Jump to content
CCleaner Community Forums
JuneNarsic

CCleaner deleted important registy...

Recommended Posts

Hi guys,

 

I've been using CCleaner for about 2~3 years, never gave me a problem. Until yesterday. I was installing/uninstalling a lot of programs: Spring Cleaning for my computer. I ran the registry cleaner afterwards to finish everything up. I noticed there were a lot of registries on that list; I didnt think too much about it. It's never malfunctioned on me before, so I went ahead and cleaned them all (Without backing up, which was rather a rash decision) and I restarted my computer.

 

What happened?: At login, my facial recognition program wasnt functioning, that was odd. I logged in manually, and found almost ALL my programs shortcuts say

 

"The item '(Shortcut name)' that this shortcut refer to has been changed or moved, so this shortcut will no longer work properly. Do you want to delete this shortcut?"

 

And most of my games disappeared mysteriously.

 

First thing I did was system restore. I hoped that would help turn everything back to normal, it didnt.

 

So is there anyway for me to fix this, because every time I restart, more of my programs disappear... If it keeps going, I'll have to head for the inevitable option; formatting. (Which I really don't want to do..)

 

I hope you guys can help me, thank you in advance!

Share this post


Link to post
Share on other sites

Sounds more like a malware infection to me, however the only way to be sure is to follow these instructions:

http://forum.piriform.com/index.php?showtopic=20120

 

Note:

If you can't run the .EXE anti-malware software installers, etc., renaming the extension to another executable extension may allow them to function, i.e.; .COM, .BAT

Share this post


Link to post
Share on other sites

The malwarebyte's scan turned up clean, here's the report:

 

Malwarebytes' Anti-Malware 1.51.0.1200

www.malwarebytes.org

 

Database version: 7091

 

Windows 6.1.7601 Service Pack 1

Internet Explorer 9.0.8112.16421

 

7/12/2011 12:42:30 PM

mbam-log-2011-07-12 (12-42-30).txt

 

Scan type: Full scan (C:\|D:\|Q:\|)

Objects scanned: 261922

Time elapsed: 27 minute(s), 5 second(s)

 

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

 

Memory Processes Infected:

(No malicious items detected)

 

Memory Modules Infected:

(No malicious items detected)

 

Registry Keys Infected:

(No malicious items detected)

 

Registry Values Infected:

(No malicious items detected)

 

Registry Data Items Infected:

(No malicious items detected)

 

Folders Infected:

(No malicious items detected)

 

Files Infected:

(No malicious items detected)

 

 

And this is the OTL report:

 

 

OTL logfile created on: 7/12/2011 12:44:48 PM - Run 1

OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Sarah\Downloads

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

 

3.87 Gb Total Physical Memory | 1.99 Gb Available Physical Memory | 51.41% Memory free

7.73 Gb Paging File | 5.63 Gb Available in Paging File | 72.87% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 421.81 Gb Total Space | 327.89 Gb Free Space | 77.73% Space Free | Partition Type: NTFS

Drive D: | 29.00 Gb Total Space | 0.01 Gb Free Space | 0.02% Space Free | Partition Type: NTFS

Drive E: | 5.51 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Drive G: | 4.16 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Drive H: | 1.28 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

 

Computer Name: CHROME | User Name: Sarah | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - C:\Users\Sarah\Downloads\OTL.exe (OldTimer Tools)

PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)

PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)

PRC - C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe (W3i, LLC)

PRC - C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe (IObit)

PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)

PRC - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)

PRC - C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (Lenovo)

PRC - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

PRC - C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe ()

PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)

PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)

PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)

PRC - C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe ()

PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)

PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)

 

 

========== Modules (SafeList) ==========

 

MOD - C:\Users\Sarah\Downloads\OTL.exe (OldTimer Tools)

MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll (Microsoft Corporation)

 

 

========== Win32 Services (SafeList) ==========

 

SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)

SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)

SRV - (Akamai) -- c:\Program Files (x86)\Common Files\Akamai\netsession_win_e477fed.dll ()

SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)

SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)

SRV - (Oasis2Service) -- C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe ()

SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)

SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)

SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)

SRV - (IAStorDataMgrSvc) Intel® -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)

SRV - (UNS) Intel® -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)

SRV - (LMS) Intel® -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)

SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

 

 

========== Driver Services (SafeList) ==========

 

DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)

DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)

DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )

DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)

DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )

DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)

DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)

DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)

DRV:64bit: - (SmartDefragDriver) -- C:\Windows\SysNative\drivers\SMARTDEFRAGDRIVER.SYS ()

DRV:64bit: - (AVGIDSEH) -- C:\Windows\SysNative\drivers\AVGIDSEH.sys (AVG Technologies CZ, s.r.o. )

DRV:64bit: - (AVGIDSFilter) -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )

DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)

DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)

DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)

DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)

DRV:64bit: - (Cam5607) -- C:\Windows\SysNative\drivers\BisonC07.sys (Bison Electronics. Inc. )

DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)

DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)

DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)

DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)

DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)

DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)

DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)

DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)

DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)

DRV:64bit: - (LHDmgr) -- C:\Windows\SysNative\drivers\LhdX64.sys (Lenovo.)

DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)

DRV:64bit: - (wirelessusbser) -- C:\Windows\SysNative\drivers\3GDatausbser64.sys (Haier Incorporated)

DRV:64bit: - (ACPIVPC) -- C:\Windows\SysNative\drivers\AcpiVpc.sys (Lenovo Corporation)

DRV:64bit: - (HECIx64) Intel® -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)

DRV:64bit: - (wsvd) -- C:\Windows\SysNative\drivers\wsvd.sys (CyberLink)

DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)

DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)

DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)

DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()

DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)

DRV:64bit: - (netw5v64) Intel® -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)

DRV:64bit: - (k57nd60a) Broadcom NetLink -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)

DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)

DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)

DRV:64bit: - (wdmirror) -- C:\Windows\SysNative\drivers\WDMirror.sys (Windows ® Codename Longhorn DDK provider)

DRV:64bit: - (RimUsb) -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys (Research In Motion Limited)

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/'>http://www.lenovo.com/'>http://www.lenovo.com/ [binary data]

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com'>http://lenovo.msn.com'>http://lenovo.msn.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll File not found

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll File not found

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL File not found

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll File not found

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll File not found

FF - HKLM\Software\MozillaPlugins\@sony.com/eBookLibrary: C:\Program Files (x86)\Sony\Reader\Data\bin\npebldetectmoz.dll File not found

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll File not found

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Sarah\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Sarah\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG10\Firefox4\

 

 

O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - File not found

O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.

