477045-800725573-1140253011-1000Core.job
[2009/11/16 21:50:01 | 00,001,323 | ---- | M] () -- C:\Users\Public\Desktop\AVG Free 9.0.lnk
[2009/11/16 21:49:59 | 00,012,464 | ---- | M] () -- C:\Windows\SysNative\avgrssta.dll
[2009/11/16 21:49:55 | 00,422,920 | ---- | M] () -- C:\Windows\SysNative\drivers\avgldx64.sys
[2009/11/16 21:49:47 | 06,061,540 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\avi7.avg
[2009/11/16 21:49:47 | 00,492,629 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\miniavi.avg
[2009/11/16 21:49:47 | 00,113,461 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\iavichjw.avm
[2009/11/16 21:49:47 | 00,034,248 | ---- | M] () -- C:\Windows\SysNative\drivers\avgmfx64.sys
[2009/11/16 20:09:40 | 60,261,957 | ---- | M] () -- C:\Users\Falcon\Desktop\trip_textures.zip
[2009/11/16 17:12:30 | 21,939,611 | ---- | M] () -- C:\Users\Falcon\Desktop\GoForth_Create.zip
[2009/11/16 15:17:50 | 04,644,900 | ---- | M] () -- C:\Users\Falcon\Desktop\art143pixelvector.zip
[2009/11/14 23:38:30 | 26,178,260 | ---- | M] () -- C:\Users\Falcon\Desktop\667715_91947605.psd
[2009/11/14 18:14:35 | 00,099,816 | ---- | M] () -- C:\Users\Falcon\Desktop\Social Media Network Icons Komodo Media_white.htm
[2009/11/14 18:14:25 | 00,098,412 | ---- | M] () -- C:\Users\Falcon\Desktop\Social Media Network Icons Komodo Media.htm
[2009/11/14 09:59:52 | 00,009,725 | ---- | M] () -- C:\Users\Falcon\Desktop\Chat.zip
[2009/11/14 09:20:25 | 00,027,205 | ---- | M] () -- C:\Users\Falcon\Desktop\chunk.zip
[2009/11/12 20:03:24 | 00,002,055 | ---- | M] () -- C:\Users\Falcon\Desktop\Google Chrome.lnk
[2009/11/11 11:29:39 | 00,017,920 | ---- | M] () -- C:\Users\Falcon\Desktop\Brian T. Lutz.doc
[2009/11/11 11:18:56 | 00,169,323 | ---- | M] () -- C:\Users\Falcon\Desktop\Brian T. Lutz.pdf
[2009/11/11 08:14:36 | 03,069,264 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2009/11/10 10:53:29 | 00,112,400 | ---- | M] () -- C:\Users\Falcon\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/11/09 00:26:48 | 00,023,040 | ---- | M] () -- C:\Users\Falcon\Desktop\lutz_w5_a3.doc
[2009/11/05 13:05:58 | 28,155,840 | ---- | M] () -- C:\Windows\SysNative\mrt.exe
[2009/10/30 13:58:20 | 00,001,019 | ---- | M] () -- C:\Users\Falcon\Desktop\Director - Shortcut.lnk
[2009/10/30 10:11:31 | 00,001,404 | ---- | M] () -- C:\Users\Falcon\Desktop\CCleaner.lnk
[2009/10/27 12:17:02 | 00,000,880 | ---- | M] () -- C:\Users\Falcon\.recently-used.xbel
[2009/10/26 13:59:51 | 00,000,936 | ---- | M] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2009/10/26 12:46:02 | 00,000,604 | ---- | M] () -- C:\Users\Public\Desktop\Notepad++.lnk
[2009/10/21 21:14:52 | 09,236,480 | ---- | M] () -- C:\Windows\SysNative\mshtml.dll
[2009/10/21 17:36:56 | 01,638,912 | ---- | M] () -- C:\Windows\SysNative\mshtml.tlb
[2009/10/21 05:40:08 | 05,939,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.dll
[2009/10/21 03:19:16 | 01,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.tlb

[color=\"#E56717\"]========== Files Created - No Company Name ==========[/color]

