Page 2 of 4 FirstFirst 1234 LastLast
Results 11 to 20 of 31

Thread: Slow computer + Spybot crashing cpu in safemode; Windows 7

  1. 2012-02-01, 14:57 #11
    DeepFriedMotherboard
    DeepFriedMotherboard is offline
    Junior Member
    Join Date
    Jan 2012
    Posts
    19

    Default

    The .bat file was named cmd.bat. I moved the location of OTL.exe to the desktop as opposed to inside a folder on the desktop, I ran it after the move. Pretty much the same results except this time it created a cmd.bat but still gave the same error it couldn't be created, and it even froze up the computer. Two hidden files were created both called desktop.ini after I rebooted the computer (it was frozen for about 45 minutes so I decided to hard reboot), but it still doesn't seem like it was quite supposed to do that. Just incase you wanted to see the files here they are:


    [.ShellClassInfo]
    LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21799
    [LocalizedFileNames]
    Microsoft Office - 60 Day Trial.lnk=@C:\PROGRA~2\MICROS~3\mui\oaa.dll,-103
    Acer Registration.lnk=@C:\Program Files (x86)\Acer\Registration\GlobalRegistrationMUI.dll,-101
    Enregistrement Acer.lnk=@C:\Program Files (x86)\Acer\Registration\GlobalRegistrationMUI.dll,-101
    Registrazione Acer.lnk=@C:\Program Files (x86)\Acer\Registration\GlobalRegistrationMUI.dll,-101
    Registro de Acer.lnk=@C:\Program Files (x86)\Acer\Registration\GlobalRegistrationMUI.dll,-101
    Acer Registratie.lnk=@C:\Program Files (x86)\Acer\Registration\GlobalRegistrationMUI.dll,-101
    Acer Registrierung.lnk=@C:\Program Files (x86)\Acer\Registration\GlobalRegistrationMUI.dll,-101
    Registo Acer.lnk=@C:\Program Files (x86)\Acer\Registration\GlobalRegistrationMUI.dll,-101
    Registrering af Acer.lnk=@C:\Program Files (x86)\Acer\Registration\GlobalRegistrationMUI.dll,-101
    Acer Rekisteröinti.lnk=@C:\Program Files (x86)\Acer\Registration\GlobalRegistrationMUI.dll,-101
    Acer-registrering.lnk=@C:\Program Files (x86)\Acer\Registration\GlobalRegistrationMUI.dll,-101
    Registrace Acer.lnk=@C:\Program Files (x86)\Acer\Registration\GlobalRegistrationMUI.dll,-101
    Acer Εγγραφή.lnk=@C:\Program Files (x86)\Acer\Registration\GlobalRegistrationMUI.dll,-101
    Acer Regisztráció.lnk=@C:\Program Files (x86)\Acer\Registration\GlobalRegistrationMUI.dll,-101
    Rejestracja — Acer.lnk=@C:\Program Files (x86)\Acer\Registration\GlobalRegistrationMUI.dll,-101
    Acer Kayıt.lnk=@C:\Program Files (x86)\Acer\Registration\GlobalRegistrationMUI.dll,-101
    Înregistrare Acer.lnk=@C:\Program Files (x86)\Acer\Registration\GlobalRegistrationMUI.dll,-101
    Регистрация Acer.lnk=@C:\Program Files (x86)\Acer\Registration\GlobalRegistrationMUI.dll,-101
    Acer ユーザー登録.lnk=@C:\Program Files (x86)\Acer\Registration\GlobalRegistrationMUI.dll,-101
    Acer 注册.lnk=@C:\Program Files (x86)\Acer\Registration\GlobalRegistrationMUI.dll,-101
    Acer 註冊.lnk=@C:\Program Files (x86)\Acer\Registration\GlobalRegistrationMUI.dll,-101
    Acer Registreerimine.lnk=@C:\Program Files (x86)\Acer\Registration\GlobalRegistrationMUI.dll,-101
    Acer Registracija.lnk=@C:\Program Files (x86)\Acer\Registration\GlobalRegistrationMUI.dll,-101
    Acer Reģistrācija.lnk=@C:\Program Files (x86)\Acer\Registration\GlobalRegistrationMUI.dll,-101
    Acer Регистрация.lnk=@C:\Program Files (x86)\Acer\Registration\GlobalRegistrationMUI.dll,-101
    การลงทะเบียน Acer.lnk=@C:\Program Files (x86)\Acer\Registration\GlobalRegistrationMUI.dll,-101
    Acer تسجيل.lnk=@C:\Program Files (x86)\Acer\Registration\GlobalRegistrationMUI.dll,-101
    Acer - Registrácia.lnk=@C:\Program Files (x86)\Acer\Registration\GlobalRegistrationMUI.dll,-101
    Registracija Acer.lnk=@C:\Program Files (x86)\Acer\Registration\GlobalRegistrationMUI.dll,-101
    Acer 등록.lnk=@C:\Program Files (x86)\Acer\Registration\GlobalRegistrationMUI.dll,-101