O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)

O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)

O4:64bit: - HKLM..\Run: [OnekeyStudio] C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe (Lenovo)

O4 - HKLM..\Run: [Adobe ARM] File not found

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] File not found

O4 - HKLM..\Run: [AVG_TRAY] File not found

O4 - HKLM..\Run: [Reader Library Launcher] File not found

O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (Lenovo)

O4 - HKLM..\Run: [YouCam Mirror Tray icon] File not found

O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O4 - HKCU..\Run: [installIQUpdater] C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe (W3i, LLC)

O4 - HKCU..\Run: [steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)

O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O13 - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - File not found

O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - File not found

O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found

O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Reg Error: Key error. File not found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2008/09/08 14:13:25 | 000,000,058 | R--- | M] () - E:\autorun.inf -- [ UDF ]

O32 - AutoRun File - [2005/11/21 05:26:21 | 000,000,057 | R--- | M] () - G:\autorun.inf -- [ UDF ]

O32 - AutoRun File - [2007/04/26 08:36:10 | 000,000,046 | R--- | M] () - H:\autorun.inf -- [ UDF ]

O33 - MountPoints2\{55a39eee-a4d8-11e0-aeb0-1c75086715e8}\Shell - "" = AutoRun

O33 - MountPoints2\{55a39eee-a4d8-11e0-aeb0-1c75086715e8}\Shell\AutoRun\command - "" = H:\setup.exe -- [2005/04/07 01:39:06 | 000,121,064 | R--- | M] (Macrovision Corporation)

O33 - MountPoints2\{6826a000-8464-11e0-99f1-1c75086715e8}\Shell - "" = AutoRun

O33 - MountPoints2\{6826a000-8464-11e0-99f1-1c75086715e8}\Shell\AutoRun\command - "" = E:\FalloutLauncher.exe -- [2009/10/26 16:31:23 | 001,540,608 | R--- | M] (Bethesda Softworks)

O33 - MountPoints2\{6826a004-8464-11e0-99f1-1c75086715e8}\Shell - "" = AutoRun

O33 - MountPoints2\{6826a004-8464-11e0-99f1-1c75086715e8}\Shell\AutoRun\command - "" = G:\OblivionLauncher.exe -- [2006/04/06 05:25:44 | 001,662,976 | R--- | M] (Bethesda Softworks)

O33 - MountPoints2\{f19450ac-68b6-11e0-ba75-1c75086715e8}\Shell - "" = AutoRun

O33 - MountPoints2\{f19450ac-68b6-11e0-ba75-1c75086715e8}\Shell\AutoRun\command - "" = E:\autorun.exe

O33 - MountPoints2\{f5a5d7a6-5b62-11e0-97c6-1c75086715e8}\Shell - "" = AutoRun

O33 - MountPoints2\{f5a5d7a6-5b62-11e0-97c6-1c75086715e8}\Shell\AutoRun\command - "" = E:\autorun.exe

O33 - MountPoints2\{f5a5d7b9-5b62-11e0-97c6-1c75086715e8}\Shell - "" = AutoRun

O33 - MountPoints2\{f5a5d7b9-5b62-11e0-97c6-1c75086715e8}\Shell\AutoRun\command - "" = H:\autorun.exe

O33 - MountPoints2\E\Shell - "" = AutoRun

O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\autorun.exe

O33 - MountPoints2\H\Shell - "" = AutoRun

O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\autorun.exe

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

========== Files/Folders - Created Within 30 Days ==========

 

[2011/07/12 12:14:03 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Roaming\Malwarebytes

[2011/07/12 12:13:59 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysWow64\drivers\mbamswissarmy.sys

[2011/07/12 12:13:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011/07/12 12:13:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2011/07/12 12:13:55 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys

[2011/07/12 12:13:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2011/07/12 11:57:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN

[2011/07/12 11:57:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN

[2011/07/12 11:55:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Offers from Freeze.com

[2011/07/12 11:55:01 | 000,000,000 | -HSD | C] -- C:\windows\SysWow64\AI_RecycleBin

[2011/07/12 11:55:00 | 000,000,000 | ---D | C] -- C:\ProgramData\W3i

[2011/07/12 11:55:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\W3i

[2011/07/12 11:55:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallIQ Updater

[2011/07/12 11:00:33 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{19274FC0-8DE6-4EA4-B689-55C9A3A51B43}

[2011/07/12 10:47:38 | 000,000,000 | ---D | C] -- C:\windows\en

[2011/07/12 10:36:02 | 000,048,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\fssfltr.sys

[2011/07/12 10:36:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live

[2011/07/12 10:36:02 | 000,000,000 | ---D | C] -- C:\windows\SysNative\DRVSTORE

[2011/07/12 10:34:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft

[2011/07/12 10:34:18 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_42.dll

[2011/07/12 10:34:18 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_5.dll

[2011/07/12 10:34:18 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_3.dll

[2011/07/12 10:33:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

[2011/07/12 10:33:42 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

[2011/07/12 10:32:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live

[2011/07/12 03:27:15 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{8EFB1AA7-CAE4-4F8A-A5C1-2DFD67F17FA3}

[2011/07/12 02:53:28 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{7F236D25-503C-41A7-9162-45D4CDB877E9}

[2011/07/12 02:17:08 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit

[2011/07/11 19:04:18 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{B7FAC6D5-BE1E-420A-B537-8F3042ED2C43}

[2011/07/11 11:52:54 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_40.dll

[2011/07/11 11:52:54 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_40.dll

[2011/07/11 11:52:53 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_5.dll

[2011/07/11 11:52:52 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_39.dll

[2011/07/11 11:52:52 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_39.dll

