PDA

View Full Version : (anything) is not a valid Win32 application (2) added dds



csky86
2010-09-22, 20:23
Hi everyone , it seems my pc has a problem...i wonder if you guys can help me about that tongue.gif
Here's the problem: any application i try to open using double click it gets me to C:\program files\....\XXXX.exe is not a valid Win32 application and i have to right click run as administrator for it to execute properly... well i was fine with that for 2 days or so but todat when the new starcraft2 patch came out it seems even with the right as administrator it won't execute properly .. it's just opens and than closes without updating.. it stays around 2-3 seconds..
i did a scan with hijack this as i was suggested , here it is .. u guys might able to know what is it about .. i rlly dont wanna format :|

My pc is a x64.



DDS (Ver_10-03-17.01) - NTFSX64 DSREPAIR
Run by CrimsonSky at 20:20:37.32 on Wed 09/22/2010
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_21
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.4095.2985 [GMT 3:00]


============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\AEADISRV.EXE
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\klwtblfs.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Steam\steam.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\CrimsonSky\Desktop\Downloads\dds.scr
C:\Windows\system32\conhost.exe

============== Pseudo HJT Report ===============

mLocal Page = c:\windows\syswow64\blank.htm
mWinlogon: Userinit=userinit.exe
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2011\ievkbd.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2011\klwtbbho.dll
uRun: [Steam] "c:\program files (x86)\steam\Steam.exe" -silent
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
mRun: [Kone] "c:\program files (x86)\roccat\kone mouse\KoneHID.EXE"
mRun: [SoundMAXPnP] c:\program files (x86)\analog devices\core\smax4pnp.exe
mRun: [JMB36X IDE Setup] c:\windows\raidtool\xInsIDE.exe
mRun: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry
mRun: [AVP] "c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2011\avp.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2011\klwtbbho.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2011\klwtbbho.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
TCP: {D697D1E0-F6AF-4074-86A5-33E488C8B310} = 192.168.123.1
AppInit_DLLs: c:\progra~2\kasper~1\kasper~1\mzvkbd3.dll
BHO-X64: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2011\x64\ievkbd.dll
BHO-X64: IEVkbdBHO - No File
BHO-X64: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2011\x64\klwtbbho.dll
BHO-X64: link filter bho - No File
mRun-x64: [SoundMAX] c:\program files (x86)\analog devices\soundmax\soundmax.exe /tray

================= FIREFOX ===================

FF - ProfilePath - c:\users\crimso~1\appdata\roaming\mozilla\firefox\profiles\zmiqjktq.default\
FF - component: c:\program files (x86)\mozilla firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll
FF - plugin: c:\program files (x86)\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files (x86)\mozilla firefox\plugins\npwachk.dll
FF - plugin: c:\program files (x86)\nvidia corporation\3d vision\npnv3dv.dll
FF - plugin: c:\program files (x86)\nvidia corporation\3d vision\npnv3dvstreaming.dll
FF - plugin: c:\windows\syswow64\macromed\flash\NPSWF32.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - truec:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [2010-6-9 11864]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\drivers\klim6.sys [2010-4-22 27736]
R2 AVP;Kaspersky Anti-Virus Service;c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2011\avp.exe [2010-7-1 352976]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\nvidia corporation\3d vision\nvSCPAPISvr.exe [2010-7-10 248936]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\tuneup utilities 2010\TuneUpUtilitiesService64.exe [2010-8-28 1403200]
R3 KoneFltr;ROCCAT Kone;c:\windows\system32\drivers\Kone.sys [2010-9-16 15488]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt64win7.sys [2009-6-10 187392]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\tuneup utilities 2010\TuneUpUtilitiesDriver64.sys [2010-2-25 11856]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x64.sys [2009-5-20 393728]
S2 !SASCORE;SAS Core Service;"c:\program files\superantispyware\sascore64.exe" --> c:\program files\superantispyware\SASCORE64.EXE [?]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009-11-2 22544]
S3 SwitchBoard;SwitchBoard;c:\program files (x86)\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]