[2009/11/17 23:56:14 | 00,000,488 | ---- | C] () -- C:\Users\Falcon\Desktop\Adobe_All_Products_Keymaker_2009.4757229.TPB.torrent
[2009/11/17 20:52:01 | 00,012,146 | ---- | C] () -- C:\Users\Falcon\Desktop\WebSitePlanTemplate.pdf
[2009/11/16 21:50:01 | 00,001,323 | ---- | C] () -- C:\Users\Public\Desktop\AVG Free 9.0.lnk
[2009/11/16 21:49:59 | 00,012,464 | ---- | C] () -- C:\Windows\SysNative\avgrssta.dll
[2009/11/16 21:49:54 | 00,422,920 | ---- | C] () -- C:\Windows\SysNative\drivers\avgldx64.sys
[2009/11/16 21:49:47 | 45,353,170 | ---- | C] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm
[2009/11/16 21:49:47 | 06,061,540 | ---- | C] () -- C:\Windows\SysNative\drivers\Avg\avi7.avg
[2009/11/16 21:49:47 | 00,492,629 | ---- | C] () -- C:\Windows\SysNative\drivers\Avg\miniavi.avg
[2009/11/16 21:49:47 | 00,113,461 | ---- | C] () -- C:\Windows\SysNative\drivers\Avg\iavichjw.avm
[2009/11/16 21:49:47 | 00,095,123 | ---- | C] () -- C:\Windows\SysNative\drivers\Avg\microavi.avg
[2009/11/16 21:49:47 | 00,034,248 | ---- | C] () -- C:\Windows\SysNative\drivers\avgmfx64.sys
[2009/11/16 20:08:23 | 60,261,957 | ---- | C] () -- C:\Users\Falcon\Desktop\trip_textures.zip
[2009/11/16 17:12:08 | 21,939,611 | ---- | C] () -- C:\Users\Falcon\Desktop\GoForth_Create.zip
[2009/11/16 15:17:36 | 04,644,900 | ---- | C] () -- C:\Users\Falcon\Desktop\art143pixelvector.zip
[2009/11/14 23:38:28 | 26,178,260 | ---- | C] () -- C:\Users\Falcon\Desktop\667715_91947605.psd
[2009/11/14 18:14:34 | 00,099,816 | ---- | C] () -- C:\Users\Falcon\Desktop\Social Media Network Icons Komodo Media_white.htm
[2009/11/14 18:14:23 | 00,098,412 | ---- | C] () -- C:\Users\Falcon\Desktop\Social Media Network Icons Komodo Media.htm
[2009/11/14 09:59:52 | 00,009,725 | ---- | C] () -- C:\Users\Falcon\Desktop\Chat.zip
[2009/11/14 09:20:25 | 00,027,205 | ---- | C] () -- C:\Users\Falcon\Desktop\chunk.zip
[2009/11/11 11:29:36 | 00,017,920 | ---- | C] () -- C:\Users\Falcon\Desktop\Brian T. Lutz.doc
[2009/11/11 11:18:56 | 00,169,323 | ---- | C] () -- C:\Users\Falcon\Desktop\Brian T. Lutz.pdf
[2009/11/10 23:13:42 | 00,437,248 | ---- | C] () -- C:\Windows\SysNative\WSDApi.dll
[2009/11/10 23:13:39 | 02,749,952 | ---- | C] () -- C:\Windows\SysNative\win32k.sys
[2009/11/09 00:26:47 | 00,023,040 | ---- | C] () -- C:\Users\Falcon\Desktop\lutz_w5_a3.doc
[2009/11/03 22:07:11 | 09,236,480 | ---- | C] () -- C:\Windows\SysNative\mshtml.dll
[2009/11/03 22:07:11 | 01,638,912 | ---- | C] () -- C:\Windows\SysNative\mshtml.tlb
[2009/11/02 01:00:09 | 03,099,022 | -H-- | C] () -- C:\Users\Falcon\AppData\Local\IconCache.db
[2009/10/30 13:58:20 | 00,001,019 | ---- | C] () -- C:\Users\Falcon\Desktop\Director - Shortcut.lnk
[2009/10/28 07:54:50 | 13,426,176 | ---- | C] () -- C:\Windows\SysNative\wmp.dll
[2009/10/28 07:54:50 | 00,372,736 | ---- | C] () -- C:\Windows\SysNative\unregmp2.exe
[2009/10/28 07:54:47 | 08,147,968 | ---- | C] () -- C:\Windows\SysNative\wmploc.DLL
[2009/10/27 12:17:02 | 00,000,880 | ---- | C] () -- C:\Users\Falcon\.recently-used.xbel
[2009/10/26 13:59:51 | 00,000,936 | ---- | C] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2009/10/26 12:46:02 | 00,000,604 | ---- | C] () -- C:\Users\Public\Desktop\Notepad++.lnk
[2009/10/20 05:13:28 | 02,621,440 | ---- | C] () -- C:\Windows\SysNative\wucltux.dll
[2009/10/20 05:13:28 | 02,424,024 | ---- | C] () -- C:\Windows\SysNative\wuaueng.dll
[2009/10/20 05:13:28 | 00,057,560 | ---- | C] () -- C:\Windows\SysNative\wuauclt.exe
[2009/10/20 05:13:28 | 00,043,744 | ---- | C] () -- C:\Windows\SysNative\wups2.dll
[2009/10/20 05:13:18 | 00,700,640 | ---- | C] () -- C:\Windows\SysNative\wuapi.dll
[2009/10/20 05:13:18 | 00,098,816 | ---- | C] () -- C:\Windows\SysNative\wudriver.dll
[2009/10/20 05:13:18 | 00,038,112 | ---- | C] () -- C:\Windows\SysNative\wups.dll
[2009/10/20 05:13:14 | 00,185,416 | ---- | C] () -- C:\Windows\SysNative\wuwebv.dll
[2009/10/20 05:13:14 | 00,036,864 | ---- | C] () -- C:\Windows\SysNative\wuapp.exe
[2009/10/05 16:26:12 | 00,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/10/05 14:18:08 | 00,353,792 | ---- | C] () -- C:\Windows\SysWow64\pythoncom26.dll
[2009/10/05 14:18:08 | 00,107,520 | ---- | C] () -- C:\Windows\SysWow64\pywintypes26.dll
[2009/08/27 18:24:36 | 00,003,584 | ---- | C] () -- C:\Users\Falcon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/13 23:07:04 | 00,000,346 | ---- | C] () -- C:\Users\Falcon\AppData\Roaming\wklnhst.dat
[2009/08/05 21:56:24 | 00,000,248 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2009/07/09 07:10:54 | 00,031,966 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/07/09 07:10:29 | 00,031,966 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/07/08 20:10:32 | 00,002,188 | ---- | C] () -- C:\Users\Falcon\AppData\Local\d3d9caps64.dat
[2009/07/07 20:31:59 | 00,112,400 | ---- | C] () -- C:\Users\Falcon\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/06/10 05:31:04 | 00,089,088 | ---- | C] () -- C:\Windows\SysWow64\nvimage.dll
[2009/05/12 05:12:27 | 00,221,184 | ---- | C] () -- C:\Windows\SysWow64\drivers\ServiceHelp.dll
[2009/05/12 05:07:14 | 00,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2009/05/12 05:07:14 | 00,014,392 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2009/05/12 05:07:11 | 00,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2009/05/12 05:07:11 | 00,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2009/05/12 04:56:41 | 00,023,788 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2009/05/12 04:56:33 | 00,017,480 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2008/10/07 08:13:30 | 00,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008/10/07 08:13:22 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2008/01/20 21:50:05 | 00,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008/01/20 21:49:49 | 00,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2007/12/28 10:22:02 | 00,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2006/11/02 10:25:49 | 00,000,174 | -HS- | C] () -- C:\Program Files (x86)\desktop.ini
[2006/11/02 10:07:25 | 00,030,808 | ---- | C] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
[2006/11/02 10:07:25 | 00,029,779 | ---- | C] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2006/11/02 10:07:25 | 00,026,489 | ---- | C] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 10:07:25 | 00,026,040 | ---- | C] () -- C:\Windows

balefireone · « **Reply #3 on:** November 18, 2009, 12:29:16 AM »

OTL Extras logfile created on: 11/18/2009 12:16:24 AM - Run 1
OTL by OldTimer - Version 3.1.6.0 Folder = C:\Users\Falcon\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18828)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279.46 Gb Total Space | 172.10 Gb Free Space | 61.58% Space Free | Partition Type: NTFS
Drive D: | 409.17 Gb Total Space | 288.45 Gb Free Space | 70.50% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: FALCON-PC
Current User Name: Falcon
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=\"#E56717\"]========== Extra Registry (SafeList) ==========[/color]

[color=\"#E56717\"]========== File Associations ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe ()
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html[@ = Opera.HTML] -- C:\Opera\opera.exe (Opera Software)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE ()
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE ()
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
.js[@ = jsfile] -- C:\Windows\SysNative\WScript.exe ()
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe ()
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE ()
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe ()
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe ()
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe ()
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe ()

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Opera\opera.exe (Opera Software)
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)

[color=\"#E56717\"]========== Shell Spawning ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 ()
batfile [open] -- "%1" %* File not found
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 ()
chm.file [open] -- "%SystemRoot%\hh.exe" %1 File not found
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 ()
cmdfile [open] -- "%1" %* File not found
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 ()
comfile [open] -- "%1" %* File not found
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* ()
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
http [open] -- "C:\Opera\opera.exe" (Opera Software)
https [open] -- "C:\Opera\opera.exe" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" ()
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 ()
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 ()
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 ()
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 ()
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 ()
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* ()
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 ()
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 ()
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* ()
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 ()
piffile [open] -- "%1" %* File not found
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" ()
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" ()
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l ()
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 ()
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 ()
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" ()
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 ()
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* ()
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 ()
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 ()
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* ()
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 ()
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 ()
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* ()
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 ()
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* ()
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "%SystemRoot%\hh.exe" %1 File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
http [open] -- "C:\Opera\opera.exe" (Opera Software)
https [open] -- "C:\Opera\opera.exe" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[color=\"#E56717\"]========== Security Center Settings ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

guestolo · « **Reply #4 on:** November 18, 2009, 12:49:05 AM »

I didn't get to see everything I wanted to in that scan
Can you do the below
1. Download [color=\"#0000FF\"]OTS.exe[/color] by OldTimer and save it to your desktop.
2. Right click on OTS.exe and choose to "Run As Administrator"
3. Put a checkmark in the Include 64Bit Scans box
4. Under Additional Scans section, put a check mark next to Reg - Uninstall List. ( you will need to scroll down)
5. Click on the Run Scan button at the top left hand corner.
6. OTS will start running. Once done, Notepad will open. Please post the contents of this Notepad file in your next reply.

balefireone · « **Reply #5 on:** November 18, 2009, 07:51:46 AM »

OTS logfile created on: 11/18/2009 7:47:07 AM - Run 1
OTS by OldTimer - Version 3.1.6.0 Folder = C:\Users\Falcon\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18828)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 3.99 Gb Available Physical Memory | 99.83% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279.46 Gb Total Space | 172.18 Gb Free Space | 61.61% Space Free | Partition Type: NTFS
Drive D: | 409.17 Gb Total Space | 288.45 Gb Free Space | 70.50% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: FALCON-PC
Current User Name: Falcon
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days