[2011/07/11 11:52:52 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_2.dll

[2011/07/11 11:52:52 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_2.dll

[2011/07/11 11:52:52 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_1.dll

[2011/07/11 03:56:22 | 000,000,000 | ---D | C] -- C:\Users\Sarah\Documents\Games for Windows - LIVE Demos

[2011/07/11 03:55:47 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_42.dll

[2011/07/11 03:55:47 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_42.dll

[2011/07/11 03:55:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace

[2011/07/11 03:51:15 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\Fallout3

[2011/07/11 03:39:33 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_1.dll

[2011/07/11 03:39:33 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_1.dll

[2011/07/11 03:39:33 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_0.dll

[2011/07/11 03:39:33 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_0.dll

[2011/07/11 03:39:31 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_1.dll

[2011/07/11 03:39:31 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_1.dll

[2011/07/11 03:39:31 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_4.dll

[2011/07/11 03:39:31 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_4.dll

[2011/07/11 03:39:30 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_38.dll

[2011/07/11 03:39:30 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_38.dll

[2011/07/11 03:39:30 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_38.dll

[2011/07/11 03:39:30 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_38.dll

[2011/07/11 03:39:29 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_38.dll

[2011/07/11 03:39:29 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_38.dll

[2011/07/11 03:39:29 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_0.dll

[2011/07/11 03:39:29 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_0.dll

[2011/07/11 03:39:28 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_37.dll

[2011/07/11 03:39:28 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_37.dll

[2011/07/11 03:39:28 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_37.dll

[2011/07/11 03:39:28 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_37.dll

[2011/07/11 03:39:28 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_0.dll

[2011/07/11 03:39:28 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_0.dll

[2011/07/11 03:39:28 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_3.dll

[2011/07/11 03:39:28 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_3.dll

[2011/07/11 03:39:27 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_37.dll

[2011/07/11 03:39:27 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_37.dll

[2011/07/11 03:39:27 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_10.dll

[2011/07/11 03:39:27 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_10.dll

[2011/07/11 03:39:25 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_36.dll

[2011/07/11 03:39:25 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_36.dll

[2011/07/11 03:39:25 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_36.dll

[2011/07/11 03:39:25 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_36.dll

[2011/07/11 03:39:24 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_36.dll

[2011/07/11 03:39:24 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_36.dll

[2011/07/11 03:39:24 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_9.dll

[2011/07/11 03:39:24 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_9.dll

[2011/07/11 03:39:23 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_35.dll

[2011/07/11 03:39:23 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_35.dll

[2011/07/11 03:39:23 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_35.dll

[2011/07/11 03:39:23 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_35.dll

[2011/07/11 03:39:22 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_35.dll

[2011/07/11 03:39:22 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_34.dll

[2011/07/11 03:39:22 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_34.dll

[2011/07/11 03:39:22 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_34.dll

[2011/07/11 03:39:22 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_34.dll

[2011/07/11 03:39:22 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_8.dll

[2011/07/11 03:39:22 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_8.dll

[2011/07/11 03:39:22 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_2.dll

[2011/07/11 03:39:22 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_2.dll

[2011/07/11 03:39:21 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_34.dll

[2011/07/11 03:39:21 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_34.dll

[2011/07/11 03:39:21 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_7.dll

[2011/07/11 03:39:21 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_7.dll

[2011/07/11 03:39:21 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_3.dll

[2011/07/11 03:39:20 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_33.dll

[2011/07/11 03:39:20 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_33.dll

[2011/07/11 03:39:18 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_33.dll

[2011/07/11 03:39:17 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_6.dll

[2011/07/11 03:39:17 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_6.dll

[2011/07/11 03:39:16 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10.dll

[2011/07/11 03:39:16 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10.dll

[2011/07/11 03:39:16 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_5.dll

[2011/07/11 03:39:16 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_5.dll

[2011/07/11 03:39:15 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_32.dll

[2011/07/11 03:39:15 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_32.dll

[2011/07/11 03:39:13 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_31.dll

[2011/07/11 03:39:13 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_31.dll

[2011/07/11 03:39:13 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_4.dll

[2011/07/11 03:39:13 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_4.dll

[2011/07/11 03:39:13 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\x3daudio1_1.dll

[2011/07/11 03:39:13 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\x3daudio1_1.dll

[2011/07/11 03:39:12 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_3.dll

[2011/07/11 03:39:12 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_3.dll

[2011/07/11 03:39:12 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_2.dll

[2011/07/11 03:39:12 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_2.dll

[2011/07/11 03:39:11 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_2.dll

[2011/07/11 03:39:11 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_2.dll

[2011/07/11 03:39:10 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_1.dll

[2011/07/11 03:39:10 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_1.dll

[2011/07/11 03:39:10 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_1.dll

[2011/07/11 03:39:10 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_1.dll

[2011/07/11 03:39:03 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_30.dll

[2011/07/11 03:39:03 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_30.dll

[2011/07/11 03:39:02 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_29.dll

[2011/07/11 03:39:02 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_29.dll

[2011/07/11 03:39:02 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_0.dll

[2011/07/11 03:39:02 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_0.dll

[2011/07/11 03:39:02 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\x3daudio1_0.dll

[2011/07/11 03:39:02 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\x3daudio1_0.dll

[2011/07/11 03:38:57 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_25.dll

[2011/07/11 03:38:57 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_26.dll

[2011/07/11 03:38:57 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_25.dll

[2011/07/11 03:38:57 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_26.dll

[2011/07/11 03:38:56 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_24.dll

[2011/07/11 03:38:56 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_24.dll

[2011/07/11 03:37:52 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_33.dll

[2011/07/11 03:37:52 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_33.dll

[2011/07/11 03:37:52 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_3.dll

[2011/07/11 03:37:49 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_33.dll

[2011/07/11 03:36:57 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\xlive

[2011/07/11 00:25:51 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl

[2011/07/10 12:28:33 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{8DBB4DA5-635E-4632-97FA-479DAB3D359B}

[2011/07/09 22:17:01 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{AF17B24B-D48C-42BB-81AF-067820B23368}

[2011/07/09 10:16:26 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{2BCA21DA-DE5C-4C61-965D-984763A955D7}