    [.ShellClassInfo]
    LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21769
    IconResource=%SystemRoot%\system32\imageres.dll,-183



    Also after reboot a cmd.bat was left over, I double clicked it and received a cmd.txt This is what the cmd.txt contained:


    Windows IP Configuration

    No operation can be performed on Wireless Network Connection 2 while it has its media disconnected.
    No operation can be performed on Local Area Connection while it has its media disconnected.

    Wireless LAN adapter Wireless Network Connection 2:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :

    Wireless LAN adapter Wireless Network Connection:

    Connection-specific DNS Suffix . :
    Link-local IPv6 Address . . . . . : fe80::d481:ae5f:b9f0:f657%12
    Default Gateway . . . . . . . . . :

    Ethernet adapter Local Area Connection:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :

    Tunnel adapter isatap.{FF6DECB5-51A1-426B-8B87-D7FFCBAC5329}:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :

    Tunnel adapter Teredo Tunneling Pseudo-Interface:

    Connection-specific DNS Suffix . :
    IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:1c27:df9:e777:dcf8
    Link-local IPv6 Address . . . . . : fe80::1c27:df9:e777:dcf8%13
    Default Gateway . . . . . . . . . : ::

    Tunnel adapter Reusable ISATAP Interface {F9EDEDC8-B9C8-42E6-9BDD-1301564DBD36}:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :

    Tunnel adapter isatap.{856ED3C4-B8B5-470E-B3C2-641E5FDB459F}:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :

    Tunnel adapter isatap.{E8833CD9-B6ED-45F1-9021-F4F6EBD669D5}:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
  2. 2012-02-01, 14:59 #12
    DeepFriedMotherboard
    DeepFriedMotherboard is offline
    Junior Member
    Join Date
    Jan 2012
    Posts
    19

    Default

    Sorry about the triple post but after I ran that cmd.bat my wireless networked got switched to an unidentified wireless network, with no internet connection. Seems strange.

    Thanks for all the help.
  3. 2012-02-01, 18:14 #13
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Hey, there was no reason to run the bat file. Reboot and see if things straighten out
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
  4. 2012-02-02, 02:47 #14
    DeepFriedMotherboard
    DeepFriedMotherboard is offline
    Junior Member
    Join Date
    Jan 2012
    Posts
    19

    Default

    The reboot did nothing. When I enter the script you gave me and hit run fix it freezes up OTL and kicks me off my wireless network. I can get back onto the internet, obviously.

    When it starts doing its task the bar fills up an iota and then it freezes as mentioned before. The same error message pops up ever time:

    "unable to create ../cmd.bat"

    Either something in the script you gave me isn't working with my computer (lack of access to write files maybe?) or there's something preventing it from working.
  5. 2012-02-02, 02:58 #15
    DeepFriedMotherboard
    DeepFriedMotherboard is offline
    Junior Member
    Join Date
    Jan 2012
    Posts
    19

    Default

    Please see post above if this log is inconclusive

    I scanned again in case the script worked, here's the OTL.txt:

    OTL logfile created on: 2/1/2012 8:50:38 PM - Run 2
    OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Goodie\Desktop
    64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    2.75 Gb Total Physical Memory | 1.66 Gb Available Physical Memory | 60.43% Memory free
    3.72 Gb Paging File | 2.49 Gb Available in Paging File | 66.79% Paging File free
    Paging file location(s): c:\pagefile.sys 1000 2000 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 136.95 Gb Total Space | 49.41 Gb Free Space | 36.08% Space Free | Partition Type: NTFS

    Computer Name: GOODIE-PC | User Name: Goodie | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - C:\Users\Goodie\Desktop\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
    PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
    PRC - C:\Windows\SysWOW64\PnkBstrB.exe ()
    PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
    PRC - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()