[Processes - Safe List]
ots.exe -> C:\Users\Falcon\Desktop\OTS.exe -> [2009/11/18 07:45:50 | 00,526,848 | ---- | M] (OldTimer Tools)
ots.exe -> C:\Users\Falcon\Desktop\OTS.exe -> [2009/11/18 07:45:50 | 00,526,848 | ---- | M] (OldTimer Tools)
ots.exe -> C:\Users\Falcon\Desktop\OTS.exe -> [2009/11/18 07:45:50 | 00,526,848 | ---- | M] (OldTimer Tools)
avgtray.exe -> C:\AVG9\avgtray.exe -> [2009/11/16 21:49:41 | 02,020,120 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgwdsvc.exe -> C:\AVG9\avgwdsvc.exe -> [2009/11/16 21:49:37 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.)
chrome.exe -> C:\Users\Falcon\AppData\Local\Google\Chrome\Application\chrome.exe -> [2009/11/11 18:11:40 | 00,921,072 | ---- | M] (Google Inc.)
chrome.exe -> C:\Users\Falcon\AppData\Local\Google\Chrome\Application\chrome.exe -> [2009/11/11 18:11:40 | 00,921,072 | ---- | M] (Google Inc.)
chrome.exe -> C:\Users\Falcon\AppData\Local\Google\Chrome\Application\chrome.exe -> [2009/11/11 18:11:40 | 00,921,072 | ---- | M] (Google Inc.)
googlecrashhandler.exe -> C:\Users\Falcon\AppData\Local\Google\Update\1.2.183.13\GoogleCrashHandler.exe -> [2009/10/31 08:58:33 | 00,136,176 | ---- | M] (Google Inc.)
ituneshelper.exe -> C:\iTunes\iTunesHelper.exe -> [2009/09/21 15:36:12 | 00,305,440 | ---- | M] (Apple Inc.)
ituneshelper.exe -> C:\iTunes\iTunesHelper.exe -> [2009/09/21 15:36:12 | 00,305,440 | ---- | M] (Apple Inc.)
ccsvchst.exe -> C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\ccSvcHst.exe -> [2009/08/22 03:26:07 | 00,117,640 | R--- | M] (Symantec Corporation)
ccsvchst.exe -> C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\ccSvcHst.exe -> [2009/08/22 03:26:07 | 00,117,640 | R--- | M] (Symantec Corporation)
ccsvchst.exe -> C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\ccSvcHst.exe -> [2009/08/22 03:26:07 | 00,117,640 | R--- | M] (Symantec Corporation)
ccsvchst.exe -> C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\ccSvcHst.exe -> [2009/08/22 03:26:07 | 00,117,640 | R--- | M] (Symantec Corporation)
ccsvchst.exe -> C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\ccSvcHst.exe -> [2009/08/22 03:26:07 | 00,117,640 | R--- | M] (Symantec Corporation)
mysqld.exe -> C:\x\xampp\mysql\bin\mysqld.exe -> [2009/08/05 23:00:00 | 05,497,856 | ---- | M] ()
httpd.exe -> C:\x\xampp\apache\bin\httpd.exe -> [2009/08/05 23:00:00 | 00,024,640 | ---- | M] (Apache Software Foundation)
httpd.exe -> C:\x\xampp\apache\bin\httpd.exe -> [2009/08/05 23:00:00 | 00,024,640 | ---- | M] (Apache Software Foundation)
httpd.exe -> C:\x\xampp\apache\bin\httpd.exe -> [2009/08/05 23:00:00 | 00,024,640 | ---- | M] (Apache Software Foundation)
httpd.exe -> C:\x\xampp\apache\bin\httpd.exe -> [2009/08/05 23:00:00 | 00,024,640 | ---- | M] (Apache Software Foundation)
jusched.exe -> C:\Program Files (x86)\Java\jre6\bin\jusched.exe -> [2009/07/25 04:23:12 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.)
jusched.exe -> C:\Program Files (x86)\Java\jre6\bin\jusched.exe -> [2009/07/25 04:23:12 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.)
nvscpapisvr.exe -> C:\Windows\SysWOW64\nvSCPAPISvr.exe -> [2009/06/10 05:33:00 | 00,232,960 | ---- | M] (NVIDIA Corporation)
nvscpapisvr.exe -> C:\Windows\SysWOW64\nvSCPAPISvr.exe -> [2009/06/10 05:33:00 | 00,232,960 | ---- | M] (NVIDIA Corporation)
applemobiledeviceservice.exe -> C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> [2009/06/05 10:48:14 | 00,144,712 | ---- | M] (Apple Inc.)
seaport.exe -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -> [2009/05/19 10:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation)
soffice.bin -> C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin -> [2009/04/23 05:29:18 | 07,418,368 | ---- | M] (OpenOffice.org)
soffice.bin -> C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin -> [2009/04/23 05:29:18 | 07,418,368 | ---- | M] (OpenOffice.org)
soffice.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe -> [2009/04/23 05:29:14 | 07,424,000 | ---- | M] (OpenOffice.org)
fourengine.exe -> C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe -> [2009/03/31 03:37:40 | 05,748,736 | ---- | M] ()
fourengine.exe -> C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe -> [2009/03/31 03:37:40 | 05,748,736 | ---- | M] ()
fourengine.exe -> C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe -> [2009/03/31 03:37:40 | 05,748,736 | ---- | M] ()
fourengine.exe -> C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe -> [2009/03/31 03:37:40 | 05,748,736 | ---- | M] ()
aacenter.exe -> C:\Program Files (x86)\ASUS\AASP\1.00.82\aaCenter.exe -> [2008/12/17 01:35:36 | 00,621,568 | R--- | M] ()
aacenter.exe -> C:\Program Files (x86)\ASUS\AASP\1.00.82\aaCenter.exe -> [2008/12/17 01:35:36 | 00,621,568 | R--- | M] ()
aacenter.exe -> C:\Program Files (x86)\ASUS\AASP\1.00.82\aaCenter.exe -> [2008/12/17 01:35:36 | 00,621,568 | R--- | M] ()
mdnsresponder.exe -> C:\Program Files (x86)\Bonjour\mDNSResponder.exe -> [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.)
acrobat_sl.exe -> C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe -> [2008/06/12 01:25:18 | 00,037,232 | ---- | M] (Adobe Systems Incorporated)
acrotray.exe -> C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe -> [2008/06/11 21:43:26 | 00,640,376 | ---- | M] (Adobe Systems Inc.)
acrotray.exe -> C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe -> [2008/06/11 21:43:26 | 00,640,376 | ---- | M] (Adobe Systems Inc.)
acrotray.exe -> C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe -> [2008/06/11 21:43:26 | 00,640,376 | ---- | M] (Adobe Systems Inc.)
wzqkpick.exe -> C:\Program Files (x86)\WinZip\WZQKPICK.EXE -> [2008/02/12 05:10:00 | 00,394,856 | R--- | M] (WinZip Computing, S.L.)
wzqkpick.exe -> C:\Program Files (x86)\WinZip\WZQKPICK.EXE -> [2008/02/12 05:10:00 | 00,394,856 | R--- | M] (WinZip Computing, S.L.)
reader_sl.exe -> C:\Program Files (x86)\Adobe\Reader 8.0\Reader\reader_sl.exe -> [2007/10/10 13:51:56 | 00,039,792 | ---- | M] (Adobe Systems Incorporated)
webcam10.exe -> C:\WebCam10.exe -> [2007/03/06 16:58:16 | 01,060,376 | ---- | M] ()
lvcomsx.exe -> C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\LVComSX.exe -> [2007/03/06 16:51:26 | 00,252,704 | ---- | M] (Labtec Inc.)
lvcomsx.exe -> C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\LVComSX.exe -> [2007/03/06 16:51:26 | 00,252,704 | ---- | M] (Labtec Inc.)
communications_helper.exe -> C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\Communications_Helper.exe -> [2007/03/06 16:48:46 | 00,488,984 | ---- | M] (Labtec Inc,)
viewpointservice.exe -> C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe -> [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation)
viewpointservice.exe -> C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe -> [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation)
viewpointservice.exe -> C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe -> [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation)