[2011/07/08 11:00:01 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{75C6D2E6-D40B-42E5-963A-1E19695A03AD}

[2011/07/07 22:59:37 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{A521E779-11B9-4F7E-8C83-4FF4E2B394C5}

[2011/07/07 10:59:11 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{143ACA64-5FEE-438E-95BA-365B040864EA}

[2011/07/06 22:58:46 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{B562B5F6-00A1-4F98-B570-7A30E516FEEA}

[2011/07/06 07:38:16 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{5A5B6998-C172-43C2-A616-D73B3C0AC7F3}

[2011/07/05 19:37:53 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{4E3CBD4D-06A8-4507-AF4A-CE65E9E00820}

[2011/07/05 07:37:30 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{3C6CA2AE-72AD-4ADA-8AC5-1C50FF40D1CC}

[2011/07/04 19:37:07 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{E296869A-698D-4890-848C-1583E6982280}

[2011/07/02 22:48:15 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{B82B4B2B-3F95-4A64-B866-E14A422DA683}

[2011/07/02 10:47:39 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{DD486450-3113-4597-A10F-99C139FF2995}

[2011/07/02 09:03:11 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_27.dll

[2011/07/02 09:03:11 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_27.dll

[2011/07/02 09:01:24 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\Oblivion

[2011/07/02 09:01:24 | 000,000,000 | ---D | C] -- C:\Users\Sarah\Documents\My Games

[2011/07/01 22:47:04 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{FD61D26D-7B92-4BE6-B4D5-E3A7774D83CD}

[2011/07/01 10:46:27 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{F6F6BDBB-D1CD-4229-A284-6D04822589C0}

[2011/06/30 20:27:22 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{670F6910-D3A8-4B69-B23F-F65717D71367}

[2011/06/30 08:50:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe

[2011/06/30 07:42:55 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\drvinst.exe

[2011/06/30 07:42:55 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\devrtl.dll

[2011/06/30 07:42:53 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tquery.dll

[2011/06/30 07:42:53 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssrch.dll

[2011/06/30 07:42:53 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssrch.dll

[2011/06/30 07:42:53 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SearchProtocolHost.exe

[2011/06/30 07:42:52 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tquery.dll

[2011/06/30 07:42:52 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssvp.dll

[2011/06/30 07:42:52 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssph.dll

[2011/06/30 07:42:52 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssph.dll

[2011/06/30 07:42:52 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SearchFilterHost.exe

[2011/06/30 07:42:51 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssvp.dll

[2011/06/30 07:42:51 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssphtb.dll

[2011/06/30 07:42:50 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssphtb.dll

[2011/06/30 07:42:50 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msscntrs.dll

[2011/06/30 07:42:50 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msscntrs.dll

[2011/06/30 07:37:15 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{229FEEEE-764B-405D-BBED-9FD33A81CCF5}

[2011/06/28 21:22:38 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{207CA321-E86B-4D98-BA41-7143117A3B2A}

[2011/06/28 09:22:15 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{4BC4929B-455B-4E67-A8AB-EE5743A51027}

[2011/06/27 21:21:39 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{7C817F38-EE04-48FC-BD4E-76AF884DEF7D}

[2011/06/27 09:21:15 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{BAC7FABC-8B5A-44ED-9FE5-00C5FD6DAA3F}

[2011/06/26 20:16:07 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{47E40714-EF00-4969-8736-B05C91FB33C1}

[2011/06/26 11:39:16 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Roaming\Ventrilo

[2011/06/26 11:37:12 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ventrilo

[2011/06/26 11:37:10 | 000,000,000 | ---D | C] -- C:\Program Files\Ventrilo

[2011/06/26 08:15:45 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{96541926-DA64-460B-8617-E6C3CA96E828}

[2011/06/25 20:15:21 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{AECB050F-F744-468F-9065-CBB53C7CFF21}

[2011/06/25 07:19:14 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{D65BE25F-76A2-44DE-9623-39BF052374D6}

[2011/06/24 19:18:38 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{29EE3A28-0386-4C3D-B020-B1AF3A9C2FED}

[2011/06/24 07:18:14 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{42903408-629B-4128-AA3B-319C77243487}

[2011/06/23 19:17:47 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{A5EEB591-3736-4709-8573-164F0A931C6D}

[2011/06/23 00:56:23 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{D1F8F97F-A81D-491C-A1A0-42489953C993}

[2011/06/22 12:56:00 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{F08E7CA2-387E-48C3-B902-C3C0B9E9DA69}

[2011/06/22 10:03:47 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames

[2011/06/22 00:55:24 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{7ACE3CB8-A0A7-401D-936F-E35B0A97486F}

[2011/06/21 20:54:18 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Roaming\IObit

[2011/06/21 20:54:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2

[2011/06/21 20:54:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit

[2011/06/21 12:54:59 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{941A0B3E-9A98-4177-B41D-87437D04B9B9}

[2011/06/21 00:54:35 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{72E6D947-0360-4132-B552-F2F51D415105}

[2011/06/19 14:55:51 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{BD7862CD-A395-4E66-AA5F-658FC1E1D447}

[2011/06/19 02:55:28 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{230F6EF6-CE5A-4DAC-8677-CEF435DD41B7}

[2011/06/17 21:14:11 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll

[2011/06/17 21:14:11 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll

[2011/06/17 21:14:10 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll

[2011/06/17 21:14:09 | 002,303,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll

[2011/06/17 21:14:09 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9.dll

[2011/06/17 21:14:09 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll

[2011/06/17 21:14:09 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll

[2011/06/17 21:14:08 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll

[2011/06/17 21:13:01 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\oleaut32.dll

[2011/06/17 21:09:53 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{5A36D38F-E8EC-4CFF-8FDC-9249DF5372E8}

[2011/06/17 05:17:41 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{69FD9DAB-A529-484F-88DE-071C7BED33F3}

[2011/06/15 08:13:11 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{A2BC3523-25B3-4843-B1FB-2CB0E36D281F}

[2011/06/14 14:31:43 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{5D7EC489-5401-4BCB-831F-4E8EC5427486}