    ========== Modules (No Company Name) ==========

    MOD - C:\Program Files (x86)\Mozilla Firefox\js3250.dll ()


    ========== Win32 Services (SafeList) ==========

    SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
    SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
    SRV:64bit: - (Updater Service) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Acer)
    SRV:64bit: - (SWGVCSvc) -- C:\Program Files\SonicWALL\SonicWALL Global VPN Client\SWGVCSvc.exe (SonicWALL, Inc.)
    SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
    SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
    SRV - (PnkBstrB) -- C:\Windows\SysWOW64\PnkBstrB.exe ()
    SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
    SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
    SRV - (avg9wd) -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
    SRV - (tvnserver) -- C:\Program Files (x86)\TightVNC\tvnserver.exe (GlavSoft LLC.)
    SRV - (getPlusHelper) getPlus(R) -- C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.)
    SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
    SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
    SRV - (MWLService) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe ()
    SRV - (Greg_Service) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)
    SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
    SRV - (GameConsoleService) -- C:\Program Files (x86)\Acer Games\Acer Game Console\GameConsoleService.exe (WildTangent, Inc.)
    SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
    DRV:64bit: - (AvgMfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
    DRV:64bit: - (AvgTdiA) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
    DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
    DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
    DRV:64bit: - (cpuz135) -- C:\Windows\SysNative\drivers\cpuz135_x64.sys (CPUID)
    DRV:64bit: - (AvgLdx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
    DRV:64bit: - (L6UX2) -- C:\Windows\SysNative\drivers\L6UX264.sys (Line 6)
    DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
    DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
    DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
    DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
    DRV:64bit: - (ivusb) -- C:\Windows\SysNative\drivers\ivusb.sys (Initio Corporation)
    DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
    DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
    DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
    DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
    DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
    DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
    DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
    DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
    DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
    DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
    DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)
    DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)
    DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)
    DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
    DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)
    DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
    DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
    DRV:64bit: - (SWIPsec) -- C:\Windows\SysNative\drivers\SWIPsec.sys (SonicWALL, Inc.)
    DRV:64bit: - (SWVNIC) -- C:\Windows\SysNative\drivers\SWVNIC.sys (SonicWALL, Inc.)
    DRV:64bit: - (epmntdrv) -- C:\Windows\SysNative\epmntdrv.sys ()
    DRV:64bit: - (EuGdiDrv) -- C:\Windows\SysNative\EuGdiDrv.sys ()
    DRV:64bit: - (WDC_SAM) -- C:\Windows\SysNative\drivers\wdcsam64.sys (Western Digital Technologies)
    DRV:64bit: - (DNE) -- C:\Windows\SysNative\drivers\dne64x.sys (Deterministic Networks, Inc.)
    DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
    DRV - (DKbFltr) Dritek Keyboard Filter Driver (64-bit) -- C:\Windows\SysWOW64\Drivers\DKbFltr.sys (Dritek System Inc.)
    DRV - (epmntdrv) -- C:\Windows\SysWOW64\epmntdrv.sys ()
    DRV - (EuGdiDrv) -- C:\Windows\SysWOW64\EuGdiDrv.sys ()


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=...4z1l5t48i2x201
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=...4z1l5t48i2x201
    IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultengine: ""
    FF - prefs.js..browser.search.defaultenginename: ""
    FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query="
    FF - prefs.js..browser.search.order.1: ""
    FF - prefs.js..browser.search.selectedEngine: "Google"
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "www.google.com"
    FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.911
    FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.12.1
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
    FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
    FF - prefs.js..extensions.enabledItems: {ea2b95c2-9be8-48ed-bdd1-5fcd2ad0ff99}:0.3.8.1


    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
    FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Goodie\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Goodie\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Goodie\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
    FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG9\Firefox [2011/09/13 07:27:18 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/12/27 19:25:00 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/01/28 14:24:09 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/12/27 19:25:00 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/01/28 14:24:09 | 000,000,000 | ---D | M]