[Modules - Safe List]
ots.exe -> C:\Users\Falcon\Desktop\OTS.exe -> [2009/11/18 07:45:50 | 00,526,848 | ---- | M] (OldTimer Tools)
atl.dll -> C:\Windows\SysWOW64\atl.dll -> [2009/07/17 09:35:11 | 00,071,680 | ---- | M] (Microsoft Corporation)
srclient.dll -> C:\Windows\SysWOW64\srclient.dll -> [2008/02/29 01:53:38 | 00,040,960 | ---- | M] (Microsoft Corporation)
spp.dll -> C:\Windows\SysWOW64\spp.dll -> [2008/01/20 21:52:09 | 00,142,336 | ---- | M] (Microsoft Corporation)
xmllite.dll -> C:\Windows\SysWOW64\xmllite.dll -> [2008/01/20 21:50:01 | 00,183,296 | ---- | M] (Microsoft Corporation)
vssapi.dll -> C:\Windows\SysWOW64\vssapi.dll -> [2008/01/20 21:49:43 | 01,076,224 | ---- | M] (Microsoft Corporation)
vsstrace.dll -> C:\Windows\SysWOW64\vsstrace.dll -> [2008/01/20 21:49:43 | 00,069,120 | ---- | M] (Microsoft Corporation)
authz.dll -> C:\Windows\SysWOW64\authz.dll -> [2008/01/20 21:49:32 | 00,079,360 | ---- | M] (Microsoft Corporation)
comctl32.dll -> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll -> [2008/01/20 21:48:06 | 01,684,480 | ---- | M] (Microsoft Corporation)

[Win32 Services - Safe List]
64bit-(iPod Service) [On_Demand | Running] -> C:\Program Files\iPod\bin\iPodService.exe -> [2009/09/21 15:36:16 | 00,660,256 | ---- | M] (Apple Inc.)
64bit-(AMD External Events Utility) [Auto | Running] -> C:\Windows\SysNative\atiesrxx.exe -> [2009/07/15 01:14:38 | 00,202,752 | ---- | M] ()
64bit-(FLEXnet Licensing Service 64) [On_Demand | Stopped] -> C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -> [2009/07/08 10:27:48 | 01,038,088 | ---- | M] (Acresso Software Inc.)
64bit-(WMPNetworkSvc) [On_Demand | Running] -> C:\Program Files\Windows Media Player\wmpnetwk.exe -> [2008/01/20 21:52:15 | 01,216,000 | ---- | M] (Microsoft Corporation)
64bit-(WinDefend) [Auto | Stopped] -> C:\Program Files\Windows Defender\MpSvc.dll -> [2008/01/20 21:47:32 | 00,383,544 | ---- | M] (Microsoft Corporation)
64bit-(LVSrvLauncher) [Auto | Stopped] -> C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -> [2007/03/06 16:53:08 | 00,173,344 | ---- | M] (Labtec Inc.)
(avg9wd) AVG Free WatchDog [Auto | Running] -> C:\AVG9\avgwdsvc.exe -> [2009/11/16 21:49:37 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.)
(Steam Client Service) Steam Client Service [On_Demand | Stopped] -> C:\Program Files (x86)\Common Files\Steam\SteamService.exe -> [2009/09/30 07:50:28 | 00,316,664 | ---- | M] (Valve Corporation)
(N360) Norton 360 [Auto | Running] -> C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\ccSvcHst.exe -> [2009/08/22 03:26:07 | 00,117,640 | R--- | M] (Symantec Corporation)
(MySQL) MySQL [Auto | Running] -> C:\x\xampp\mysql\bin\mysqld.exe -> [2009/08/05 23:00:00 | 05,497,856 | ---- | M] ()
(Apache2.2) Apache2.2 [Auto | Running] -> C:\x\xampp\apache\bin\httpd.exe -> [2009/08/05 23:00:00 | 00,024,640 | ---- | M] (Apache Software Foundation)
(FLEXnet Licensing Service) FLEXnet Licensing Service [On_Demand | Stopped] -> C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -> [2009/07/08 10:26:41 | 00,655,624 | ---- | M] (Acresso Software Inc.)
(Stereo Service) NVIDIA Stereoscopic 3D Driver Service [Auto | Running] -> C:\Windows\SysWOW64\nvSCPAPISvr.exe -> [2009/06/10 05:33:00 | 00,232,960 | ---- | M] (NVIDIA Corporation)
(Apple Mobile Device) Apple Mobile Device [Auto | Running] -> C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> [2009/06/05 10:48:14 | 00,144,712 | ---- | M] (Apple Inc.)
(SeaPort) SeaPort [Auto | Running] -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -> [2009/05/19 10:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation)
(Bonjour Service) Bonjour Service [Auto | Running] -> C:\Program Files (x86)\Bonjour\mDNSResponder.exe -> [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.)
(fsssvc) Windows Live Family Safety [On_Demand | Stopped] -> C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe -> [2008/12/08 16:01:58 | 00,533,344 | ---- | M] (Microsoft Corporation)
(Adobe Version Cue CS4) Adobe Version Cue CS4 [On_Demand | Stopped] -> C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -> [2008/08/15 04:46:20 | 00,284,016 | ---- | M] (Adobe Systems Incorporated)
(clr_optimization_v2.0.50727_32) Microsoft .NET Framework NGEN v2.0.50727_X86 [On_Demand | Stopped] -> C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2008/07/27 13:03:13 | 00,069,632 | ---- | M] (Microsoft Corporation)
(clr_optimization_v2.0.50727_64) Microsoft .NET Framework NGEN v2.0.50727_X64 [On_Demand | Stopped] -> C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -> [2008/07/27 13:01:49 | 00,093,184 | ---- | M] (Microsoft Corporation)
(FontCache3.0.0.0) Windows Presentation Foundation Font Cache 3.0.0.0 [On_Demand | Stopped] -> C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe -> [2008/06/19 20:17:12 | 00,046,104 | ---- | M] (Microsoft Corporation)
(idsvc) Windows CardSpace [Unknown | Stopped] -> C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -> [2008/06/19 20:16:53 | 00,859,648 | ---- | M] (Microsoft Corporation)
(ehRecvr) Windows Media Center Receiver Service [On_Demand | Stopped] -> C:\Windows\ehome\ehrecvr.exe -> [2008/01/20 21:51:36 | 00,344,064 | ---- | M] (Microsoft Corporation)
(ehSched) Windows Media Center Scheduler Service [On_Demand | Stopped] -> C:\Windows\ehome\ehsched.exe -> [2008/01/20 21:51:36 | 00,153,600 | ---- | M] (Microsoft Corporation)
(Viewpoint Manager Service) Viewpoint Manager Service [Auto | Running] -> C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe -> [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation)
(ehstart) Windows Media Center Service Launcher [Auto | Stopped] -> C:\Windows\ehome\ehstart.dll -> [2006/11/02 10:03:48 | 00,015,360 | ---- | M] (Microsoft Corporation)
(MSDTC) Distributed Transaction Coordinator [Unknown | Stopped] -> C:\Windows\SysWOW64\Msdtc -> [2006/11/02 08:34:14 | 00,000,000 | ---D | M]
(vds) Virtual Disk [On_Demand | Stopped] -> C:\Windows\SysWOW64\wbem\vds.mof -> [2006/11/02 01:35:15 | 00,060,994 | ---- | M] ()
(VSS) Volume Shadow Copy [On_Demand | Stopped] -> C:\Windows\SysWOW64\wbem\vss.mof -> [2006/11/02 01:35:15 | 00,055,846 | ---- | M] ()