[2011/06/14 01:45:01 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\{5E9021B1-808D-4594-918B-BB990666692C}

[2011/06/13 17:50:48 | 000,000,000 | ---D | C] -- C:\windows\Minidump

 

========== Files - Modified Within 30 Days ==========

 

[2011/07/12 12:28:01 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1160437652-991662591-4259663685-1000UA.job

[2011/07/12 12:13:59 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/07/12 11:57:51 | 000,001,026 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk

[2011/07/12 11:20:09 | 000,000,221 | ---- | M] () -- C:\Users\Sarah\Desktop\Magicka.url

[2011/07/12 11:10:02 | 000,001,418 | ---- | M] () -- C:\Users\Sarah\Desktop\Windows Live Mail.lnk

[2011/07/12 11:06:09 | 000,013,632 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011/07/12 11:06:09 | 000,013,632 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011/07/12 11:04:26 | 000,727,182 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI

[2011/07/12 11:04:26 | 000,624,622 | ---- | M] () -- C:\windows\SysNative\perfh009.dat

[2011/07/12 11:04:26 | 000,106,708 | ---- | M] () -- C:\windows\SysNative\perfc009.dat

[2011/07/12 10:58:07 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat

[2011/07/12 10:58:00 | 3113,365,504 | -HS- | M] () -- C:\hiberfil.sys

[2011/07/12 10:33:43 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2011/07/12 10:23:24 | 000,000,219 | ---- | M] () -- C:\Users\Sarah\Desktop\Team Fortress 2.url

[2011/07/11 00:25:51 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl

[2011/07/10 18:28:00 | 000,000,856 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1160437652-991662591-4259663685-1000Core.job

[2011/07/10 17:50:34 | 121,950,799 | ---- | M] () -- C:\windows\SysNative\drivers\AVG\incavi.avm

[2011/07/02 03:16:56 | 000,291,656 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT

[2011/06/30 07:40:49 | 000,002,359 | ---- | M] () -- C:\Users\Sarah\Desktop\Google Chrome.lnk

[2011/06/28 20:08:27 | 000,246,244 | ---- | M] () -- C:\windows\SysNative\drivers\AVG\iavichjg.avm

[2011/06/26 11:37:13 | 000,000,262 | ---- | M] () -- C:\windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini

[2011/06/26 11:37:12 | 000,000,913 | ---- | M] () -- C:\Users\Sarah\Desktop\Ventrilo.lnk

[2011/06/21 20:54:16 | 000,001,170 | ---- | M] () -- C:\Users\Public\Desktop\Smart Defrag 2.lnk

 

========== Files Created - No Company Name ==========

 

[2011/07/12 12:13:59 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/07/12 11:57:51 | 000,001,026 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk

[2011/07/12 11:20:09 | 000,000,221 | ---- | C] () -- C:\Users\Sarah\Desktop\Magicka.url

[2011/07/12 11:10:02 | 000,001,418 | ---- | C] () -- C:\Users\Sarah\Desktop\Windows Live Mail.lnk

[2011/07/12 10:44:11 | 000,001,265 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk

[2011/07/12 10:42:31 | 000,001,334 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk

[2011/07/12 10:40:14 | 000,001,418 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk

[2011/07/12 10:39:32 | 000,002,446 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk

[2011/07/12 10:33:43 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2011/06/30 08:50:50 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk

[2011/06/27 14:38:02 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat

[2011/06/26 11:37:12 | 000,000,913 | ---- | C] () -- C:\Users\Sarah\Desktop\Ventrilo.lnk

[2011/06/26 11:37:05 | 000,000,262 | ---- | C] () -- C:\windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini

[2011/06/25 08:19:16 | 000,000,219 | ---- | C] () -- C:\Users\Sarah\Desktop\Team Fortress 2.url

[2011/06/21 20:54:16 | 000,032,136 | ---- | C] () -- C:\windows\SysNative\SmartDefragBootTime.exe

[2011/06/21 20:54:16 | 000,018,232 | ---- | C] () -- C:\windows\SysNative\drivers\SMARTDEFRAGDRIVER.SYS

[2011/06/21 20:54:16 | 000,001,170 | ---- | C] () -- C:\Users\Public\Desktop\Smart Defrag 2.lnk

[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\windows\SysWow64\xlive.dll.cat

[2011/03/26 13:04:57 | 000,744,400 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI

[2011/03/26 11:08:23 | 000,007,597 | ---- | C] () -- C:\Users\Sarah\AppData\Local\Resmon.ResmonCfg

[2011/03/25 22:40:11 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2011/03/02 07:42:49 | 000,000,512 | ---- | C] () -- C:\windows\previous.bin

[2011/03/02 07:42:49 | 000,000,512 | ---- | C] () -- C:\windows\current.bin

[2011/03/02 07:28:27 | 002,110,816 | ---- | C] () -- C:\windows\SysWow64\Apblend.dll

[2011/03/02 07:28:27 | 001,171,456 | ---- | C] () -- C:\windows\SysWow64\PicNotify.dll

[2011/03/02 07:28:16 | 001,044,480 | ---- | C] () -- C:\windows\SysWow64\3DImageRenderer.dll

[2011/03/02 07:23:11 | 000,000,235 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

[2011/03/02 07:06:48 | 000,015,190 | ---- | C] () -- C:\windows\M3000Twn.ini

[2009/07/13 22:38:36 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat

[2009/07/13 19:35:51 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT

[2009/07/13 19:34:42 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat

[2009/07/13 17:10:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin

[2009/07/13 16:42:10 | 000,064,000 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll

[2009/07/13 14:59:36 | 000,982,196 | ---- | C] () -- C:\windows\SysWow64\igkrng500.bin

[2009/07/13 14:59:36 | 000,139,824 | ---- | C] () -- C:\windows\SysWow64\igfcg500.bin

[2009/07/13 14:59:36 | 000,097,448 | ---- | C] () -- C:\windows\SysWow64\igfcg500m.bin

[2009/07/13 14:59:35 | 000,417,344 | ---- | C] () -- C:\windows\SysWow64\igcompkrng500.bin

[2009/07/13 14:03:59 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll

[2009/06/10 14:26:10 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat

 