    [2010/01/21 10:15:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Goodie\AppData\Roaming\Mozilla\Extensions
    [2012/02/01 20:26:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Goodie\AppData\Roaming\Mozilla\Firefox\Profiles\v8wq4swi.default\extensions
    [2010/04/08 22:35:46 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\Goodie\AppData\Roaming\Mozilla\Firefox\Profiles\v8wq4swi.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
    [2010/07/11 10:59:20 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Goodie\AppData\Roaming\Mozilla\Firefox\Profiles\v8wq4swi.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
    [2011/12/27 19:25:34 | 000,000,000 | ---D | M] (Edit Cookies) -- C:\Users\Goodie\AppData\Roaming\Mozilla\Firefox\Profiles\v8wq4swi.default\extensions\{ea2b95c2-9be8-48ed-bdd1-5fcd2ad0ff99}
    [2011/11/08 23:53:10 | 000,002,567 | ---- | M] () -- C:\Users\Goodie\AppData\Roaming\Mozilla\Firefox\Profiles\v8wq4swi.default\searchplugins\askcom.xml
    [2010/04/08 22:38:33 | 000,001,196 | ---- | M] () -- C:\Users\Goodie\AppData\Roaming\Mozilla\Firefox\Profiles\v8wq4swi.default\searchplugins\winamp-search.xml
    [2011/12/27 19:24:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
    [2011/11/11 07:32:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
    [2011/09/13 07:27:18 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES (X86)\AVG\AVG9\FIREFOX
    File not found (No name found) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
    File not found (No name found) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
    File not found (No name found) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
    File not found (No name found) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
    [2011/10/03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
    [2010/01/13 17:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll

    ========== Chrome ==========

    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
    CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Users\Goodie\AppData\Local\Google\Chrome\Application\16.0.912.75\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Goodie\AppData\Local\Google\Chrome\Application\16.0.912.75\pdf.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Goodie\AppData\Local\Google\Chrome\Application\16.0.912.75\gcswf32.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
    CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
    CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
    CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
    CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
    CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
    CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
    CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
    CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
    CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
    CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
    CHR - plugin: getPlusPlus for Adobe 16263 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np_gp.dll
    CHR - plugin: NPCIG.dll (Enabled) = C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll
    CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
    CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
    CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
    CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    CHR - plugin: Unity Player (Enabled) = C:\Users\Goodie\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
    CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
    CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll
    CHR - plugin: Default Plug-in (Enabled) = default_plugin