============== File Associations ===============

exefile=c:\windows\svchost.com "%1" %*

=============== Created Last 30 ================

2010-09-22 14:16:26 149773 ----a-w- c:\windows\system32\drivers\klin.dat
2010-09-22 14:16:26 106765 ----a-w- c:\windows\system32\drivers\klick.dat
2010-09-22 14:15:23 0 d-----w- c:\program files (x86)\Kaspersky Lab
2010-09-22 14:15:22 0 d-----w- c:\programdata\Kaspersky Lab
2010-09-22 13:40:54 0 d-----w- c:\programdata\Kaspersky Lab Setup Files
2010-09-22 13:17:41 0 d-----w- c:\programdata\Blizzard Entertainment
2010-09-22 13:17:41 0 d-----w- c:\program files (x86)\StarCraft II
2010-09-22 11:57:37 0 d-----w- c:\programdata\!SASCORE
2010-09-22 11:11:27 0 --sha-w- C:\ntuser.dat.LOG2
2010-09-22 11:11:27 0 --sha-w- C:\ntuser.dat.LOG1
2010-09-22 11:11:27 0 ----a-w- C:\ntuser.dat
2010-09-21 20:02:12 0 d-----w- c:\programdata\Sun
2010-09-21 20:02:00 423656 ----a-w- c:\windows\syswow64\deployJava1.dll
2010-09-21 20:02:00 153376 ----a-w- c:\windows\syswow64\javaws.exe
2010-09-21 20:02:00 145184 ----a-w- c:\windows\syswow64\javaw.exe
2010-09-21 20:02:00 145184 ----a-w- c:\windows\syswow64\java.exe
2010-09-20 20:23:05 35 ----a-w- c:\windows\directx.sys
2010-09-20 20:22:56 0 ----a-w- c:\windows\svchost.com
2010-09-20 10:54:07 0 d-----w- c:\program files (x86)\Valve
2010-09-19 10:50:43 0 d-----w- c:\windows\pss
2010-09-19 09:04:20 355990955 ----a-w- c:\windows\MEMORY.DMP
2010-09-16 22:06:00 0 d-----w- c:\users\crimso~1\appdata\roaming\YouTube HD Transfer
2010-09-16 22:05:56 609824 ----a-w- c:\windows\syswow64\COMCTL32.OCX
2010-09-16 22:05:56 212240 ----a-w- c:\windows\syswow64\richtx32.ocx
2010-09-16 22:05:56 124688 ----a-w- c:\windows\syswow64\MSWINSCK.OCX
2010-09-16 22:05:56 0 d-----w- c:\program files (x86)\YouTube HD Transfer
2010-09-16 13:46:12 1081616 ----a-w- c:\windows\system32\mscomctl.ocx
2010-09-16 13:19:41 83888 ----a-w- c:\windows\War3Unin.dat
2010-09-16 13:19:41 2829 ----a-w- c:\windows\War3Unin.pif
2010-09-16 13:19:41 139264 ----a-w- c:\windows\War3Unin.exe
2010-09-16 13:19:03 0 d-----w- c:\program files (x86)\Garena
2010-09-16 13:14:14 0 d-----w- c:\windows\system32\appmgmt
2010-09-16 08:44:12 0 d-----w- c:\windows\Panther
2010-09-16 08:44:00 8192 --sha-r- C:\BOOTSECT.BAK
2010-09-16 08:43:59 383562 --sh--r- C:\bootmgr
2010-09-16 08:43:59 0 d-sh--w- C:\Boot
2010-09-16 07:52:53 171136 --sha-r- C:\w7ldr
2010-09-16 07:52:08 0 d-sh--w- C:\Recovery
2010-09-16 02:26:55 0 d-----w- c:\programdata\regid.1986-12.com.adobe
2010-09-16 02:22:59 0 d-----w- c:\program files\Adobe
2010-09-16 02:22:10 0 d-----w- c:\program files\common files\Adobe
2010-09-16 01:49:51 0 d-----w- c:\programdata\Adobe
2010-09-16 01:43:37 0 d-----w- c:\program files (x86)\common files\Blizzard Entertainment
2010-09-16 01:38:00 0 d-----w- c:\programdata\Yahoo!
2010-09-16 01:37:23 0 d-----w- c:\program files (x86)\Yahoo!
2010-09-16 01:25:34 0 d-----w- c:\programdata\Creative
2010-09-16 01:08:49 4174814 ------w- c:\windows\syswow64\CT4MGM.SF2
2010-09-16 01:08:49 4174814 ------w- c:\windows\system32\CT4MGM.SF2
2010-09-16 01:08:49 2167684 ------w- c:\windows\syswow64\CT2MGM.SF2
2010-09-16 01:08:49 2167684 ------w- c:\windows\system32\CT2MGM.SF2
2010-09-16 01:08:30 11264 ----a-w- c:\windows\syswow64\INRES.DLL
2010-09-16 01:08:30 10752 ----a-w- c:\windows\system32\INRES.DLL
2010-09-16 01:08:29 1892352 ------w- c:\windows\system32\Sens_oal.dll
2010-09-16 01:08:29 1544192 ------w- c:\windows\syswow64\Sens_oal.dll
2010-09-16 01:08:17 83456 ------w- c:\windows\system32\CmdRtr64.dll
2010-09-16 01:08:17 69120 ------w- c:\windows\syswow64\CmdRtr.dll
2010-09-16 01:08:17 139264 ------w- c:\windows\system32\APOMgr64.dll
2010-09-16 01:08:17 108544 ------w- c:\windows\syswow64\APOMngr.dll
2010-09-16 01:04:56 2868224 ----a-w- c:\windows\explorer_edit_w7sbc.exe
2010-09-16 01:04:56 2868224 ----a-w- c:\windows\explorer_backup_w7sbc.exe
2010-09-16 01:04:56 2385408 ----a-w- c:\windows\explorer.exe
2010-09-16 01:04:56 0 d-----w- c:\windows\W7SBC
2010-09-16 00:51:56 0 d-----w- c:\program files (x86)\OpenAL
2010-09-16 00:41:41 102400 ----a-w- c:\windows\temp.000
2010-09-16 00:13:41 15416 ----a-w- c:\windows\system32\drivers\ASACPI.sys
2010-09-16 00:13:09 0 d-----w- c:\program files (x86)\Marvell
2010-09-16 00:12:51 315904 ----a-w- c:\windows\syswow64\Difx464.rra
2010-09-16 00:12:51 1970176 ----a-w- c:\windows\syswow64\xRaidSetup.exe
2010-09-16 00:12:51 151552 ----a-w- c:\windows\syswow64\xRaidAPI.dll
2010-09-16 00:12:46 0 d-----w- c:\windows\RaidTool
2010-09-16 00:12:29 109480 ----a-w- c:\windows\system32\drivers\jraid.sys
2010-09-16 00:12:01 53248 ----a-w- c:\windows\syswow64\CSVer.dll
2010-09-16 00:11:32 0 d-----w- C:\Intel
2010-09-16 00:10:50 1769 ----a-w- c:\windows\Language_trs.ini
2010-09-16 00:10:04 419840 ----a-w- c:\windows\system32\wrap_oal.dll
2010-09-16 00:10:04 413696 ----a-w- c:\windows\syswow64\wrap_oal.dll
2010-09-16 00:10:04 1828352 ------w- c:\windows\system32\adi_oal.dll
2010-09-16 00:10:04 1503232 ------w- c:\windows\syswow64\adi_oal.dll
2010-09-16 00:10:04 133632 ----a-w- c:\windows\system32\OpenAL32.dll
2010-09-16 00:10:04 110592 ----a-w- c:\windows\syswow64\OpenAL32.dll
2010-09-16 00:10:04 0 d-----w- c:\program files (x86)\Creative
2010-09-16 00:09:48 0 d-----w- c:\programdata\SonicFocus
2010-09-16 00:09:43 0 d-----w- c:\program files (x86)\Analog Devices
2010-09-15 23:54:59 0 d-----w- c:\program files (x86)\common files\Steam
2010-09-15 23:54:58 0 d-----w- c:\program files (x86)\Steam
2010-09-15 23:51:27 0 d-----w- c:\windows\syswow64\Macromed
2010-09-15 23:44:23 0 d-----w- c:\users\crimso~1\appdata\roaming\BSplayer PRO
2010-09-15 23:44:22 0 d-----w- c:\program files (x86)\Webteh
2010-09-15 23:39:19 91568 ----a-w- c:\windows\system32\drivers\scdemu.sys
2010-09-15 23:39:19 0 d-----w- c:\program files (x86)\PowerISO
2010-09-15 23:38:23 34624 ----a-w- c:\windows\system32\TURegOpt.exe
2010-09-15 23:38:22 36160 ----a-w- c:\windows\system32\uxtuneup.dll
2010-09-15 23:38:22 30016 ----a-w- c:\windows\syswow64\uxtuneup.dll
2010-09-15 23:38:22 25920 ----a-w- c:\windows\system32\authuitu.dll
2010-09-15 23:38:22 21312 ----a-w- c:\windows\syswow64\authuitu.dll
2010-09-15 23:38:16 0 d-----w- c:\users\crimso~1\appdata\roaming\TuneUp Software
2010-09-15 23:38:14 0 d-----w- c:\program files (x86)\TuneUp Utilities 2010
2010-09-15 23:38:01 0 d-----w- c:\programdata\TuneUp Software
2010-09-15 23:37:58 0 d-sh--w- c:\programdata\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-09-15 23:22:05 0 d-----w- c:\users\crimso~1\appdata\roaming\ROCCAT
2010-09-15 23:18:28 0 d-----w- c:\program files (x86)\Winamp Detect
2010-09-15 23:17:50 206312 --sh--r- C:\XELDZ
2010-09-15 23:14:44 2414360 ----a-w- c:\windows\syswow64\d3dx9_31.dll
2010-09-15 23:14:44 1892184 ----a-w- c:\windows\syswow64\D3DX9_42.dll
2010-09-15 23:14:29 0 d-----w- c:\program files (x86)\common files\PX Storage Engine
2010-09-15 23:11:52 0 d-----w- c:\programdata\ROCCAT
2010-09-15 23:11:48 15488 ----a-w- c:\windows\system32\drivers\Kone.sys
2010-09-15 23:11:48 0 d-----w- c:\program files (x86)\ROCCAT
2010-09-15 23:07:21 0 d-----w- c:\program files\WinRAR
2010-09-15 22:48:29 0 d-----w- c:\program files (x86)\uTorrent
2010-09-15 22:48:11 0 d-----w- c:\users\crimso~1\appdata\roaming\uTorrent
2010-09-15 22:41:34 0 d-----w- c:\program files (x86)\Realtek
2010-09-15 22:24:17 0 d-----w- c:\programdata\NVIDIA
2010-09-15 22:23:46 0 d-----w- c:\program files (x86)\NVIDIA Corporation
2010-09-15 22:23:43 0 d-sh--w- c:\windows\Installer
2010-09-15 22:23:42 0 d-----w- c:\programdata\NVIDIA Corporation
2010-09-15 22:23:39 0 d-----w- c:\program files\NVIDIA Corporation
2010-09-15 22:22:40 1196 ----a-w- c:\users\crimsonsky\Downloads - Shortcut.lnk
2010-09-15 22:19:56 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2010-09-15 22:07:38 270208 ------w- c:\windows\system32\MpSigStub.exe