========== LOP Check ==========

 

[2011/05/22 03:22:56 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\AVG10

[2011/05/24 06:13:23 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\DAEMON Tools Lite

[2011/07/12 03:18:51 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\foobar2000

[2011/07/12 03:20:15 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\IObit

[2011/03/28 17:40:43 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\Lenovo

[2011/03/25 05:03:43 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\ooVoo Details

[2011/07/03 17:56:10 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\runic games

[2011/06/28 03:22:19 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\SoftGrid Client

[2011/03/26 13:05:31 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\TP

[2011/07/12 09:57:08 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\uTorrent

[2011/03/30 23:14:46 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\Windows Live Writer

[2011/05/05 03:40:50 | 000,018,600 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT

 

========== Purity Check ==========

 

 

 

< End of report >

Share this post


Link to post
Share on other sites

This is the other part of the OTL report, sorry. I didnt see it at first, lol.

 

OTL Extras logfile created on: 7/12/2011 12:44:48 PM - Run 1

OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Sarah\Downloads

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

 

3.87 Gb Total Physical Memory | 1.99 Gb Available Physical Memory | 51.41% Memory free

7.73 Gb Paging File | 5.63 Gb Available in Paging File | 72.87% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 421.81 Gb Total Space | 327.89 Gb Free Space | 77.73% Space Free | Partition Type: NTFS

Drive D: | 29.00 Gb Total Space | 0.01 Gb Free Space | 0.02% Space Free | Partition Type: NTFS

Drive E: | 5.51 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Drive G: | 4.16 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Drive H: | 1.28 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

 

Computer Name: CHROME | User Name: Sarah | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)

 

========== Shell Spawning ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %* File not found

cmdfile [open] -- "%1" %* File not found

comfile [open] -- "%1" %* File not found

exefile [open] -- "%1" %* File not found

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %* File not found

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1" File not found

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found

scrfile [open] -- "%1" /S File not found

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

========== Authorized Applications List ==========

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector

"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant

"{1FB31F44-D4D0-4D76-944A-A1A5D79FD321}" = Windows Live Family Safety

"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery

"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources

"{78DC83C7-7E9D-4518-8DFE-C8BBF69173D9}" = AVG 2011

"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources

"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175

"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 267.76

"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 267.76

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 267.76

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.1.13.1

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application

"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053

"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety

"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter

"{DF1FFBA0-5851-46D1-90E8-818E4E75CCCF}" = AVG 2011

"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client

"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service

"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"0A4175B489A1B4A6E07E11B063A6263480C51D71" = Windows Driver Package - Lenovo (ACPIVPC) System (10/19/2009 5.4.0.1)

"AVG" = AVG 2011

"CCleaner" = CCleaner

"CNXT_AUDIO_HDA" = Conexant HD Audio

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"WinRAR archiver" = WinRAR 4.00 (64-bit)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0CE226F3-EB27-4ECD-BBF5-F088716779FD}" = Energy Management

"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java 6 Update 24

"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections

"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery

"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology

"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4BB1DCED-84D3-47F9-B718-5947E904593E}" = Lenovo EasyCamera

"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace

"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion

"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype? 5.2

"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack

"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components

"{66E3BA00-6B3D-466B-96FA-6309A7F42BB0}" = Adobe Flash Player 10 ActiveX

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7

"{8991E763-21F5-4DEA-A938-5D9D77DCB488}" = Broadcom 802.11 Wireless Driver

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010

"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{A9FE59F0-5BFA-4FDF-84C6-F45457715379}" = InstallIQ Updater

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer

"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.5

"{B2164CCB-C002-4B80-8550-7535D80DF237}" = Lenovo DirectShare

"{B70E5793-F912-4C62-AFE2-C4F0B078FD31}" = Reader Library by Sony

"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX

"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo

"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel® Turbo Boost Technology Driver

"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources

"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh

"{DFB19121-0609-49C1-92B1-546E5A940FE8}" = Onekey Theater

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E50FC5DB-7CBD-407D-A46E-0C13E45BC386}" = Oasis2Service 1.0

"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable

"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center

"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables

"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"Adobe AIR" = Adobe AIR

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Akamai" = Akamai NetSession Interface

"DAEMON Tools Lite" = DAEMON Tools Lite

"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam

"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery

"Lenovo Games Console" = Lenovo Games Console

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200

"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver

"Office14.Click2Run" = Microsoft Office Click-to-Run 2010

"OpenAL" = OpenAL

"Plants vs. Zombies" = Plants vs. Zombies

"Ragnarok Online" = Ragnarok Online

"Smart Defrag 2_is1" = Smart Defrag 2

"Steam App 42910" = Magicka

"Steam App 440" = Team Fortress 2

"uTorrent" = ?Torrent

"VLC media player" = VLC media player 1.1.7

"WinLiveSuite" = Windows Live Essentials

 

========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Google Chrome" = Google Chrome

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 6/30/2011 11:51:21 AM | Computer Name = Chrome | Source = MsiInstaller | ID = 11321

Description =

 

Error - 6/30/2011 11:51:25 AM | Computer Name = Chrome | Source = MsiInstaller | ID = 1024

Description =

 

Error - 6/30/2011 11:51:25 AM | Computer Name = Chrome | Source = MsiInstaller | ID = 1024

Description =

 

Error - 6/30/2011 11:51:25 AM | Computer Name = Chrome | Source = MsiInstaller | ID = 1024

Description =

 

Error - 6/30/2011 12:21:41 PM | Computer Name = Chrome | Source = Application Error | ID = 1000

Description = Faulting application name: Aegis64.exe, version: 0.0.0.0, time stamp:

0x4cf33fcb Faulting module name: ntdll.dll, version: 6.1.7601.17514, time stamp:

0x4ce7c8f9 Exception code: 0xc0000374 Fault offset: 0x00000000000c40f2 Faulting process

id: 0x171c Faulting application start time: 0x01cc373db52c7f69 Faulting application

path: C:\Program Files (x86)\alaplaya\S4League\Aegis64.exe Faulting module path:

C:\windows\SYSTEM32\ntdll.dll Report Id: 0976d281-a335-11e0-b132-1c75086715e8

 

Error - 6/30/2011 1:53:00 PM | Computer Name = Chrome | Source = SideBySide | ID = 16842815

Description = Activation context generation failed for "c:\Program Files (x86)\Common

Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program

Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value

"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute

"version" in element "assemblyIdentity" is invalid.