    O1 HOSTS File: ([2011/11/21 19:46:23 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll (AVG Technologies CZ, s.r.o.)
    O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
    O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
    O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
    O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
    O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
    O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
    O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files (x86)\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
    O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
    O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
    O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O8:64bit: - Extra context menu item: &Winamp Search - Reg Error: Value error. File not found
    O8:64bit: - Extra context menu item: Google Sidewiki... - Reg Error: Value error. File not found
    O8 - Extra context menu item: &Winamp Search - Reg Error: Value error. File not found
    O8 - Extra context menu item: Google Sidewiki... - Reg Error: Value error. File not found
    O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O15 - HKCU\..Trusted Domains: line6.net ([]* in Trusted sites)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
    O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FF6DECB5-51A1-426B-8B87-D7FFCBAC5329}: DhcpNameServer = 192.168.1.1
    O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgppa.dll (AVG Technologies CZ, s.r.o.)
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
    O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O32 - HKLM CDRom: AutoRun - 1
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2012/02/01 20:38:32 | 000,000,000 | ---D | C] -- C:\OTL
    [2012/02/01 07:36:34 | 000,000,000 | ---D | C] -- C:\_OTL
    [2012/02/01 02:20:49 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Goodie\Desktop\OTL.exe
    [2012/01/18 08:14:33 | 000,000,000 | ---D | C] -- C:\Windows\rescache
    [2012/01/18 06:19:52 | 000,000,000 | ---D | C] -- C:\Users\Goodie\Desktop\Reg
    [2012/01/18 05:30:36 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
    [2012/01/18 05:29:52 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
    [2012/01/18 05:29:52 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
    [2012/01/18 05:29:51 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
    [2012/01/18 05:29:51 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
    [2012/01/18 05:29:50 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
    [2012/01/18 05:29:50 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
    [2012/01/18 05:29:50 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
    [2012/01/18 05:29:50 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
    [2012/01/18 05:29:50 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
    [2012/01/18 05:29:50 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
    [2012/01/18 05:29:50 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
    [2012/01/18 05:29:50 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
    [2012/01/18 05:29:50 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
    [2012/01/18 05:29:49 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
    [2012/01/18 05:29:49 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
    [2012/01/18 05:29:24 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
    [2012/01/18 05:29:24 | 000,422,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
    [2012/01/18 05:29:24 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
    [2012/01/18 05:29:24 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
    [2012/01/18 05:29:24 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
    [2012/01/18 05:29:23 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
    [2012/01/18 05:29:23 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
    [2012/01/18 05:29:23 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
    [2012/01/18 05:29:23 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
    [2012/01/18 05:29:23 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
    [2012/01/18 05:29:23 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
    [2012/01/18 05:29:23 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
    [2012/01/18 05:29:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
    [2012/01/18 05:29:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
    [2012/01/18 05:29:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
    [2012/01/18 05:29:21 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    [2012/01/18 05:29:21 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    [2012/01/18 05:29:21 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
    [2012/01/18 05:29:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    [2012/01/18 05:29:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
    [2012/01/18 05:29:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
    [2012/01/18 05:29:20 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
    [2012/01/18 05:29:20 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
    [2012/01/18 05:29:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    [2012/01/18 05:29:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
    [2012/01/18 05:29:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
    [2012/01/18 05:29:20 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
    [2012/01/18 05:28:47 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
    [2012/01/18 05:28:46 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
    [2012/01/18 05:28:46 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
    [2012/01/18 05:28:46 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
    [2012/01/18 05:28:46 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
    [2012/01/18 05:28:46 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
    [2012/01/18 05:28:46 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
    [2012/01/18 05:28:46 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
    [2012/01/18 05:28:46 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
    [2012/01/18 05:28:41 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
    [2012/01/18 05:28:41 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
    [2012/01/18 05:28:41 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
    [2012/01/18 05:28:41 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
    [2012/01/18 05:28:41 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
    [2012/01/18 05:28:40 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
    [2012/01/18 05:28:33 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
    [2012/01/18 05:28:33 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
    [2012/01/18 05:28:30 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
    [2012/01/18 05:28:30 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
    [2012/01/18 05:28:29 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
    [2012/01/18 05:28:29 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
    [2012/01/18 05:28:17 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
    [2012/01/18 05:28:17 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
    [2012/01/18 05:28:16 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
    [2012/01/18 05:28:16 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
    [2012/01/18 05:28:16 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
    [2012/01/18 05:28:16 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Mpeg2Data.ax
    [2012/01/18 05:28:16 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
    [2012/01/18 05:28:16 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSDvbNP.ax
    [2012/01/18 05:28:16 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mpeg2Data.ax
    [2012/01/18 05:28:16 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDvbNP.ax
    [2012/01/18 05:28:14 | 001,739,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
    [2012/01/18 05:28:07 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
    [2012/01/18 05:28:07 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
    [2012/01/18 05:28:05 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
    [2012/01/18 05:28:05 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
    [2012/01/18 05:28:03 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
    [2012/01/18 05:28:03 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
    [2012/01/18 05:28:01 | 005,507,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
    [2012/01/18 05:27:58 | 003,957,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
    [2012/01/18 05:27:56 | 003,902,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
    [2012/01/18 05:19:45 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
    [2012/01/18 05:19:45 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
    [2012/01/16 11:41:01 | 000,000,000 | ---D | C] -- C:\Users\Goodie\AppData\Local\{AB0689C1-1A17-4BEC-80C7-C83F569E3F03}
    [2012/01/16 11:40:49 | 000,000,000 | ---D | C] -- C:\Users\Goodie\AppData\Local\{A3479BFA-D16E-4417-B6FB-AC4A66D359CE}
    [2012/01/15 16:52:38 | 000,000,000 | ---D | C] -- C:\Users\Goodie\Desktop\ProcEx
    [2012/01/15 04:08:01 | 000,000,000 | ---D | C] -- C:\Users\Goodie\AppData\Local\{B3735E2E-6418-40AA-A048-80991BDB05BF}
    [2012/01/15 04:07:49 | 000,000,000 | ---D | C] -- C:\Users\Goodie\AppData\Local\{4113490E-D3FC-426F-A564-620DFC0DD739}
    [2012/01/14 23:25:46 | 000,000,000 | ---D | C] -- C:\Users\Goodie\AppData\Local\{C4189CD9-9667-454E-B550-C108512A844D}
    [2012/01/14 23:25:32 | 000,000,000 | ---D | C] -- C:\Users\Goodie\AppData\Local\{3EB10A6B-F8B8-4D01-AAA6-0491436EB629}
    [2012/01/14 15:08:56 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
    [2012/01/14 02:40:22 | 000,000,000 | ---D | C] -- C:\Users\Goodie\AppData\Local\{9CEE5219-C622-4C3D-BA6B-91BB1484E4C6}
    [2012/01/14 02:40:10 | 000,000,000 | ---D | C] -- C:\Users\Goodie\AppData\Local\{BD292D25-F6EF-4601-A2D3-899333837D6D}
    [2012/01/13 17:36:19 | 000,000,000 | ---D | C] -- C:\Users\Goodie\AppData\Local\{3404FBE1-8B84-494C-B10F-C415ADED6FE0}
    [2012/01/13 17:36:07 | 000,000,000 | ---D | C] -- C:\Users\Goodie\AppData\Local\{FE167B57-F4A1-4303-B85B-60BA76DC7D29}
    [2012/01/10 00:17:21 | 000,000,000 | ---D | C] -- C:\Users\Goodie\AppData\Local\{77E60465-378E-40B5-A860-110C43140871}
    [2012/01/10 00:17:09 | 000,000,000 | ---D | C] -- C:\Users\Goodie\AppData\Local\{4A4CC26D-1332-483E-AA0F-1BE9269EF4B1}
    [2012/01/09 02:09:13 | 000,000,000 | ---D | C] -- C:\Users\Goodie\AppData\Local\{A74102DB-F6B8-45DF-9976-616390428301}
    [2012/01/09 02:09:01 | 000,000,000 | ---D | C] -- C:\Users\Goodie\AppData\Local\{499A606D-44B3-4A1C-8C81-565152910DCD}
    [2012/01/09 01:54:13 | 000,000,000 | ---D | C] -- C:\Users\Goodie\AppData\Local\{51D9AFCF-9F45-4659-88DA-8ACB3D47FB78}
    [2012/01/09 01:54:01 | 000,000,000 | ---D | C] -- C:\Users\Goodie\AppData\Local\{820E7C1A-0984-4196-BF49-FFF877A66A13}
    [2012/01/08 07:32:55 | 000,000,000 | ---D | C] -- C:\Users\Goodie\AppData\Local\{741F9BF5-1B4E-479E-9183-D9C048ECB294}
    [2012/01/08 07:32:43 | 000,000,000 | ---D | C] -- C:\Users\Goodie\AppData\Local\{5334BF11-3834-4BCA-9F45-277A57F749AF}
    [2012/01/05 17:31:35 | 000,000,000 | ---D | C] -- C:\Users\Goodie\AppData\Local\{7D76D3B8-1C7D-46A2-B1E0-5652CD611136}
    [2012/01/05 17:31:23 | 000,000,000 | ---D | C] -- C:\Users\Goodie\AppData\Local\{E7831E2B-8D8A-48B6-B3CF-17B36465891F}
    [2012/01/03 15:37:01 | 000,040,960 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\eax.dll
    [2012/01/03 15:37:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Creative Labs
    [2012/01/03 15:36:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FINAL FANTASY VIII
    [2012/01/03 15:34:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Square Soft, Inc
    [2012/01/03 15:31:53 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUninst.exe