[Driver Services - Safe List]
64bit-(AvgLdx64) AVG Free AVI Loader Driver x64 [Kernel | System | Running] -> C:\Windows\SysNative\Drivers\avgldx64.sys -> [2009/11/16 21:49:55 | 00,422,920 | ---- | M] ()
64bit-(AvgMfx64) AVG Free On-access Scanner Minifilter Driver x64 [File_System | System | Running] -> C:\Windows\SysNative\Drivers\avgmfx64.sys -> [2009/11/16 21:49:47 | 00,034,248 | ---- | M] ()
64bit-(ccHP) Symantec Hash Provider [Kernel | System | Running] -> C:\Windows\SysNative\Drivers\N360x64\0305020.00B\ccHPx64.sys -> [2009/08/22 03:26:08 | 00,583,296 | ---- | M] ()
64bit-(SRTSP) Symantec Real Time Storage Protection x64 [File_System | On_Demand | Running] -> C:\Windows\SysNative\Drivers\N360x64\0305020.00B\SRTSP64.SYS -> [2009/08/22 03:26:08 | 00,476,720 | ---- | M] ()
64bit-(SymEFA) Symantec Extended File Attributes [File_System | Boot | Running] -> C:\Windows\SysNative\drivers\N360x64\0305020.00B\SYMEFA64.SYS -> [2009/08/22 03:26:08 | 00,402,992 | ---- | M] ()
64bit-(BHDrvx64) Symantec Heuristics Driver [Kernel | System | Running] -> C:\Windows\SysNative\Drivers\N360x64\0305020.00B\BHDrvx64.sys -> [2009/08/22 03:26:08 | 00,334,384 | ---- | M] ()
64bit-(SYMTDI) Symantec Network Dispatch Driver [Kernel | System | Running] -> C:\Windows\SysNative\Drivers\N360x64\0305020.00B\SYMTDI.SYS -> [2009/08/22 03:26:08 | 00,278,576 | ---- | M] ()
64bit-(SYMFW) Symantec Network Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\Drivers\N360x64\0305020.00B\SYMFW.SYS -> [2009/08/22 03:26:08 | 00,120,880 | ---- | M] ()
64bit-(SYMNDISV) Symantec Network Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\Drivers\N360x64\0305020.00B\SYMNDISV.SYS -> [2009/08/22 03:26:08 | 00,056,880 | ---- | M] ()
64bit-(SRTSPX) Symantec Real Time Storage Protection (PEL) x64 [Kernel | System | Running] -> C:\Windows\SysNative\drivers\N360x64\0305020.00B\SRTSPX64.SYS -> [2009/08/22 03:26:08 | 00,032,304 | ---- | M] ()
64bit-(SymEvent) SymEvent [Kernel | On_Demand | Running] -> C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -> [2009/08/20 07:56:20 | 00,172,592 | ---- | M] ()
64bit-(GEARAspiWDM) GEAR ASPI Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -> [2009/08/20 07:55:56 | 00,034,152 | R--- | M] ()
64bit-(SymIM) Symantec Network Security Intermediate Filter Driver [Kernel | System | Running] -> C:\Windows\SysNative\DRIVERS\SymIMv.sys -> [2009/08/18 14:21:16 | 00,031,280 | R--- | M] ()
64bit-(atikmdag) atikmdag [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\atikmdag.sys -> [2009/07/15 03:23:30 | 06,096,896 | ---- | M] ()
64bit-(USBAAPL64) Apple Mobile USB Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\usbaapl64.sys -> [2009/06/05 10:42:38 | 00,048,640 | ---- | M] ()
64bit-(RTL8169) Realtek 8169 NT Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\Rtlh64.sys -> [2009/01/20 09:49:48 | 00,195,584 | ---- | M] ()
64bit-(netr28x) Ralink 802.11n Wireless Driver for Windows Vista [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\netr28x.sys -> [2009/01/19 16:41:48 | 00,609,280 | ---- | M] ()
64bit-(fssfltr) fssfltr [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\DRIVERS\fssfltr.sys -> [2008/12/08 16:35:52 | 00,061,792 | ---- | M] ()
64bit-(adfs) adfs [Kernel | Auto | Running] -> C:\Windows\SysNative\drivers\adfs.sys -> [2008/06/27 06:51:10 | 00,088,632 | ---- | M] ()
64bit-(WpdUsb) WpdUsb [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\DRIVERS\wpdusb.sys -> [2008/01/20 21:47:28 | 00,046,080 | ---- | M] ()
64bit-(usbaudio) USB Audio Driver (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\usbaudio.sys -> [2008/01/20 21:47:04 | 00,098,816 | ---- | M] ()
64bit-(LVUSBS64) Logitech USB Monitor Filter [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\LVUSBS64.sys -> [2007/03/06 16:52:46 | 00,058,400 | ---- | M] ()
64bit-(LVMVDrv) Logitech Machine Vision Engine Loader [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\DRIVERS\LVMVDrv.sys -> [2007/03/06 16:50:30 | 02,496,928 | ---- | M] ()
64bit-(LVcKap64) Logitech AEC Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\DRIVERS\LVcKap64.sys -> [2007/03/06 16:48:58 | 01,029,024 | ---- | M] ()
64bit-(PID_PEPI) Logitech QuickCam IM(PID_PEPI) [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\DRIVERS\LV302V64.SYS -> [2007/03/06 16:48:02 | 01,160,864 | ---- | M] ()
64bit-(lvpepf64) Volume Adapter [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\DRIVERS\lv302a64.sys -> [2007/03/06 16:47:50 | 00,016,160 | ---- | M] ()
64bit-(HdAudAddService) Microsoft 1.1 UAA Function Driver for High Definition Audio Service [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\HdAudio.sys -> [2006/11/02 00:28:10 | 00,273,920 | ---- | M] ()
64bit-(MTsensor) ATK0110 ACPI UTILITY [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\ASACPI.sys -> [2006/10/31 18:23:42 | 00,015,680 | ---- | M] ()
64bit-(ialm) ialm [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\DRIVERS\igdkmd64.sys -> [2006/10/18 21:09:19 | 01,930,176 | ---- | M] ()
(IDSVia64) IDSVia64 [Kernel | System | Running] -> C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091111.001\IDSviA64.sys -> [2009/10/28 17:37:21 | 00,466,992 | ---- | M] (Symantec Corporation)
(eeCtrl) Symantec Eraser Control driver [Kernel | System | Running] -> C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -> [2009/08/26 03:00:00 | 00,475,696 | ---- | M] (Symantec Corporation)
(EraserUtilRebootDrv) EraserUtilRebootDrv [Kernel | On_Demand | Running] -> C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -> [2009/08/26 03:00:00 | 00,132,656 | ---- | M] (Symantec Corporation)
(NAVEX15) NAVEX15 [Kernel | On_Demand | Running] -> C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091117.020\EX64.SYS -> [2009/08/25 03:00:00 | 01,742,896 | ---- | M] (Symantec Corporation)
(NAVENG) NAVENG [Kernel | On_Demand | Running] -> C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091117.020\ENG64.SYS -> [2009/08/25 03:00:00 | 00,116,272 | ---- | M] (Symantec Corporation)
(X4HSX32) X4HSX32 [Kernel | Auto | Stopped] -> C:\Program Files (x86)\GameTap Web Player\bin\release\X4HSX32.sys -> [2009/05/05 16:26:54 | 00,024,576 | ---- | M] (Exent Technologies Ltd.)
(adfs) adfs [Kernel | Auto | Running] -> C:\Windows\SysWOW64\drivers\adfs.sys -> [2008/08/14 06:57:42 | 00,074,720 | ---- | M] (Adobe Systems, Inc.)
(ASInsHelp) ASInsHelp [Kernel | Auto | Running] -> C:\Windows\SysWOW64\drivers\AsInsHelp64.sys -> [2008/01/04 07:34:48 | 00,011,832 | ---- | M] ()
(AsIO) AsIO [Kernel | System | Running] -> C:\Windows\SysWOW64\drivers\AsIO.sys -> [2007/12/17 12:14:14 | 00,014,392 | R--- | M] ()
(Tcpip) TCP/IP Protocol Driver [Kernel | Boot | Running] -> C:\Windows\SysWOW64\wbem\tcpip.mof -> [2006/09/18 16:36:40 | 00,003,066 | ---- | M] ()
(mpsdrv) Windows Firewall Authorization Driver [Kernel | On_Demand | Running] -> C:\Windows\SysWOW64\wbem\mpsdrv.mof -> [2006/09/18 16:35:23 | 00,001,088 | ---- | M] ()

[Registry - Safe List]
< 64bit-Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" -> [binary data] ->
HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons ->
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> C:\Windows\System32\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk ->
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" -> [binary data] ->
HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons ->
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> C:\Windows\SysWOW64\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk ->
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
HKEY_CURRENT_USER\: Main\\"Default_Secondary_Page_URL" -> http://www.asus.com [binary data] ->
HKEY_CURRENT_USER\: Main\\"Local Page" -> C:\Windows\system32\blank.htm ->
HKEY_CURRENT_USER\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_CURRENT_USER\: Main\\"Secondary Start Pages" -> http://www.asus.com [binary data] ->
HKEY_CURRENT_USER\: Main\\"Start Page" -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKEY_CURRENT_USER\: Main\\"Start Page Redirect Cache" -> http://www.msn.com/ ->
HKEY_CURRENT_USER\: Main\\"Start Page Redirect Cache AcceptLangs" -> en-us ->
HKEY_CURRENT_USER\: Main\\"Start Page Redirect Cache_TIMESTAMP" -> 03 89 C3 B6 1D 66 CA 01 [binary data] ->
HKEY_CURRENT_USER\: Main\\"StartPageCache" -> 1 ->
HKEY_CURRENT_USER\: URLSearchHooks\\"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> [2008/07/28 05:47:40 | 00,882,416 | ---- | M] (Yahoo! Inc.)
HKEY_CURRENT_USER\: "ProxyEnable" -> 0 ->
< FireFox Settings [Prefs.js] > -> C:\Users\Falcon\AppData\Roaming\Mozilla\FireFox\Profiles\vxmg6rlp.default\prefs.js ->
extensions.enabledItems -> [email protected]:1.4.5 ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13 ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15 ->
extensions.enabledItems -> {7BA52691-1876-45ce-9EE6-54BCB3B04BBC}:3.7 ->
extensions.enabledItems -> {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.8 ->
extensions.enabledItems -> {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.5 ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\Extensions -> ->
HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b} -> C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\] -> [2009/07/08 17:59:43 | 00,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 3.5\extensions -> ->
HKLM\software\mozilla\Mozilla Firefox 3.5\extensions\\Components -> C:\Mozilla Firefox\components [C:\MOZILLA FIREFOX\COMPONENTS] -> [2009/11/09 12:30:20 | 00,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 3.5\extensions\\Plugins -> C:\Mozilla Firefox\plugins [C:\MOZILLA FIREFOX\PLUGINS] -> [2009/11/09 12:30:23 | 00,000,000 | ---D | M]
< FireFox Extensions [User Folders] > ->
-> C:\Users\Falcon\AppData\Roaming\Mozilla\Extensions -> [2009/07/08 10:03:21 | 00,000,000 | ---D | M]
-> C:\Users\Falcon\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} -> [2009/07/08 10:03:21 | 00,000,000 | ---D | M]
-> C:\Users\Falcon\AppData\Roaming\Mozilla\Firefox\Profiles\vxmg6rlp.default\extensions -> [2009/11/17 14:54:49 | 00,000,000 | ---D | M]
-> C:\Users\Falcon\AppData\Roaming\Mozilla\Firefox\Profiles\vxmg6rlp.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} -> [2009/07/13 15:23:51 | 00,000,000 | ---D | M]
-> C:\Users\Falcon\AppData\Roaming\Mozilla\Firefox\Profiles\vxmg6rlp.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12} -> [2009/10/27 14:59:20 | 00,000,000 | ---D | M]
-> C:\Users\Falcon\AppData\Roaming\Mozilla\Firefox\Profiles\vxmg6rlp.default\extensions\DefaultManager@Microsoft -> [2009/09/09 14:41:40 | 00,000,000 | ---D | M]
-> C:\Users\Falcon\AppData\Roaming\Mozilla\Firefox\Profiles\vxmg6rlp.default\extensions\[email protected] -> [2009/11/05 19:19:06 | 00,000,000 | ---D | M]
< FireFox Extensions [Program Folders] > ->
-> C:\Mozilla Firefox\extensions -> [2009/11/18 07:42:38 | 00,000,000 | ---D | M]
-> C:\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} -> [2009/11/09 12:30:21 | 00,000,000 | ---D | M]
-> C:\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} -> [2009/07/17 11:04:58 | 00,000,000 | ---D | M]
-> C:\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} -> [2009/08/29 08:13:38 | 00,000,000 | ---D | M]
< FireFox Components [Program Folders] > ->
browserdirprovider.dll -> C:\Mozilla Firefox\components\browserdirprovider.dll -> [2009/11/09 12:30:04 | 00,023,512 | ---- | M] (Mozilla Foundation)
brwsrcmp.dll -> C:\Mozilla Firefox\components\brwsrcmp.dll -> [2009/11/09 12:30:05 | 00,137,176 | ---- | M] (Mozilla Foundation)
coFFPlgn.dll -> C:\Mozilla Firefox\components\coFFPlgn.dll -> [2008/06/30 12:44:08 | 00,324,976 | ---- | M] (Symantec Corporation)
< HOSTS File > (761 bytes and 20 lines) -> C:\Windows\SysNative\Drivers\etc\hosts ->
Reset Hosts
127.0.0.1 localhost
::1 localhost
< 64bit-BHO's [HKEY_LOCAL_MACHINE] > -> 64bit-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} [HKLM] -> C:\Program Files\Windows Live\Family Safety\fssbho.dll [Windows Live Family Safety Browser Helper Class] -> [2008/12/08 16:35:52 | 00,068,960 | ---- | M] (Microsoft Corporation)
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{02478D38-C3F9-4efb-9B51-7695ECA05670} [HKLM] -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll [&Yahoo! Toolbar Helper] -> [2008/07/28 05:47:40 | 00,882,416 | ---- | M] (Yahoo! Inc.)
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2008/06/11 21:33:22 | 00,061,816 | ---- | M] (Adobe Systems Incorporated)
{074C1DC5-9320-4A9A-947D-C042949C6216} [HKLM] -> C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [ContributeBHO Class] -> [2008/09/10 00:07:52 | 00,136,560 | ---- | M] ()
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} [HKLM] -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [Adobe PDF Link Helper] -> [2008/06/11 21:33:16 | 00,075,128 | ---- | M] (Adobe Systems Incorporated)
{22BF413B-C6D2-4d91-82A9-A0F997BA588C} [HKLM] -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on (mastermind)] -> [2009/08/04 14:47:42 | 01,586,472 | ---- | M] (Skype Technologies S.A.)
{5C255C8A-E604-49b4-9D64-90988571CECB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} [HKLM] -> C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\CoIEPlg.dll [Symantec NCO BHO] -> [2009/08/22 03:26:05 | 00,378,736 | R--- | M] (Symantec Corporation)
{6D53EC84-6AAE-4787-AEEE-F4628F01010C} [HKLM] -> C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\IPSBHO.dll [Symantec Intrusion Prevention] -> [2009/08/22 03:26:06 | 00,107,896 | R--- | M] (Symantec Corporation)
{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} [HKLM] -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [Search Helper] -> [2009/05/19 10:36:18 | 00,137,600 | ---- | M] (Microsoft Corporation)
{9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll [Windows Live Sign-in Helper] -> [2009/02/17 15:11:04 | 00,408,440 | ---- | M] (Microsoft Corporation)
{AE7CD045-E861-484f-8273-0445EE161910} [HKLM] -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [Adobe PDF Conversion Toolbar Helper] -> [2008/06/11 21:42:44 | 00,345,480 | ---- | M] (Adobe Systems Incorporated)
{d2ce3e00-f94a-4740-988e-03dc2f38c34f} [HKLM] -> C:\Program Files (x86)\MSN\Toolbar\3.0.1125.0\msneshellx.dll [MSN Toolbar Helper] -> [2009/02/09 20:33:14 | 00,082,768 | ---- | M] (Microsoft Corp.)
{DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [Java(tm) Plug-In 2 SSV Helper] -> [2009/07/25 04:23:03 | 00,041,760 | ---- | M] (Sun Microsystems, Inc.)
{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} [HKLM] -> C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [Windows Live Toolbar Helper] -> [2008/12/08 16:01:58 | 01,067,352 | ---- | M] (Microsoft Corporation)
{F4971EE7-DAA0-4053-9964-665D8EE6A077} [HKLM] -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [SmartSelect Class] -> [2008/06/11 21:42:44 | 00,345,480 | ---- | M] (Adobe Systems Incorporated)
{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} [HKLM] -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [SingleInstance Class] -> [2008/07/28 05:47:42 | 00,160,496 | ---- | M] (Yahoo! Inc)
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
"" [HKLM] -> Reg Error: Key error. [Reg Error: Value error.] -> File not found
"{1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414}" [HKLM] -> C:\Program Files (x86)\MSN\Toolbar\3.0.1125.0\msneshellx.dll [MSN Toolbar] -> [2009/02/09 20:33:14 | 00,082,768 | ---- | M] (Microsoft Corp.)
"{21FA44EF-376D-4D53-9B0F-8A89D3229068}" [HKLM] -> C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [&Windows Live Toolbar] -> [2008/12/08 16:01:58 | 01,067,352 | ---- | M] (Microsoft Corporation)
"{47833539-D0C5-4125-9FA8-0819E2EAAC93}" [HKLM] -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [Adobe PDF] -> [2008/06/11 21:42:44 | 00,345,480 | ---- | M] (Adobe Systems Incorporated)
"{517BDDE4-E3A7-4570-B21E-2B52B6139FC7}" [HKLM] -> C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [Contribute Toolbar] -> [2008/09/10 00:07:52 | 00,136,560 | ---- | M] ()
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" [HKLM] -> C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\CoIEPlg.dll [Norton Toolbar] -> [2009/08/22 03:26:05 | 00,378,736 | R--- | M] (Symantec Corporation)
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> [2008/07/28 05:47:40 | 00,882,416 | ---- | M] (Yahoo! Inc.)
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\"{21FA44EF-376D-4D53-9B0F-8A89D3229068}" [HKLM] -> C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [&Windows Live Toolbar] -> [2008/12/08 16:01:58 | 01,067,352 | ---- | M] (Microsoft Corporation)
WebBrowser\\"{47833539-D0C5-4125-9FA8-0819E2EAAC93}" [HKLM] -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [Adobe PDF] -> [2008/06/11 21:42:44 | 00,345,480 | ---- | M] (Adobe Systems Incorporated)
WebBrowser\\"{604BC32A-9680-40D1-9AC6-E06B23A1BA4C}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" [HKLM] -> C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\CoIEPlg.dll [Norton Toolbar] -> [2009/08/22 03:26:05 | 00,378,736 | R--- | M] (Symantec Corporation)
< 64bit-Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"NvCplDaemon" -> C:\Windows\SysNative\NvCpl.DLL [RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup] -> [2009/06/10 08:38:54 | 16,315,424 | ---- | M] ()
"RtHDVCpl" -> C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe] -> [2009/02/03 12:36:10 | 06,975,520 | ---- | M] (Realtek Semiconductor)
"SKDaemon.exe" -> C:\Program Files\LTONHIS\Touch Manager\SKDaemon.exe [C:\Program Files\LTONHIS\Touch Manager\SKDaemon.exe] -> [2009/02/27 13:09:32 | 00,318,464 | ---- | M] ()
"Skytel" -> C:\Program Files\Realtek\Audio\HDA\SkyTel.exe [C:\Program Files\Realtek\Audio\HDA\Skytel.exe] -> [2009/02/03 12:36:52 | 01,833,504 | ---- | M] (Realtek Semiconductor Corp.)
"Windows Defender" -> C:\Program Files\Windows Defender\MSASCui.exe [%ProgramFiles%\Windows Defender\MSASCui.exe -hide] -> [2008/01/20 21:47:32 | 01,584,184 | ---- | M] (Microsoft Corporation)
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"" -> [] -> File not found
"Acrobat Assistant 8.0" -> C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe ["C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"] -> [2008/06/11 21:43:26 | 00,640,376 | ---- | M] (Adobe Systems Inc.)
"Adobe Acrobat Speed Launcher" -> C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe ["C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"] -> [2008/06/12 01:25:18 | 00,037,232 | ---- | M] (Adobe Systems Incorporated)
"Adobe Reader Speed Launcher" -> C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe ["C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"] -> [2007/10/10 13:51:56 | 00,039,792 | ---- | M] (Adobe Systems Incorporated)
"Adobe_ID0ENQBO" -> C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe [C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE] -> [2008/08/15 04:46:20 | 00,378,224 | ---- | M] (Adobe Systems Incorporated)
"AdobeCS4ServiceManager" -> C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe ["C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin] -> [2008/08/14 06:58:34 | 00,611,712 | ---- | M] (Adobe Systems Incorporated)
"ATICustomerCare" -> C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe ["C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"] -> [2008/05/02 10:59:12 | 00,307,200 | ---- | M] (Advanced Micro Devices, Inc.)
"AVG9_TRAY" -> C:\AVG9\avgtray.exe [C:\AVG9\avgtray.exe] -> [2009/11/16 21:49:41 | 02,020,120 | ---- | M] (AVG Technologies CZ, s.r.o.)
"iTunesHelper" -> C:\iTunes\iTunesHelper.exe ["C:\iTunes\iTunesHelper.exe"] -> [2009/09/21 15:36:12 | 00,305,440 | ---- | M] (Apple Inc.)
"LogitechCommunicationsManager" -> C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ["C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"] -> [2007/03/06 16:48:46 | 00,488,984 | ---- | M] (Labtec Inc,)
"LogitechQuickCamRibbon" -> C:\WebCam10.exe ["C:\WebCam10.exe" /hide] -> [2007/03/06 16:58:16 | 01,060,376 | ---- | M] ()
"Microsoft Default Manager" -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe ["C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume] -> [2009/02/03 12:05:02 | 00,233,304 | ---- | M] (Microsoft Corp.)
"QuickTime Task" -> C:\Program Files (x86)\QuickTime\QTTask.exe ["C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime] -> [2009/09/05 00:54:42 | 00,417,792 | ---- | M] (Apple Inc.)
"StartCCC" -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ["C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun] -> [2009/05/20 15:24:56 | 00,098,304 | ---- | M] (Advanced Micro Devices, Inc.)
"SunJavaUpdateSched" -> C:\Program Files (x86)\Java\jre6\bin\jusched.exe ["C:\Program Files (x86)\Java\jre6\bin\jusched.exe"] -> [2009/07/25 04:23:12 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.)
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"AdobeBridge" -> [] -> File not found
"ehTray.exe" -> C:\Windows\ehome\ehtray.exe [C:\Windows\ehome\ehTray.exe] -> [2008/01/20 21:51:33 | 00,138,240 | ---- | M] (Microsoft Corporation)
"Google Update" -> C:\Users\Falcon\AppData\Local\Google\Update\GoogleUpdate.exe ["C:\Users\Falcon\AppData\Local\Google\Update\GoogleUpdate.exe" /c] -> [2009/07/07 20:53:42 | 00,133,104 | ---- | M] (Google Inc.)
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoActiveDesktop" -> [1] -> File not found
\\"NoActiveDesktopChanges" -> [1] -> File not found
\\"ForceActiveDesktopOn" ->

-> File not found

< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"ConsentPromptBehaviorAdmin" -> [2] -> File not found
\\"ConsentPromptBehaviorUser" -> [1] -> File not found
\\"EnableInstallerDetection" -> [1] -> File not found
\\"EnableLUA" -> [1] -> File not found
\\"EnableSecureUIAPaths" -> [1] -> File not found
\\"EnableVirtualization" -> [1] -> File not found
\\"PromptOnSecureDesktop" -> [1] -> File not found
\\"ValidateAdminCodeSignatures" ->

-> File not found

\\"dontdisplaylastusername" ->

-> File not found

\\"legalnoticecaption" -> [] -> File not found
\\"legalnoticetext" -> [] -> File not found
\\"scforceoption" ->

-> File not found

\\"shutdownwithoutlogon" -> [1] -> File not found
\\"undockwithoutlogon" -> [1] -> File not found
\\"FilterAdministratorToken" ->

-> File not found

\\"EnableUIADesktopToggle" ->

-> File not found

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats
\UIPI\Clipboard\ExceptionFormats\\"CF_TEXT" -> [1] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_BITMAP" -> [2] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_OEMTEXT" -> [7] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_DIB" -> [8] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_PALETTE" -> [9] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_UNICODETEXT" -> [13] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_DIBV5" -> [17] -> File not found
< 64bit-Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
Append Link Target to Existing PDF -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html] -> [2008/06/11 21:42:44 | 00,345,480 | ---- | M] (Adobe Systems Incorporated)
Append to Existing PDF -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html] -> [2008/06/11 21:42:44 | 00,345,480 | ---- | M] (Adobe Systems Incorporated)
Convert Link Target to Adobe PDF -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html] -> [2008/06/11 21:42:44 | 00,345,480 | ---- | M] (Adobe Systems Incorporated)
Convert to Adobe PDF -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html] -> [2008/06/11 21:42:44 | 00,345,480 | ---- | M] (Adobe Systems Incorporated)
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
Append Link Target to Existing PDF -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html] -> [2008/06/11 21:42:44 | 00,345,480 | ---- | M] (Adobe Systems Incorporated)
Append to Existing PDF -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html] -> [2008/06/11 21:42:44 | 00,345,480 | ---- | M] (Adobe Systems Incorporated)
Convert Link Target to Adobe PDF -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html] -> [2008/06/11 21:42:44 | 00,345,480 | ---- | M] (Adobe Systems Incorporated)
Convert to Adobe PDF -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html] -> [2008/06/11 21:42:44 | 00,345,480 | ---- | M] (Adobe Systems Incorporated)
E&xport to Microsoft Excel -> C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE [res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000] -> File not found
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}:{5F7B1267-94A9-47F5-98DB-E99415F33AEC} [HKLM] -> C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll [Button: Blog This] -> [2008/12/02 21:27:36 | 00,187,224 | ---- | M] (Microsoft Corporation)
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}:{5F7B1267-94A9-47F5-98DB-E99415F33AEC} [HKLM] -> C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll [Menu: &Blog This in Windows Live Writer] -> [2008/12/02 21:27:36 | 00,187,224 | ---- | M] (Microsoft Corporation)
{5067A26B-1337-4436-8AFE-EE169C2DA79F}:{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKLM] -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Menu: Skype add-on for Internet Explorer] -> [2009/08/04 14:47:42 | 01,586,472 | ---- | M] (Skype Technologies S.A.)
{77BF5300-1474-4EC7-9980-D32B190E9B07}:{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKLM] -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Button: Skype] -> [2009/08/04 14:47:42 | 01,586,472 | ---- | M] (Skype Technologies S.A.)
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ ->
64bit-{13C1DBF6-7535-495c-91F6-8C13714ED485}\\"ButtonText" [HKLM] -> [Reg Error: Key error.] -> File not found
{13C1DBF6-7535-495c-91F6-8C13714ED485}\\"ButtonText" [HKLM] -> [Reg Error: Key error.] -> File not found
64bit-{13C1DBF6-7535-495c-91F6-8C13714ED485}\\"CLSID" [HKLM] -> [{0000031A-0000-0000-C000-000000000046}] -> File not found
{13C1DBF6-7535-495c-91F6-8C13714ED485}\\"CLSID" [HKLM] -> [{0000031A-0000-0000-C000-000000000046}] -> File not found
64bit-{13C1DBF6-7535-495c-91F6-8C13714ED485}\\"Default Visible" [HKLM] -> [Reg Error: Key error.] -> File not found
{13C1DBF6-7535-495c-91F6-8C13714ED485}\\"Default Visible" [HKLM] -> [Reg Error: Key error.] -> File not found
64bit-{13C1DBF6-7535-495c-91F6-8C13714ED485}\\"Exec" [HKLM] -> [Reg Error: Key error.] -> File not found
{13C1DBF6-7535-495c-91F6-8C13714ED485}\\"Exec" [HKLM] -> [Reg Error: Key error.] -> File not found
64bit-{13C1DBF6-7535-495c-91F6-8C13714ED485}\\"HotIcon" [HKLM] -> [Reg Error: Key error.] -> File not found
{13C1DBF6-7535-495c-91F6-8C13714ED485}\\"HotIcon" [HKLM] -> [Reg Error: Key error.] -> File not found
64bit-{13C1DBF6-7535-495c-91F6-8C13714ED485}\\"Icon" [HKLM] -> [Reg Error: Key error.] -> File not found
{13C1DBF6-7535-495c-91F6-8C13714ED485}\\"Icon" [HKLM] -> [Reg Error: Key error.] -> File not found
64bit-{13C1DBF6-7535-495c-91F6-8C13714ED485}\\"MenuStatusBar" [HKLM] -> [Reg Error: Key error.] -> File not found
{13C1DBF6-7535-495c-91F6-8C13714ED485}\\"MenuStatusBar" [HKLM] -> [Reg Error: Key error.] -> File not found
64bit-{13C1DBF6-7535-495c-91F6-8C13714ED485}\\"MenuText" [HKLM] -> [Reg Error: Key error.] -> File not found
{13C1DBF6-7535-495c-91F6-8C13714ED485}\\"MenuText" [HKLM] -> [Reg Error: Key error.] -> File not found
< 64bit-Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< 64bit-Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< 64bit-Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab [Java Plug-in 1.6.0_15] ->
{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab [Java Plug-in 1.6.0_15] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab [Java Plug-in 1.6.0_15] ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab [Shockwave Flash Object] ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ ->
DhcpNameServer -> 192.168.1.1 ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{446CB55F-95A4-420F-8427-9FFC172D2E56}\\DhcpNameServer -> 192.168.1.1 (Realtek RTL8168B/8111B/8112 Family PCI-E GBE NIC) ->
< 64bit-AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs ->
64bit-*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls ->
avgrssta.dll -> C:\Windows\SysNative\avgrssta.dll -> [2009/11/16 21:49:59 | 00,012,464 | ---- | M] ()
*MultiFile Done* -> ->
< 64bit-Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
64bit-*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
explorer.exe -> C:\Windows\explorer.exe -> [2008/10/29 01:49:22 | 03,080,704 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
explorer.exe -> C:\Windows\SysWow64\explorer.exe -> [2008/10/29 01:29:41 | 02,927,104 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
< Vista Public Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications ->
< Vista Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications ->
64bit-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List
\List\\"C:\BitTorrent\bittorrent.exe" -> C:\BitTorrent\bittorrent.exe [C:\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent] -> [2009/11/13 10:21:43 | 00,654,128 | ---- | M] (BitTorrent, Inc.)
< Vista Active Firewall Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules ->
{06401FF8-EDD3-488E-8059-4CBA0C8A0B60} -> rport=445 | profile=private | protocol=6 | dir=out | action=allow | [email protected],-28515 | app=system |
{09BDDF90-8748-4B1D-9212-1F1CA1D8FFE8} -> rport=2869 | profile=domain | protocol=6 | dir=out | action=allow | [email protected],-152 | app=system |
{1096E201-87BD-45B9-ABA9-E9D3F7D29328} -> lport=138 | profile=private | pro

guestolo · « **Reply #6 on:** November 18, 2009, 10:03:48 AM »

Can you backup any data your concerned about
However, this next step shouldn't remove any of them, just for safety

We should test your drive
I noticed you have Norton 360 and AVG9 installed
Having 2 AntiVirus software installed can conflict and cause system instabilities

For now, can you uninstall AVG if it's the free edition
Reboot the computer afterwards

Can you check if you have a Restore point before this started happening
But let's try it with the DVD
Here the instructions:
http://vistahomepremium.windowsreinstall.c...stemrestore.htm

If you do have a restore point before this happened
Choose it

I'll check back later, I'm off to work

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/smile.gif\' class=\'bbc_emoticon\' alt=\'

\' />

balefireone · « **Reply #7 on:** November 18, 2009, 12:34:17 PM »

Thanks so much for your help. The drive is not reading the boot disc, so I guess I'll replace the hardware, then
get back to you and let you know what happens.

Really appreciate the help!

Brian

TheTechGuide Forum

News:

Author Topic: IDE/SATA DVD-R/W Problem (Read 1224 times)

balefireone

IDE/SATA DVD-R/W Problem

guestolo

IDE/SATA DVD-R/W Problem

balefireone

IDE/SATA DVD-R/W Problem

balefireone

IDE/SATA DVD-R/W Problem

guestolo

IDE/SATA DVD-R/W Problem

balefireone

IDE/SATA DVD-R/W Problem

guestolo

IDE/SATA DVD-R/W Problem

balefireone

IDE/SATA DVD-R/W Problem