 

Error - 7/1/2011 2:01:42 AM | Computer Name = Chrome | Source = Windows Backup | ID = 4104

Description =

 

Error - 7/1/2011 6:41:08 AM | Computer Name = Chrome | Source = Application Error | ID = 1000

Description = Faulting application name: Aegis64.exe, version: 0.0.0.0, time stamp:

0x4cf33fcb Faulting module name: ntdll.dll, version: 6.1.7601.17514, time stamp:

0x4ce7c8f9 Exception code: 0xc0000374 Fault offset: 0x00000000000c40f2 Faulting process

id: 0x370 Faulting application start time: 0x01cc37c698030a03 Faulting application

path: C:\Program Files (x86)\alaplaya\S4League\Aegis64.exe Faulting module path:

C:\windows\SYSTEM32\ntdll.dll Report Id: a07273a5-a3ce-11e0-b132-1c75086715e8

 

Error - 7/1/2011 6:59:28 AM | Computer Name = Chrome | Source = SideBySide | ID = 16842815

Description = Activation context generation failed for "c:\Program Files (x86)\Common

Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program

Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value

"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute

"version" in element "assemblyIdentity" is invalid.

 

Error - 7/2/2011 6:09:46 PM | Computer Name = Chrome | Source = Application Hang | ID = 1002

Description = The program _Launcher.exe version 1.1.1.1 stopped interacting with

Windows and was closed. To see if more information about the problem is available,

check the problem history in the Action Center control panel. Process ID: 10c0 Start

Time: 01cc38e61216266f Termination Time: 374 Application Path: C:\Program Files (x86)\_Launcher.exe

 

Report

Id: f0a39751-a4f7-11e0-aeb0-1c75086715e8

 

[ System Events ]

Error - 5/16/2011 10:25:03 PM | Computer Name = Chrome | Source = Microsoft Antimalware | ID = 2001

Description =

 

Error - 5/18/2011 6:24:37 AM | Computer Name = Chrome | Source = Disk | ID = 262155

Description = The driver detected a controller error on \Device\Harddisk2\DR4.

 

Error - 6/11/2011 9:51:08 AM | Computer Name = Chrome | Source = Service Control Manager | ID = 7030

Description = The Akamai NetSession Interface service is marked as an interactive

service. However, the system is configured to not allow interactive services.

This service may not function properly.

 

Error - 6/11/2011 11:27:30 AM | Computer Name = Chrome | Source = Service Control Manager | ID = 7011

Description = A timeout (30000 milliseconds) was reached while waiting for a transaction

response from the Netman service.

 

Error - 6/12/2011 1:26:32 AM | Computer Name = Chrome | Source = Service Control Manager | ID = 7009

Description = A timeout was reached (30000 milliseconds) while waiting for the Steam

Client Service service to connect.

 

Error - 6/12/2011 1:26:32 AM | Computer Name = Chrome | Source = Service Control Manager | ID = 7000

Description = The Steam Client Service service failed to start due to the following

error: %%1053

 

Error - 6/13/2011 8:50:50 PM | Computer Name = Chrome | Source = EventLog | ID = 6008

Description = The previous system shutdown at 12:21:48 AM on ?6/?14/?2011 was unexpected.

 

Error - 6/13/2011 8:51:00 PM | Computer Name = Chrome | Source = BugCheck | ID = 1001

Description =

 

Error - 6/22/2011 12:53:34 AM | Computer Name = Chrome | Source = volsnap | ID = 393252

Description = The shadow copies of volume C: were aborted because the shadow copy

storage could not grow due to a user imposed limit.

 

Error - 7/2/2011 2:23:29 PM | Computer Name = Chrome | Source = EventLog | ID = 6008

Description = The previous system shutdown at 11:22:10 AM on ?7/?2/?2011 was unexpected.

 

 

< End of report >

Share this post


Link to post
Share on other sites

First thing I did was system restore. I hoped that would help turn everything back to normal, it didnt.

Windows has many types of normal, and not all good.

There are many restore points, each of which may have its own flavour of normal.

 

If you restored to a R.P. that was created AFTER all the uninstallation and BEFORE the registry cleaning,

that should have undone any damage done by registry cleaning.

 

If you restored to an earlier R.P. then the registry should be exactly as it was at that earlier time with all the applications before you removed them,

and probably many of the files for those applications will also be restored, but this is not very reliable.

 

Perhaps some-one may guide you if you declare what Restore Point you used,

and where that is in relation to the uninstall time and the registry clean time,

and what is now available for use.

Count me out because I only use Macrium images to restore sanity.

 

N.B. Posting and analysis of malware reports should be in SPYWARE HELL

Share this post


Link to post
Share on other sites
"The item '(Shortcut name)' that this shortcut refer to has been changed or moved, so this shortcut will no longer work properly. Do you want to delete this shortcut?"

This is typical windows behaviour when a shortcut points to an invalid path or start folder.

I'm rather doubtful over the malware link since the machine already has AVG installed and Malwarebytes has given the all clear.

 

Could you select one of your problem shortcuts and check "Target" and "Start in" properties.

 

Do you seen anything strange or missing with these settings??

 

Richard S.

Share this post


Link to post
Share on other sites

Well, all the missing files have mysteriously disappeared, I've tried to browse for them, they're gone. Some folders might be there, with a bit of clump files, but the major component is gone. Rendering it useless.

 

For instance; my Fallout 3 game. The Bethesda Softworks folder is still there, but the main core component (Data) isnt there anymore. And I cant uninstall it either, the uninstaller is missing, lol. This is basically what happens to 90% of my programs.

 

And I've tried the start in, here's the error message:

 

Problem with Shortcut

The folder 'C:\Program Files (x86)\Sony\reader\Data\bin\' specified in the Start In box is not valid. Make sure that the folder exists and that the path is correct.

 

That's my Sony E-book reader, I use it frequently so I know the program was working before.

 

*Edit:

 

I've tried to repair my AVG, this is the message it gives me:

 

Severity: Error

Error code: 0xC0070643

Error message: General internal error.

Additional message: Service ;AVGIDSAgent' AVGIDSAgent could not be stopped. Verify that you have sufficient privileges to stop system services. (0xC0070781)

Context: MSI Action failed

Share this post


Link to post
Share on other sites

It would appear the problem is a little more complicated than just simply missing registry keys.

 

Just out of curiosity have you tried chkdsk yet?? - chdsk.exe /f

 

Richard S.

Share this post


Link to post
Share on other sites

Problem with Shortcut

The folder 'C:\Program Files (x86)\Sony\reader\Data\bin\' specified in the Start In box is not valid. Make sure that the folder exists and that the path is correct.

 

Please tell me more. The error message is not much better than "Windows is broken and don't know what to do."

It says nothing about whether the folder exists where it should be, or the correctness or otherwise of the path,

these are all unknowns that should be investigated.

 

Please launch Windows Explorer and paste into the address bar

C:\Program Files (x86)\Sony\reader\Data\

does that work, i.e. is the path correct ?

can you see a folder "bin", i.e. does it exist or has it some special way of not being a valid folder ?

e.g. bin could be a file that prohibits the existence of a folder by that name at that path.

 

I do not believe cleaning the registry will delete or change any files or folders,

BUT perhaps what should be started by the "Start in box" is not valid in the absence of a key you deleted.

 

It is very possible that your system may be easily repaired if we know exactly what is wrong.

Formatting and installing Windows is not appropriate at this stage.

 

Deleting a registry key MAY cause violent consequences when the application that wants it encounters its loss.

These may include renaming or deleting files and folders

 

WARNING - I SEE DISASTER AROUND EVERY CORNER - 9 TIMES OUT OF 10 THERE IS NO TIGER WAITING TO POUNCE.

STOP READING IF YOU EASILY PANIC.

 

Twice in the last year or so an antivirus product with a name starting with "A" has deleted vital system files,

simply because of a defective virus signature database update.

Some A.V. products may quarantine, others "take no prisoners".

Registry keys control how A.V. reacts to threats.

Some A.V. will impose access restrictions to prevent malware deleting the control keys,

but other A.V. simply hide in obscure places and hope nothing stumbles across them.

Perhaps CCleaner stumbled across one of these and took it out, and now every file that is scanned is deemed a trojan.

 

Are you perhaps a victim of DRM.

Perhaps Sony reacted against the loss off a key by zapping all Sony files and folders.

A Google search produced About 3,190,000 results (0.15 seconds) for these two words

sony rootkit

This is a scary link with the phrase "often leaving reformatting the computer's hard drive as the only solution" :-

http://www.eff.org/cases/sony-bmg-litigation-info

Share this post


Link to post
Share on other sites

I've checked again and again, on every single programs that died, every one of them are missing their core data.

 

The Sony reader path:

 

C:\Program Files (x86)\Sony\Reader\Data

 

There's absolutely nothing there, just empty folders. I can't remove the program out of my uninstall list either.

So it's definetly not where it -should- be

 

On that day that I scanned my registry; a good 3000 entries showed up (spread out in 2~3 scans) And if I scan it right now, it's still doing the same thing. Most of the problems listed are:

 

Missing Shared DLL

Unused File Extention

Unused Registry Key

Open with Application Issue

Invalid Default Icon

ActiveX/COM Issue

Missing TypeLib Reference

Font Issue

Application Paths Issue

Installer Reference Issue

Invalid Firewall Rule

Missing MUI Reference

Invalid File Reference

 

The ones in bold are the ones that show up most. On the first scan, I got about 2k entries.

 

And when this happened, I magically gained back 30gbs of space.

 

I really do hope it's not the DRM problem D: Only thing I use from Sony is the reader.

Share this post


Link to post
Share on other sites

Might be an idea to look from outside of Windows to make sure things are gone.

 

You tried a linux cd?

Share this post


Link to post
Share on other sites

And when this happened, I magically gained back 30gbs of space.

That is really ominous, but it might just be one of those Windows things,

e.g. perhaps obsolete System Restore Points had just been dumped.

 

If you can cope with Linux then Hazel's suggestion is ideal.

If not I am sure Hazel can guide you.

 

Years ago I gave up trying to create a Bart Boot CD due to absence of Windows installation discs,

and Linux CLI failed - I knew DOS commands and how to get help with /?

but Linux was something else.

 

For me easy solutions MIGHT POSSIBLY be :-

 

1)

Run CMD.EXE and issue the command

C:\Program Files (x86)\Sony\reader\Data\bin

 

If Windows slaps you down and refuses then you already have an invisible "bin",

the problem is that there are access restrictions/permissions issues which lock you out.

 

2)

use Everything from http://www.voidtools.com/

 

On XP Home my daughter and I had separate profiles and we could not see what the other had.

Everything changed that.

If I searched for "Cache" it not only gave me the size and date of all Firefox caches in my profile,

it also alerted me to the fact that my daughter did not always use CCleaner on shutdown and she still had caches,

but privacy invasion was minimal, I only saw the existence, not the size or date because that access was prohibited.

 

I do not know, but if you search for "bin" you may find it reported on the path C:\Program Files (x86)\Sony\reader\Data\

but possibly only the fact that it exists, but no date or size.

This might show if there are access restrictions that prevent Windows Explorer from seeing your "bin"

Share this post


Link to post
Share on other sites

I've tried several things, overwritten on programs that could, and ignoring what couldn't be, but at this rate, I'd never be able to defrag/clean out my computer again. Since the problem still persists and refuses to make itself known. So I'm backing up all my docs and I'm just gonna do system recovery. It's given me enough problems without finding the answer. The more I look, the more I'm lost >.<

 

Thank you so much for all your help, I really appreciate it. :)

Share this post


Link to post
Share on other sites

After restoring your system if you decide to use CCleaner again make certain the installer is from the official website http://www.piriform.com/ccleaner, reason being there are rip-off versions that may be malicious.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...