    ========== Files - Modified Within 30 Days ==========

    [2012/02/01 20:37:54 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2012/02/01 20:37:54 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2012/02/01 20:35:39 | 000,750,198 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2012/02/01 20:35:39 | 000,637,094 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2012/02/01 20:35:39 | 000,116,722 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2012/02/01 20:32:15 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2012/02/01 20:30:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2012/02/01 20:22:19 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2012/02/01 20:21:33 | 092,387,207 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm
    [2012/02/01 20:21:30 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2724196807-672329828-52213437-1001UA.job
    [2012/02/01 04:21:01 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2724196807-672329828-52213437-1001Core.job
    [2012/02/01 02:20:51 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Goodie\Desktop\OTL.exe
    [2012/01/28 17:37:34 | 000,042,906 | ---- | M] () -- C:\Users\Goodie\Documents\2011_Federal_Return.pdf
    [2012/01/24 07:42:43 | 000,002,403 | ---- | M] () -- C:\Users\Goodie\Desktop\Google Chrome.lnk
    [2012/01/18 09:16:58 | 000,006,656 | ---- | M] () -- C:\Windows\SysNative\lpcio.dll
    [2012/01/18 06:22:53 | 000,343,552 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2012/01/14 15:09:14 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\avg\incavi.avm
    [2012/01/14 15:09:14 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\avg\iavichjw.avm