==================== Find3M ====================

2010-09-16 13:53:56 6082566 ----a-w- c:\program files (x86)\war3patch.mpq
2010-09-15 22:41:36 319456 ----a-w- c:\windows\DIFxAPI.dll
2010-09-15 22:41:33 315392 ----a-w- c:\windows\HideWin.exe
2010-07-09 23:27:02 61032 ----a-w- c:\windows\system32\nvshext.dll
2010-07-09 23:27:02 159336 ----a-w- c:\windows\system32\nvvsvc.exe
2010-07-09 23:27:02 1585256 ----a-w- c:\windows\system32\nvsvc64.dll
2010-07-09 23:27:02 15314024 ----a-w- c:\windows\system32\nvcpl.dll
2010-07-09 23:27:02 116328 ----a-w- c:\windows\system32\nvmctray.dll
2010-07-01 18:39:00 233656 ----a-w- c:\windows\system32\klogon.dll
2009-07-14 05:37:38 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2009-07-14 05:37:38 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2009-07-14 05:37:38 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2009-07-14 05:37:38 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2009-07-14 04:54:24 174 --sha-w- c:\program files\desktop.ini
2009-07-14 04:54:24 174 --sha-w- c:\program files (x86)\desktop.ini
2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-06-10 20:44:08 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
2009-07-14 04:55:03 16384 --sha-w- c:\windows\syswow64\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\index.dat
2009-07-14 04:55:03 32768 --sha-w- c:\windows\syswow64\config\systemprofile\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
2009-07-14 04:55:03 16384 --sha-w- c:\windows\syswow64\config\systemprofile\appdata\roaming\microsoft\windows\cookies\index.dat
2009-07-14 01:39:53 398848 --sha-w- c:\windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f696639a2\WinMail.exe
2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

============= FINISH: 20:20:55.42 ===============

tashi
2010-09-22, 20:48
Problem has been resolved.