    ========== Files Created - No Company Name ==========

    [2012/01/28 17:37:34 | 000,042,906 | ---- | C] () -- C:\Users\Goodie\Documents\2011_Federal_Return.pdf
    [2011/11/21 19:31:12 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
    [2011/11/21 19:31:12 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
    [2011/11/21 19:31:12 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
    [2011/11/21 19:31:12 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
    [2011/11/21 19:31:12 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
    [2011/11/09 01:35:25 | 000,002,892 | ---- | C] () -- C:\Windows\SysWow64\audcon.sys
    [2011/11/09 01:33:35 | 000,000,051 | ---- | C] () -- C:\Windows\SysWow64\SYNSOPOS.exe.cfg
    [2011/11/09 01:33:33 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\SYNSOPOS.exe
    [2011/11/01 04:58:45 | 000,214,816 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
    [2011/01/01 21:32:11 | 000,007,601 | ---- | C] () -- C:\Users\Goodie\AppData\Local\Resmon.ResmonCfg
    [2010/12/06 08:58:56 | 002,496,715 | ---- | C] () -- C:\Windows\SysWow64\abgx360.exe
    [2010/09/26 19:16:36 | 000,000,010 | ---- | C] () -- C:\Windows\popcinfo.dat
    [2010/03/31 19:45:11 | 001,907,712 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe
    [2010/03/31 19:45:11 | 000,086,408 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe
    [2010/03/31 19:45:11 | 000,014,848 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll
    [2010/03/31 19:45:11 | 000,009,728 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys
    [2010/03/31 19:45:11 | 000,003,072 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys
    [2010/03/25 17:29:35 | 000,000,094 | ---- | C] () -- C:\Users\Goodie\AppData\Local\fusioncache.dat
    [2010/03/25 17:26:15 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
    [2010/03/25 17:22:46 | 000,747,998 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2010/01/25 15:48:19 | 000,000,785 | ---- | C] () -- C:\Windows\NTIWVEDT.INI
    [2010/01/04 02:02:25 | 000,000,062 | ---- | C] () -- C:\Windows\wininit.ini
    [2010/01/03 20:45:23 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
    [2010/01/03 20:45:13 | 000,000,328 | ---- | C] () -- C:\Windows\game.ini
    [2009/11/05 14:49:28 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
    [2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
    [2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
    [2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
    [2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
    [2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
    [2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
    [2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
    [2007/07/23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
    [2007/07/23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
    [2007/07/23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
    [2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
    [2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
    [2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
    [2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
    [2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
    [2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll

    < End of report >
  6. 2012-02-02, 10:01 #16
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Looks like it worked, those entries are gone.

    You need to enable windows to show all files and folders, instructions Here

    Go to VirusTotal and submit these files for analysis, just use the BROWSE feature and then Send File , if it says this file has been checked before, have them recheck it. When the scan is done just copy and paste the link back to this forum for me to see.

    C:\Windows\SysWOW64\epmntdrv.sys
    C:\Windows\SysWOW64\EuGdiDrv.sys


    If the site is busy you can try this one
    http://virusscan.jotti.org/en
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
  7. 2012-02-03, 01:09 #17
    DeepFriedMotherboard
    DeepFriedMotherboard is offline
    Junior Member
    Join Date
    Jan 2012
    Posts
    19

    Default

    Scanned both files, came back with nothing.

    The EuGdiDrv.sys analysis here


    The epmntdrv.sys analysis here
  8. 2012-02-03, 10:34 #18
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default



    Things running any better ?
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
  9. 2012-02-03, 23:48 #19
    DeepFriedMotherboard
    DeepFriedMotherboard is offline
    Junior Member
    Join Date
    Jan 2012
    Posts
    19

    Default

    It seems to be running a bit smoother although I am encountering the same problem, just quite less frequently. Nonetheless thanks for all the help! Is there anything else you can find? If not it might just be a physical problem (it's been a good little bit since I've dusted SOME of the components) or network issues.
  10. 2012-02-04, 00:13 #20
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Hi,

    Lets check a bit deeper, run this program and post the log please


    Download FSS to your desktop

    Click on "Scan".
    Please copy and paste the log to your reply.
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules