Firefox keeps freezing and keeps not responding... HiJackThis log attached!

Solved
By ryukensfj
Sep 2, 2010
Topic Status:
Not open for further replies.
  1. Hello all,

    I'm currently having a problem with Firefox freezing up but if you wait a bit it comes back. I've ran Malewarebytes, Adaware, Spybot, and ccleaner, all in Safe mode thinking it could be a virus/maleware. It would happen occasionally but atm it is not doing it... I'm using Firefox to post this. Other than this issue I don't have any other problems. I tried running ComboFix but good thing it didn't work because I'm on windows7 64bit. After seeing the stickied thread I decided not to pursue with ComboFix until I get advice from the professionals.

    Here is my HiJackThis log...

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 9:23:26 PM, on 9/1/2010
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16385)
    Boot mode: Normal

    Running processes:
    E:\my download files\G15SpeedFan-1.1.0\G15SpeedFan.exe
    C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
    C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\SpeedFan\speedfan.exe
    C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Program Files (x86)\AIM\aim.exe
    C:\Users\Jonathan Wu\Desktop\HijackThis.exe
    C:\Windows\SysWOW64\DllHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Virtual Account Numbers Helper - {17424104-1444-4810-85D7-B4DA413C5A9A} - C:\Program Files (x86)\Virtual Account Numbers\CitiVANHelper.dll
    O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
    O3 - Toolbar: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - (no file)
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: Virtual Account Numbers - {7A21A046-B886-4A62-9D69-EF2059B0A27B} - C:\Program Files (x86)\Virtual Account Numbers\CitiVANToolbar.dll
    O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
    O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet
    O4 - HKCU\..\Run: [Aim] "C:\Program Files (x86)\AIM\aim.exe" /d locale=en-US
    O4 - HKCU\..\Run: [EPSON Stylus CX8400 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICEA.EXE /FU "C:\Users\JONATH~1\AppData\Local\Temp\E_S2A39.tmp" /EF "HKCU"
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - Startup: RivaTuner.lnk = C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTunerWrapper.exe
    O4 - Global Startup: Logitech SetPoint.lnk = ?
    O4 - Global Startup: SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe
    O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
    O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
    O15 - Trusted IP range: http://127.0.0.1
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll acaptuser32.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\logishrd\Bluetooth\LBTServ.exe
    O23 - Service: Marvell RAID Event Agent (Marvell RAID) - Unknown owner - C:\Program Files (x86)\Marvell\raid\svc\mvraidsvc.exe
    O23 - Service: MRU Web Service (MRUWebService) - Apache Software Foundation - C:\Program Files (x86)\Marvell\raid\Apache2\bin\httpd.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: WSWNDA3100 - Unknown owner - C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe

    --
    End of file - 11822 bytes
  2. Broni

    Broni Malware Annihilator Posts: 45,208   +243

  3. ryukensfj

    ryukensfj Newcomer, in training Topic Starter Posts: 42

    Ok, doing the scans now, will be posting the logs shortly.
  4. ryukensfj

    ryukensfj Newcomer, in training Topic Starter Posts: 42

    Malewarebytes log

    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org

    Database version: 4527

    Windows 6.1.7600
    Internet Explorer 8.0.7600.16385

    9/1/2010 10:22:44 PM
    mbam-log-2010-09-01 (22-22-44).txt

    Scan type: Quick scan
    Objects scanned: 141106
    Time elapsed: 8 minute(s), 20 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)
  5. ryukensfj

    ryukensfj Newcomer, in training Topic Starter Posts: 42

    DDS.txt

    DDS (Ver_10-03-17.01) - NTFSX64
    Run by Jonathan Wu at 22:23:44.09 on Wed 09/01/2010
    Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_21
    Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.8187.5829 [GMT -7:00]


    ============== Running Processes ===============

    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\WUDFHost.exe
    C:\Windows\system32\WUDFHost.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
    C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Marvell\raid\Apache2\bin\httpd.exe
    C:\Windows\SysWOW64\PnkBstrA.exe
    C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
    C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\Marvell\raid\Apache2\bin\httpd.exe
    C:\Program Files (x86)\Marvell\raid\svc\mvraidsvc.exe
    C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
    C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
    C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files\Logitech\Gaming Software\LWEMon.exe
    C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe
    C:\Program Files\Logitech\GamePanel Software\Applets\LCDRSS.exe
    E:\my download files\G15SpeedFan-1.1.0\G15SpeedFan.exe
    C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
    C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files (x86)\SpeedFan\speedfan.exe
    C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
    C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Program Files (x86)\AIM\aim.exe
    C:\Users\Jonathan Wu\Desktop\dds.scr
    C:\Windows\system32\conhost.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

    ============== Pseudo HJT Report ===============

    mLocal Page = c:\windows\syswow64\blank.htm
    BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files (x86)\adobe\acrobat 7.0\activex\AcroIEHelper.dll
    BHO: Virtual Account Numbers Helper: {17424104-1444-4810-85d7-b4da413c5a9a} - c:\program files (x86)\virtual account numbers\CitiVANHelper.dll
    BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files (x86)\kaspersky lab\kaspersky internet security 2010\ievkbd.dll
    BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files (x86)\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll
    BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\program files (x86)\kaspersky lab\kaspersky internet security 2010\klwtbbho.dll
    TB: {DE9C389F-3316-41A7-809B-AA305ED9D922} - No File
    TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files (x86)\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
    TB: Virtual Account Numbers: {7a21a046-b886-4a62-9d69-ef2059b0a27b} - c:\program files (x86)\virtual account numbers\CitiVANToolbar.dll
    EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files (x86)\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
    uRun: [Messenger (Yahoo!)] "c:\progra~2\yahoo!\messen~1\YahooMessenger.exe" -quiet
    uRun: [Aim] "c:\program files (x86)\aim\aim.exe" /d locale=en-US
    uRun: [EPSON Stylus CX8400 Series] c:\windows\system32\spool\drivers\x64\3\e_iaticea.exe /fu "c:\users\jonath~1\appdata\local\temp\E_S2A39.tmp" /EF "HKCU"
    mRun: [AVP] "c:\program files (x86)\kaspersky lab\kaspersky internet security 2010\avp.exe"
    mRun: [<NO NAME>]
    mRun: [NUSB3MON] "c:\program files (x86)\nec electronics\usb 3.0 host controller driver\application\nusb3mon.exe"
    mRun: [SunJavaUpdateSched] "c:\program files (x86)\common files\java\java update\jusched.exe"
    StartupFolder: c:\users\jonath~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\rivatu~1.lnk - c:\program files (x86)\rivatuner v2.24 msi master overclocking arena 2009 edition\RivaTunerWrapper.exe
    StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
    StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\speedfan.lnk - c:\program files (x86)\speedfan\speedfan.exe
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
    mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableLUA = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
    IE: Add to Anti-Banner - c:\program files (x86)\kaspersky lab\kaspersky internet security 2010\ie_banner_deny.htm
    IE: Convert link target to Adobe PDF - c:\program files (x86)\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
    IE: Convert link target to existing PDF - c:\program files (x86)\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convert selected links to Adobe PDF - c:\program files (x86)\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Convert selected links to existing PDF - c:\program files (x86)\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Convert selection to Adobe PDF - c:\program files (x86)\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
    IE: Convert selection to existing PDF - c:\program files (x86)\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convert to Adobe PDF - c:\program files (x86)\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
    IE: Convert to existing PDF - c:\program files (x86)\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    IE: E&xport to Microsoft Excel - c:\progra~2\micros~1\office12\EXCEL.EXE/3000
    IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files (x86)\kaspersky lab\kaspersky internet security 2010\klwtbbho.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~2\micros~1\office12\REFIEBAR.DLL
    IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files (x86)\kaspersky lab\kaspersky internet security 2010\klwtbbho.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~2\common~1\skype\SKYPE4~1.DLL
    AppInit_DLLs: c:\progra~2\kasper~1\kasper~1\mzvkbd3.dll,c:\progra~2\kasper~1\kasper~1\sbhook.dll acaptuser32.dll
    BHO-X64: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - c:\program files (x86)\kaspersky lab\kaspersky internet security 2010\x64\ievkbd.dll
    BHO-X64: IEVkbdBHO - No File
    BHO-X64: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - c:\program files (x86)\kaspersky lab\kaspersky internet security 2010\x64\klwtbbho.dll
    BHO-X64: link filter bho - No File
    TB-X64: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
    mRun-x64: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    mRun-x64: [Launch LgDeviceAgent] "c:\program files\logitech\gamepanel software\LgDevAgt.exe"
    mRun-x64: [Launch LCDMon] "c:\program files\logitech\gamepanel software\lcd manager\LCDMon.exe"
    mRun-x64: [Launch LGDCore] "c:\program files\logitech\gamepanel software\g-series software\LGDCore.exe" /SHOWHIDE
    mRun-x64: [RtHDVCpl] c:\program files\realtek\audio\hda\RAVCpl64.exe -s
    mRun-x64: [Start WingMan Profiler] c:\program files\logitech\gaming software\LWEMon.exe /noui
    AppInit_DLLs-X64: c:\progra~2\kasper~1\kasper~1\x64\sbhook64.dll,c:\progra~2\kasper~1\kasper~1\x64\kloehk.dll
    Hosts: 127.0.0.1 www.spywareinfo.com

    ================= FIREFOX ===================

    FF - ProfilePath - c:\users\jonath~1\appdata\roaming\mozilla\firefox\profiles\cu5ng713.default\
    FF - prefs.js: browser.startup.homepage - hxxp://nissan.promo.eprize.com/nismo/
    FF - prefs.js: network.proxy.type - 0
    FF - component: c:\users\jonathan wu\appdata\roaming\mozilla\firefox\profiles\cu5ng713.default\extensions\support@lastpass.com\platform\winnt_x86-msvc\components\lpxpcom.dll
    FF - plugin: c:\program files (x86)\divx\divx plus web player\npdivx32.dll
    FF - plugin: c:\program files (x86)\java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files (x86)\nvidia corporation\3d vision\npnv3dv.dll
    FF - plugin: c:\program files (x86)\nvidia corporation\3d vision\npnv3dvstreaming.dll
    FF - plugin: c:\program files (x86)\quicktime\plugins\npqtplugin8.dll
    FF - plugin: c:\users\jonathan wu\appdata\local\google\update\1.2.183.29\npGoogleOneClick8.dll
    FF - plugin: c:\users\jonathan wu\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll

    ---- FIREFOX POLICIES ----
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
    c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
    c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
    c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
    c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
    c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
  6. ryukensfj

    ryukensfj Newcomer, in training Topic Starter Posts: 42

    DDS.txt continued

    ============= SERVICES / DRIVERS ===============

    R0 KLBG;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2009-10-14 40464]
    R0 mv91cons;Marvell 91xx Config Device Driver;c:\windows\system32\drivers\mv91cons.sys [2009-10-26 22568]
    R0 SCMNdisP;General NDIS Protocol Driver;c:\windows\system32\drivers\SCMNdisP.sys [2010-6-16 25312]
    R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\drivers\klim6.sys [2009-9-14 27152]
    R1 VWiFiFlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 59904]
    R2 AVP;Kaspersky Internet Security;c:\program files (x86)\kaspersky lab\kaspersky internet security 2010\avp.exe [2009-10-20 340520]
    R2 Marvell RAID;Marvell RAID Event Agent;c:\program files (x86)\marvell\raid\svc\mvraidsvc.exe [2010-3-7 235560]
    R2 MRUWebService;MRU Web Service;c:\program files (x86)\marvell\raid\apache2\bin\httpd.exe [2008-6-12 24635]
    R2 StarWindServiceAE;StarWind AE Service;c:\program files (x86)\alcohol soft\alcohol 120\starwind\StarWindServiceAE.exe [2007-5-28 275968]
    R2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\tomtom home 2\TomTomHOMEService.exe [2010-6-24 92008]
    R2 WSWNDA3100;WSWNDA3100;c:\program files (x86)\netgear\wnda3100v2\WifiSvc.exe [2010-6-20 278528]
    R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009-10-2 21008]
    R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-11-23 22408]
    R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2009-11-23 16008]
    R3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\drivers\lvpopf64.sys [2007-5-11 1361952]
    R3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys [2007-5-11 50208]
    R3 LVUVC64;Logitech QuickCam Pro 5000(UVC);c:\windows\system32\drivers\lvuvc64.sys [2007-5-11 3612704]
    R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2009-9-25 73728]
    R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2009-9-25 178688]
    R3 RivaTuner64;RivaTuner64;c:\program files (x86)\rivatuner v2.24 msi master overclocking arena 2009 edition\RivaTuner64.sys [2009-8-22 19952]
    R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt64win7.sys [2010-2-3 239616]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;c:\windows\system32\drivers\bcmwlhigh664.sys [2010-6-16 838136]
    S3 MRV6X64U;Marvell TOPDOG 802.11n WLAN Driver for Vista x64 (USB8x);c:\windows\system32\drivers\WN111x.sys [2007-10-28 340480]
    S3 N5SG;Airlink101 SuperG Wireless Network Adapter Service;c:\windows\system32\drivers\N5SG.sys [2010-5-17 659488]
    S3 netr7364;Belkin Wireless 54G USB Network Adapter Driver;c:\windows\system32\drivers\netr7364.sys [2010-6-7 716800]
    S3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl64.sys [2009-10-16 50176]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-13 17920]
    S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-2-24 1255736]

    =============== Created Last 30 ================

    2010-09-01 22:13:56 861184 ----a-w- c:\windows\system32\oleaut32.dll
    2010-09-01 22:13:56 571904 ----a-w- c:\windows\syswow64\oleaut32.dll
    2010-08-31 22:20:26 0 d-----w- c:\programdata\NVIDIA Corporation
    2010-08-31 02:06:51 0 d-----w- c:\programdata\Spybot - Search & Destroy
    2010-08-31 02:06:51 0 d-----w- c:\program files (x86)\Spybot - Search & Destroy
    2010-08-26 02:41:51 0 d-----w- c:\users\jonath~1\appdata\roaming\saltwater
    2010-08-26 01:14:39 0 d-----w- c:\program files (x86)\Power Mp3 Cutter(Mp3 Sound Cutter)
    2010-08-26 01:09:05 352256 ----a-w- c:\windows\syswow64\eSellerateEngine.dll
    2010-08-24 06:34:56 92160 ----a-w- c:\windows\system32\drivers\ser2pl64.sys
    2010-08-22 21:07:21 153376 ----a-w- c:\windows\syswow64\javaws.exe
    2010-08-22 21:07:21 145184 ----a-w- c:\windows\syswow64\javaw.exe
    2010-08-22 21:07:21 145184 ----a-w- c:\windows\syswow64\java.exe
    2010-08-13 19:03:18 65536 --sha-w- c:\users\jonathan wu\ntuser.dat{b935d5da-a70b-11df-aeda-6cf04902f6e9}.TM.blf
    2010-08-13 19:03:18 524288 --sha-w- c:\users\jonathan wu\ntuser.dat{b935d5da-a70b-11df-aeda-6cf04902f6e9}.TMContainer00000000000000000002.regtrans-ms
    2010-08-13 19:03:18 524288 --sha-w- c:\users\jonathan wu\ntuser.dat{b935d5da-a70b-11df-aeda-6cf04902f6e9}.TMContainer00000000000000000001.regtrans-ms
    2010-08-13 18:51:26 65536 --sha-w- c:\users\jonathan wu\ntuser.dat{26e002d7-a708-11df-a6d5-6cf04902f6e9}.TM.blf
    2010-08-13 18:51:26 524288 --sha-w- c:\users\jonathan wu\ntuser.dat{26e002d7-a708-11df-a6d5-6cf04902f6e9}.TMContainer00000000000000000002.regtrans-ms
    2010-08-13 18:51:26 524288 --sha-w- c:\users\jonathan wu\ntuser.dat{26e002d7-a708-11df-a6d5-6cf04902f6e9}.TMContainer00000000000000000001.regtrans-ms
    2010-08-09 12:23:48 65536 --sha-w- c:\users\jonathan wu\ntuser.dat{0b9330cb-a3af-11df-bbca-6cf04902f6e9}.TM.blf
    2010-08-09 12:23:48 524288 --sha-w- c:\users\jonathan wu\ntuser.dat{0b9330cb-a3af-11df-bbca-6cf04902f6e9}.TMContainer00000000000000000002.regtrans-ms
    2010-08-09 12:23:48 524288 --sha-w- c:\users\jonathan wu\ntuser.dat{0b9330cb-a3af-11df-bbca-6cf04902f6e9}.TMContainer00000000000000000001.regtrans-ms
    2010-08-09 11:32:21 65536 --sha-w- c:\users\jonathan wu\ntuser.dat{5eb5b54b-a3a8-11df-b730-e609a8fa427d}.TM.blf
    2010-08-09 11:32:21 524288 --sha-w- c:\users\jonathan wu\ntuser.dat{5eb5b54b-a3a8-11df-b730-e609a8fa427d}.TMContainer00000000000000000002.regtrans-ms
    2010-08-09 11:32:21 524288 --sha-w- c:\users\jonathan wu\ntuser.dat{5eb5b54b-a3a8-11df-b730-e609a8fa427d}.TMContainer00000000000000000001.regtrans-ms

    ==================== Find3M ====================

    2010-09-01 23:47:40 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs
    2010-08-13 19:03:47 149773 ----a-w- c:\windows\system32\drivers\klin.dat
    2010-08-13 19:03:47 106765 ----a-w- c:\windows\system32\drivers\klick.dat
    2010-07-17 12:00:04 423656 ----a-w- c:\windows\syswow64\deployJava1.dll
    2010-07-09 23:27:02 61032 ----a-w- c:\windows\system32\nvshext.dll
    2010-07-09 23:27:02 159336 ----a-w- c:\windows\system32\nvvsvc.exe
    2010-07-09 23:27:02 1585256 ----a-w- c:\windows\system32\nvsvc64.dll
    2010-07-09 23:27:02 15314024 ----a-w- c:\windows\system32\nvcpl.dll
    2010-07-09 23:27:02 116328 ----a-w- c:\windows\system32\nvmctray.dll
    2010-07-07 20:46:54 660072 ----a-w- c:\windows\system32\nvuninst.exe
    2010-06-07 23:56:03 305152 ----a-w- c:\windows\system32\RaCoInstx.dll
    2009-07-14 05:37:38 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
    2009-07-14 05:37:38 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
    2009-07-14 05:37:38 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
    2009-07-14 05:37:38 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
    2009-07-14 04:54:24 174 --sha-w- c:\program files\desktop.ini
    2009-07-14 04:54:24 174 --sha-w- c:\program files (x86)\desktop.ini
    2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
    2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
    2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
    2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
    2007-11-30 21:14:02 315392 ----a-w- c:\windows\inf\wn111\InstProtocol.exe
    2007-10-29 03:22:32 340480 ----a-w- c:\windows\inf\wn111\WN111x.sys
    2007-10-29 03:21:54 310016 ----a-w- c:\windows\inf\wn111\WN111.sys
    2007-09-11 10:23:46 18944 ----a-w- c:\windows\inf\wn111\mrv64drv.sys
    2007-09-11 10:23:46 15360 ----a-w- c:\windows\inf\wn111\mrveap32.sys
    2007-05-24 21:58:00 249856 ----a-w- c:\windows\inf\wn111\InsDrv2k.exe
    2006-07-05 18:21:50 212992 ----a-w- c:\windows\inf\wn111\CopyWHQLDriver.exe
    2005-11-17 22:46:24 845736 ----a-w- c:\windows\inf\wn111\DPInst.exe
    2009-06-10 20:44:08 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
    2010-01-22 08:00:01 245760 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\ietldcache\index.dat
    2009-07-14 01:39:53 398848 --sha-w- c:\windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f696639a2\WinMail.exe
    2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

    ============= FINISH: 22:24:31.41 ===============
  7. ryukensfj

    ryukensfj Newcomer, in training Topic Starter Posts: 42

    Attach.txt

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Ver_10-03-17.01)

    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume2
    Install Date: 9/22/2005 4:12:57 PM
    System Uptime: 8/31/2010 4:09:29 PM (5 hours ago)

    Motherboard: Dell Inc. | | 0J8885
    Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz | Microprocessor | 2992/800mhz

    ==== Disk Partitions =========================

    C: is FIXED (NTFS) - 70 GiB total, 11.439 GiB free.
    D: is CDROM ()
    G: is FIXED (NTFS) - 466 GiB total, 393.502 GiB free.

    ==== Disabled Device Manager Items =============

    Class GUID: {4D36E97D-E325-11CE-BFC1-08002BE10318}
    Description: Zune Bus Root Bus Enumerator
    Device ID: ROOT\SYSTEM\0004
    Manufacturer: Microsoft
    Name: Zune Bus Root Bus Enumerator
    PNP Device ID: ROOT\SYSTEM\0004
    Service: zumbus

    ==== System Restore Points ===================

    RP1: 8/22/2010 4:17:03 PM - System Checkpoint
    RP2: 8/23/2010 1:20:31 AM - Software Distribution Service 3.0
    RP3: 8/24/2010 12:53:20 AM - Software Distribution Service 3.0
    RP4: 8/25/2010 10:13:56 PM - Scan
    RP5: 8/26/2010 1:00:51 PM - Software Distribution Service 3.0
    RP6: 8/26/2010 6:00:43 PM - Software Distribution Service 3.0
    RP7: 8/26/2010 10:12:35 PM - Software Distribution Service 3.0
    RP8: 8/28/2010 11:32:29 PM - System Checkpoint
    RP9: 8/30/2010 12:33:35 AM - System Checkpoint
    RP10: 8/30/2010 1:16:14 AM - Software Distribution Service 3.0
    RP11: 8/30/2010 11:11:41 PM - Software Distribution Service 3.0
    RP12: 8/30/2010 11:28:03 PM - New idea
    RP13: 8/31/2010 3:37:04 PM - HiJackthis(wilder)
    RP14: 8/31/2010 8:52:23 PM - Removed Logitech Desktop Messenger

    ==== Installed Programs ======================

    Sansa Media Converter
    ABBYY FineReader 6.0 Sprint
    Ad-Aware
    Adobe AIR
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Photoshop CS
    Adobe Reader 9.3.4
    Adobe Shockwave Player 11.5
    Adobe® Photoshop® Album Starter Edition 3.2
    Advanced SystemCare 3
    AGEIA PhysX v7.09.13
    Alt-Tab Task Switcher Powertoy for Windows XP
    AM-DeadLink 3.1
    AmbiCom WL11-SD for Windows Mobile
    AOLIcon
    AppAway 1.0
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    ArcSoft PhotoImpression 6
    ArcSoft Print Creations
    Argali White & Yellow
    ATI - Software Uninstall Utility
    ATI Catalyst Control Center
    ATI Control Panel
    ATI Display Driver
    AudibleManager
    Auslogics Disk Defrag
    AVI Splitter
    Avira AntiVir Personal - Free Antivirus
    Barnes & Noble Desktop Reader
    BitPim 1.0.1
    Blue Coat® K9 Web Protection 4.0.296
    Blue Squirrel ClickBook 11
    BlueBlitz MagicBeamer Demo
    BlueSoleil
    Bonjour
    Browser Defender 2.0.6.15
    Calculator Powertoy for Windows XP
    Canon Camera Access Library
    Canon Camera Support Core Library
    Canon G.726 WMP-Decoder
    Canon MovieEdit Task for ZoomBrowser EX
    Canon RAW Image Task for ZoomBrowser EX
    Canon Utilities CameraWindow
    Canon Utilities CameraWindow DC
    Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX
    Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
    Canon Utilities EOS Utility
    Canon Utilities MyCamera
    Canon Utilities MyCamera DC
    Canon Utilities PhotoStitch
    Canon Utilities RemoteCapture Task for ZoomBrowser EX
    Canon Utilities ZoomBrowser EX
    Canon ZoomBrowser EX Memory Card Utility
    Catalyst Control Center - Branding
    Catalyst Control Center Core Implementation
    Catalyst Control Center Graphics Full Existing
    Catalyst Control Center Graphics Full New
    Catalyst Control Center Graphics Light
    Catalyst Control Center Graphics Previews Common
    Catalyst Control Center HydraVision Full
    Catalyst Control Center Localization All
    ccc-core-preinstall
    ccc-core-static
    ccc-utility
    CCC Help Chinese Standard
    CCC Help Chinese Traditional
    CCC Help Czech
    CCC Help Danish
    CCC Help Dutch
    CCC Help English
    CCC Help Finnish
    CCC Help French
    CCC Help German
    CCC Help Greek
    CCC Help Hungarian
    CCC Help Italian
    CCC Help Japanese
    CCC Help Korean
    CCC Help Norwegian
    CCC Help Polish
    CCC Help Portuguese
    CCC Help Russian
    CCC Help Spanish
    CCC Help Swedish
    CCC Help Thai
    CCC Help Turkish
    CDDRV_Installer
    Comcast PhotoShow Deluxe 4
    Compatibility Pack for the 2007 Office system
    Creative MediaSource
    Creative Removable Disk Manager
    Creative System Information
    Creative ZEN
    Creative Zen Vision M
    Cryptainer Drivers
    Cryptainer LE
    CutePDF Writer 2.7
    DataPilot
    DataPilot USB Driver Pack
    Debut Video Capture Software
    Dell Digital Jukebox Driver
    Dell Support Center (Support Software)
    DellSupport
    Disk Space Finder
    DivX Codec
    DivX Content Uploader
    DivX Converter
    DivX Player
    DivX Web Player
    e-Sword
    eMedia Beginner Guitar Lessons
    EPSON CX9400 User's Guide
    EPSON Printer Software
    EPSON Scan
    EPSON Stylus CX9400Fax Series Scanner Driver Update
    EPSON Web-To-Page
    Eraser
    ESET Online Scanner v3
    Express Scribe
    File Shredder 2.0
    FlashLynx Video Download Software
    Folder Size for Windows
    FormatFactory 2.30
    Freelang Dictionary (wordlist)
    Freelang Dictionary 3.74 beta
    FreeUndelete
    Full Tilt Poker
    G-Force
    getPlus(R)_ocx
    GIMP 2.6.8
    GiPo@MoveOnBoot 1.9.5
    Golden Records Vinyl to CD Converter
    Google Earth
    Google Update Helper
    Graboid Video 1.5
    Guitar Praise
    HelloWorld Spanish Verb Conjugator V2.0
    HiJackThis
    HijackThis 2.0.2
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Internet Explorer 7 (KB947864)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Player 10 (KB903157)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB932716-v2)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB979306)
    Hotfix for Windows XP (KB981793)
    HTML Slideshow Powertoy for Windows XP
    IE Privacy Keeper
    Inspector Parker
    Intel(R) 537EP V9x DF PCI Modem
    Intel(R) PRO Network Connections Software v9.2.4.11
    Intel(R) PROSafe for Wired Connections
    Internet Explorer Default Page
    IrfanView (remove only)
    iTunes
    IZArc 3.81
    JAP
    Jasc Paint Shop Photo Album 5
    Jasc Paint Shop Pro Studio, Dell Editon
    Java Auto Updater
    Java(TM) 6 Update 21
    Jawbreaker
    K-Lite Codec Pack 4.9.5 (Full)
    Keylogger Hunter 2.1
    KhalInstallWrapper
    KhalSetup
    Korean Fonts Support For Adobe Reader 9
    Learn2 Player (Uninstall Only)
    LG USB Modem driver
    LimeWire 4.18.8
    Logitech SetPoint
    Macromedia Flash Player
    Magic ISO Maker v5.4 (build 0251)
    Malwarebytes' Anti-Malware
    Microsoft .NET Framework 1.0 Hotfix (KB979904)
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft ActiveSync 3.7
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
    Microsoft National Language Support Downlevel APIs
    Microsoft Office Converter Pack
    Microsoft Office PowerPoint Viewer 2007 (English)
    Microsoft Office Professional Edition 2003
    Microsoft Plus! Digital Media Edition Installer
    Microsoft Plus! Photo Story 2 LE
    Microsoft Reader for Pocket PC
    Microsoft Silverlight
    Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft WinUsb 1.0
    Microsoft Works 6-9 Converter
    MOBILedit! 2.2
    Modem Event Monitor
    Modem Helper
    Modem On Hold
    Move Networks Media Player for Internet Explorer
    Mozilla ActiveX Control v1.7.12
    Mozilla Firefox (3.6.8)
    MP3 Player Recovery Tool
    MP3MyMP3 3.0
    MPlugin_USA
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 4.0 SP2 and SOAP Toolkit 3.0
    MSXML 6 Service Pack 2 (KB973686)
    Musicmatch for Windows Media Player
    MyDefrag v4.3.1
    NCH Toolbox
    Ocean - Research Library
    OpenOffice.org 2.3
    Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0
    OverDrive Media Console
    Paint.NET v3.5.5
    Panda ActiveScan 2.0
    PDF reDirect (remove only)
    Photodex Presenter
    Picasa 3
    PitchPerfect Musical Instrument Tuner
    Pocket e-Sword (2005)
    PowerDVD 5.5
    PrimoPDF
    Project64 1.6
    Python 3.1.2
    QuickTime
    RawShooter essentials 2006
    Real Alternative 1.43
    RecordPad Sound Recorder
    Rhapsody
    Rhapsody Player Engine
    Security Update for CAPICOM (KB931906)
    Security Update for Windows Internet Explorer 7 (KB928090)
    Security Update for Windows Internet Explorer 7 (KB929969)
    Security Update for Windows Internet Explorer 7 (KB931768)
    Security Update for Windows Internet Explorer 7 (KB933566)
    Security Update for Windows Internet Explorer 7 (KB937143)
    Security Update for Windows Internet Explorer 7 (KB938127)
    Security Update for Windows Internet Explorer 7 (KB939653)
    Security Update for Windows Internet Explorer 7 (KB942615)
    Security Update for Windows Internet Explorer 7 (KB944533)
    Security Update for Windows Internet Explorer 7 (KB950759)
    Security Update for Windows Internet Explorer 7 (KB953838)
    Security Update for Windows Internet Explorer 7 (KB956390)
    Security Update for Windows Internet Explorer 7 (KB958215)
    Security Update for Windows Internet Explorer 7 (KB960714)
    Security Update for Windows Internet Explorer 7 (KB961260)
    Security Update for Windows Internet Explorer 7 (KB963027)
    Security Update for Windows Internet Explorer 7 (KB969897)
    Security Update for Windows Internet Explorer 8 (KB2183461)
    Security Update for Windows Internet Explorer 8 (KB971961)
    Security Update for Windows Internet Explorer 8 (KB981332)
    Security Update for Windows Internet Explorer 8 (KB982381)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2160329)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2286198)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951376)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB953839)
    Security Update for Windows XP (KB954211)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956391)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB957095)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961371)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977165-v2)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978251)
    Security Update for Windows XP (KB978262)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981852)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982214)
    Security Update for Windows XP (KB982665)
    Sibelius Scorch (Firefox, Opera, Netscape only)
    Skins
    Smart Defrag
    SNOCAP MyStore Download Manager
    SoftSkies
    Sonic DLA
    Sonic Encoders
    Sonic RecordNow Audio
    Sonic RecordNow Copy
    Sonic RecordNow Data
    Sonic Update Manager
    Sony Media Manager 2.2
    Sothink HTML Editor 2.5
    SoulSeek Client 156c
    Spybot - Search & Destroy
    Spyware Doctor 7.0
    StoryHarp version 1.32
    SUPERAntiSpyware
    SWF Opener
    TBS WMP Plug-in
    TempoPerfect
    The Weather Channel Desktop 6
    Timez Attack
    Trillian
    Tweak UI
    TypingMaster Pro
    TypingMaster TypingTest
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows Internet Explorer 8 (KB976662)
    Update for Windows Internet Explorer 8 (KB980182)
    Update for Windows Media Player 10 (KB913800)
    Update for Windows XP (KB951072-v2)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    Update Rollup 2 for Windows XP Media Center Edition 2005
    VideoLAN VLC media player 0.8.6d
    VideoPad Video Editor
    ViewSonic Monitor Drivers
    Visual C++ 2008 x86 Runtime - (v9.0.30729)
    Visual C++ 2008 x86 Runtime - v9.0.30729.01
    Vuze
    WavePad Sound Editor
    WebCyberCoach 3.2 Dell
    WebFldrs XP
    Windows Genuine Advantage v1.3.0254.0
    Windows Imaging Component
    Windows Internet Explorer 7
    Windows Media Format 11 runtime
    Windows Media Player 10
    Windows Media Player 11
    Windows Media Player Firefox Plugin
    Windows Presentation Foundation
    Windows Resource Kit Tools - SubInAcl.exe
    Windows XP Media Center Edition 2005 KB925766
    Windows XP Media Center Edition 2005 KB973768
    Windows XP Service Pack 3
    WinPatrol 2008
    Xilisoft Video Converter 3
    XML Paper Specification Shared Components Pack 1.0
    Yahoo! BrowserPlus 2.9.8
    ZENcast Organizer
    Zune Language Pack (ES)

    ==== Event Viewer Messages From Past Week ========

    8/31/2010 2:26:20 PM, information: Windows File Protection [64021] - The system file c:\program files\windows media player\mplayer2.exe could not be copied into the DLL cache. The specific error code is 0x000004c7 [The operation was canceled by the user. ]. This file is necessary to maintain system stability.
    8/31/2010 2:26:20 PM, information: Windows File Protection [64018] - Windows File Protection file scan was cancelled by user interaction, user name is Family.
    8/31/2010 2:20:12 PM, information: Windows File Protection [64016] - Windows File Protection file scan was started.
    8/28/2010 7:11:54 PM, error: Service Control Manager [7000] - The SASKUTIL service failed to start due to the following error: The system cannot find the file specified.
    8/28/2010 7:11:54 PM, error: Service Control Manager [7000] - The SASDIFSV service failed to start due to the following error: The system cannot find the file specified.
    8/27/2010 9:34:02 PM, error: Service Control Manager [7034] - The IS360service service terminated unexpectedly. It has done this 1 time(s).
    8/26/2010 7:33:35 PM, error: VolSnap [25] - The shadow copy of volume C: was aborted because the diff area file could not grow in time. Consider reducing the IO load on this system to avoid this problem in the future.
    8/26/2010 7:32:03 PM, error: VolSnap [12] - The shadow copy of volume C: became low on diff area space before it was properly installed.
    8/26/2010 7:23:26 PM, error: Service Control Manager [7031] - The Avira AntiVir Guard service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
    8/26/2010 6:24:40 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service ntmssvc with arguments "-Service" in order to run the server: {D61A27C6-8F53-11D0-BFA0-00A024151983}
    8/26/2010 1:02:11 PM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft Silverlight (KB982926).
    8/24/2010 3:54:50 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the JavaQuickStarterService service.
    8/24/2010 3:53:16 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SASDIFSV SASKUTIL
    8/24/2010 3:53:04 PM, error: Service Control Manager [7024] - The Media Center Extender Service service terminated with service-specific error 2147500037 (0x80004005).
    8/24/2010 3:53:04 PM, error: Service Control Manager [7000] - The Zune Bus Enumerator Driver service failed to start due to the following error: The system cannot find the file specified.
    8/24/2010 3:53:04 PM, error: Service Control Manager [7000] - The MCSTRM service failed to start due to the following error: The system cannot find the file specified.
    8/24/2010 3:53:04 PM, error: Service Control Manager [7000] - The Lavasoft Ad-Aware Service service failed to start due to the following error: The system cannot find the path specified.
    8/24/2010 3:53:04 PM, error: Service Control Manager [7000] - The IS360service service failed to start due to the following error: The system cannot find the path specified.
    8/24/2010 12:53:32 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Microsoft .NET Framework 3.5 SP1 and .NET Framework 2.0 SP2 Update for Windows Server 2003 and Windows XP x86 (KB982524).
    8/24/2010 12:53:27 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update to .NET Framework 3.5 Service Pack 1 for the .NET Framework Assistant 1.0 x86 (KB963707).

    ==== End Of File ===========================
  8. Broni

    Broni Malware Annihilator Posts: 45,208   +243

    Download MBRCheck to your desktop

    Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run as Administrator).
    It will show a black screen with some data on it.
    A report called MBRcheckxxxx.txt will be on your desktop
    Open this report and post its content in your next reply.

    ======================================================================

    Download OTL to your Desktop.

    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • Under the Custom Scan box paste this in:


    netsvcs
    drivers32 /all
    %SYSTEMDRIVE%\*.*
    %systemroot%\system32\Spool\prtprocs\w32x86\*.dll
    %systemroot%\system32\*.wt
    %systemroot%\system32\*.ruy
    %systemroot%\Fonts\*.com
    %systemroot%\Fonts\*.dll
    %systemroot%\system32\spool\prtprocs\w32x86\*.tmp
    %systemroot%\*. /mp /s
    /md5start
    /md5stop
    CREATERESTOREPOINT
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\user32.dll /md5
    %systemroot%\system32\ws2_32.dll /md5
    %systemroot%\system32\ws2help.dll /md5
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs


    • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
  9. ryukensfj

    ryukensfj Newcomer, in training Topic Starter Posts: 42

    MBRcheck

    MBRCheck, version 1.2.3
    (c) 2010, AD

    Command-line:
    Windows Version: Windows 7 Ultimate Edition
    Windows Information: (build 7600), 64-bit
    Base Board Manufacturer: Gigabyte Technology Co., Ltd.
    BIOS Manufacturer: Award Software International, Inc.
    System Manufacturer: Gigabyte Technology Co., Ltd.
    System Product Name: P55A-UD3
    Logical Drives Mask: 0x0000007c

    Kernel Drivers (total 177):
    0x03065000 \SystemRoot\system32\ntoskrnl.exe
    0x0301C000 \SystemRoot\system32\hal.dll
    0x00BBC000 \SystemRoot\system32\kdcom.dll
    0x00C81000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
    0x00CC5000 \SystemRoot\system32\PSHED.dll
    0x00CD9000 \SystemRoot\system32\CLFS.SYS
    0x00D37000 \SystemRoot\system32\CI.dll
    0x00EFF000 \SystemRoot\system32\drivers\Wdf01000.sys
    0x00FA3000 \SystemRoot\system32\drivers\WDFLDR.SYS
    0x01058000 \SystemRoot\System32\Drivers\spxx.sys
    0x0118C000 \SystemRoot\System32\Drivers\WMILIB.SYS
    0x01195000 \SystemRoot\System32\Drivers\SCSIPORT.SYS
    0x01000000 \SystemRoot\system32\DRIVERS\ACPI.sys
    0x011C4000 \SystemRoot\system32\DRIVERS\msisadrv.sys
    0x011CE000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
    0x00FB2000 \SystemRoot\system32\DRIVERS\pci.sys
    0x011DB000 \SystemRoot\System32\drivers\partmgr.sys
    0x00FE5000 \SystemRoot\system32\DRIVERS\volmgr.sys
    0x00E00000 \SystemRoot\System32\drivers\volmgrx.sys
    0x011F0000 \SystemRoot\system32\DRIVERS\pciide.sys
    0x00E5C000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
    0x00E6C000 \SystemRoot\system32\DRIVERS\mv91cons.sys
    0x00E76000 \SystemRoot\System32\drivers\mountmgr.sys
    0x011F7000 \SystemRoot\system32\DRIVERS\atapi.sys
    0x00E90000 \SystemRoot\system32\DRIVERS\ataport.SYS
    0x00EBA000 \SystemRoot\system32\DRIVERS\amdxata.sys
    0x00C00000 \SystemRoot\system32\drivers\fltmgr.sys
    0x00EC5000 \SystemRoot\system32\drivers\fileinfo.sys
    0x01259000 \SystemRoot\System32\Drivers\Ntfs.sys
    0x0146E000 \SystemRoot\System32\Drivers\msrpc.sys
    0x014CC000 \SystemRoot\System32\Drivers\ksecdd.sys
    0x014E6000 \SystemRoot\System32\Drivers\cng.sys
    0x01559000 \SystemRoot\System32\drivers\pcw.sys
    0x0156A000 \SystemRoot\System32\Drivers\Fs_Rec.sys
    0x0166A000 \SystemRoot\system32\drivers\ndis.sys
    0x0175C000 \SystemRoot\system32\drivers\NETIO.SYS
    0x017BC000 \SystemRoot\System32\Drivers\ksecpkg.sys
    0x01803000 \SystemRoot\System32\drivers\tcpip.sys
    0x01600000 \SystemRoot\System32\drivers\fwpkclnt.sys
    0x0164A000 \SystemRoot\system32\DRIVERS\scmndisp.sys
    0x01654000 \SystemRoot\system32\DRIVERS\vmstorfl.sys
    0x01574000 \SystemRoot\system32\DRIVERS\volsnap.sys
    0x017E7000 \SystemRoot\System32\Drivers\spldr.sys
    0x017EF000 \SystemRoot\SysWOW64\speedfan.sys
    0x015C0000 \SystemRoot\System32\drivers\rdyboost.sys
    0x01400000 \SystemRoot\System32\Drivers\mup.sys
    0x01412000 \SystemRoot\system32\DRIVERS\klbg.sys
    0x017F6000 \SystemRoot\System32\drivers\hwpolicy.sys
    0x01420000 \SystemRoot\System32\DRIVERS\fvevol.sys
    0x01200000 \SystemRoot\system32\DRIVERS\disk.sys
    0x01216000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
    0x00C4C000 \SystemRoot\system32\DRIVERS\cdrom.sys
    0x02CBD000 \SystemRoot\system32\DRIVERS\klif.sys
    0x02D1A000 \SystemRoot\System32\Drivers\Null.SYS
    0x02D23000 \SystemRoot\System32\Drivers\Beep.SYS
    0x02D2A000 \SystemRoot\System32\drivers\vga.sys
    0x02D38000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
    0x02D5D000 \SystemRoot\System32\drivers\watchdog.sys
    0x02D6D000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
    0x02D76000 \SystemRoot\system32\drivers\rdpencdd.sys
    0x02D7F000 \SystemRoot\system32\drivers\rdprefmp.sys
    0x02D88000 \SystemRoot\System32\Drivers\Msfs.SYS
    0x02D93000 \SystemRoot\System32\Drivers\Npfs.SYS
    0x02DA4000 \SystemRoot\system32\DRIVERS\tdx.sys
    0x02DC2000 \SystemRoot\system32\DRIVERS\TDI.SYS
    0x040AA000 \SystemRoot\system32\DRIVERS\kl1.sys
    0x04000000 \SystemRoot\system32\drivers\afd.sys
    0x02C00000 \SystemRoot\System32\DRIVERS\netbt.sys
    0x0408A000 \SystemRoot\system32\DRIVERS\wfplwf.sys
    0x045D3000 \SystemRoot\system32\DRIVERS\pacer.sys
    0x04093000 \SystemRoot\system32\DRIVERS\klim6.sys
    0x02C45000 \SystemRoot\system32\DRIVERS\vpcnfltr.sys
    0x02C59000 \SystemRoot\system32\DRIVERS\vwififlt.sys
    0x02C6F000 \SystemRoot\system32\DRIVERS\netbios.sys
    0x02C7E000 \SystemRoot\system32\DRIVERS\serial.sys
    0x02C9B000 \SystemRoot\system32\DRIVERS\wanarp.sys
    0x0485A000 \SystemRoot\system32\drivers\vpcvmm.sys
    0x048B1000 \SystemRoot\system32\DRIVERS\termdd.sys
    0x048C5000 \SystemRoot\system32\DRIVERS\rdbss.sys
    0x04916000 \SystemRoot\system32\drivers\nsiproxy.sys
    0x04922000 \SystemRoot\system32\DRIVERS\mssmbios.sys
    0x0492D000 \SystemRoot\System32\drivers\discache.sys
    0x0493C000 \SystemRoot\system32\drivers\csc.sys
    0x049BF000 \SystemRoot\System32\Drivers\dfsc.sys
    0x049DD000 \SystemRoot\system32\DRIVERS\blbdrive.sys
    0x04800000 \SystemRoot\system32\DRIVERS\tunnel.sys
    0x04826000 \SystemRoot\system32\DRIVERS\intelppm.sys
    0x0FE1B000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
    0x10AAD000 \SystemRoot\system32\DRIVERS\nvBridge.kmd
    0x10AAF000 \SystemRoot\System32\drivers\dxgkrnl.sys
    0x10BA3000 \SystemRoot\System32\drivers\dxgmms1.sys
    0x10BE9000 \SystemRoot\system32\DRIVERS\usbuhci.sys
    0x04A4C000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
    0x04AA2000 \SystemRoot\system32\DRIVERS\usbehci.sys
    0x04AB3000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
    0x04AD7000 \SystemRoot\system32\DRIVERS\Rt64win7.sys
    0x04B16000 \SystemRoot\system32\DRIVERS\nusb3xhc.sys
    0x04B46000 \SystemRoot\system32\DRIVERS\USBD.SYS
    0x04B48000 \SystemRoot\system32\DRIVERS\fdc.sys
    0x04B55000 \SystemRoot\system32\DRIVERS\serenum.sys
    0x04B61000 \SystemRoot\system32\DRIVERS\parport.sys
    0x04B7E000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
    0x04B8B000 \SystemRoot\System32\Drivers\ayy8fygu.SYS
    0x04BCD000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
    0x04BDD000 \SystemRoot\system32\DRIVERS\vncmirror.sys
    0x04BE4000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
    0x04A00000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
    0x04A24000 \SystemRoot\system32\DRIVERS\ndistapi.sys
    0x02DCF000 \SystemRoot\system32\DRIVERS\ndiswan.sys
    0x04A30000 \SystemRoot\system32\DRIVERS\raspppoe.sys
    0x04E87000 \SystemRoot\system32\DRIVERS\raspptp.sys
    0x04EA8000 \SystemRoot\system32\DRIVERS\rassstp.sys
    0x04EC2000 \SystemRoot\system32\DRIVERS\tap0901.sys
    0x04ECF000 \SystemRoot\System32\Drivers\pcouffin.sys
    0x04EE4000 \SystemRoot\system32\DRIVERS\rdpbus.sys
    0x04EEF000 \SystemRoot\system32\DRIVERS\kbdclass.sys
    0x04EFE000 \SystemRoot\system32\DRIVERS\mouclass.sys
    0x04F6F000 \SystemRoot\system32\DRIVERS\swenum.sys
    0x04F71000 \SystemRoot\system32\DRIVERS\ks.sys
    0x04FB4000 \SystemRoot\system32\drivers\LGBusEnum.sys
    0x04FB8000 \SystemRoot\system32\drivers\WmBEnum.sys
    0x04FBD000 \SystemRoot\system32\drivers\WmXlCore.sys
    0x04FCF000 \SystemRoot\system32\DRIVERS\umbus.sys
    0x04FE1000 \SystemRoot\system32\DRIVERS\vpcusb.sys
    0x04E00000 \SystemRoot\system32\DRIVERS\usbrpm.sys
    0x04E0F000 \SystemRoot\system32\DRIVERS\vpchbus.sys
    0x04F0D000 \SystemRoot\system32\DRIVERS\usbhub.sys
    0x04E4B000 \SystemRoot\system32\DRIVERS\nusb3hub.sys
    0x04E61000 \SystemRoot\System32\Drivers\NDProxy.SYS
    0x0640A000 \SystemRoot\system32\drivers\RTKVHD64.sys
    0x066E9000 \SystemRoot\system32\drivers\portcls.sys
    0x06726000 \SystemRoot\system32\drivers\drmk.sys
    0x06748000 \SystemRoot\system32\drivers\ksthunk.sys
    0x0674E000 \SystemRoot\System32\Drivers\LUsbFilt.Sys
    0x0675E000 \SystemRoot\system32\DRIVERS\hidusb.sys
    0x0676C000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
    0x06785000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
    0x0678E000 \SystemRoot\system32\DRIVERS\LHidFilt.Sys
    0x067A1000 \SystemRoot\system32\DRIVERS\mouhid.sys
    0x067AE000 \SystemRoot\system32\DRIVERS\LMouFilt.Sys
    0x067C2000 \SystemRoot\system32\DRIVERS\klmouflt.sys
    0x067CC000 \SystemRoot\system32\DRIVERS\usbccgp.sys
    0x00090000 \SystemRoot\System32\win32k.sys
    0x0236F000 \SystemRoot\System32\drivers\Dxapi.sys
    0x0237B000 \SystemRoot\system32\DRIVERS\kbdhid.sys
    0x02389000 \SystemRoot\System32\Drivers\crashdmp.sys
    0x02397000 \SystemRoot\System32\Drivers\dump_dumpata.sys
    0x023A3000 \SystemRoot\System32\Drivers\dump_atapi.sys
    0x023AC000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
    0x023BF000 \SystemRoot\system32\DRIVERS\monitor.sys
    0x00500000 \SystemRoot\System32\TSDDD.dll
    0x00790000 \SystemRoot\System32\cdd.dll
    0x023CD000 \SystemRoot\system32\drivers\luafv.sys
    0x0219B000 \SystemRoot\system32\drivers\WudfPf.sys
    0x021BC000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
    0x01E00000 \SystemRoot\system32\DRIVERS\lltdio.sys
    0x06600000 \SystemRoot\system32\DRIVERS\nwifi.sys
    0x01E15000 \SystemRoot\system32\DRIVERS\ndisuio.sys
    0x06653000 \SystemRoot\system32\DRIVERS\rspndr.sys
    0x098B0000 \SystemRoot\system32\drivers\HTTP.sys
    0x09978000 \SystemRoot\system32\DRIVERS\bowser.sys
    0x09996000 \SystemRoot\System32\drivers\mpsdrv.sys
    0x099AE000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
    0x09800000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
    0x0984E000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
    0x09C72000 \SystemRoot\system32\drivers\peauth.sys
    0x09D18000 \SystemRoot\System32\Drivers\secdrv.SYS
    0x09D23000 \SystemRoot\System32\DRIVERS\srvnet.sys
    0x09D50000 \SystemRoot\System32\drivers\tcpipreg.sys
    0x09D62000 \SystemRoot\System32\DRIVERS\srv2.sys
    0x0A034000 \SystemRoot\System32\DRIVERS\srv.sys
    0x0A13D000 \SystemRoot\system32\drivers\WmVirHid.sys
    0x0A140000 \SystemRoot\system32\drivers\LGVirHid.sys
    0x0A143000 \??\C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys
    0x77AB0000 \Windows\System32\ntdll.dll
    0x475B0000 \Windows\System32\smss.exe
    0xFFDD0000 \Windows\System32\apisetschema.dll

    Processes (total 69):
    0 System Idle Process
    4 System
    400 C:\Windows\System32\smss.exe
    572 csrss.exe
    644 C:\Windows\System32\wininit.exe
    664 csrss.exe
    712 C:\Windows\System32\services.exe
    744 C:\Windows\System32\winlogon.exe
    780 C:\Windows\System32\lsass.exe
    788 C:\Windows\System32\lsm.exe
    908 C:\Windows\System32\svchost.exe
    980 C:\Windows\System32\nvvsvc.exe
    144 C:\Windows\System32\svchost.exe
    540 C:\Windows\System32\svchost.exe
    860 C:\Windows\System32\svchost.exe
    1060 C:\Windows\System32\svchost.exe
    1216 C:\Windows\System32\svchost.exe
    1316 C:\Windows\System32\nvvsvc.exe
    1356 WUDFHost.exe
    1436 WUDFHost.exe
    1504 C:\Windows\System32\svchost.exe
    1648 C:\Windows\System32\spoolsv.exe
    1684 C:\Windows\System32\svchost.exe
    1772 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    1832 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
    1876 C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    1932 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
    1968 C:\Windows\System32\svchost.exe
    2012 C:\Program Files (x86)\Marvell\raid\Apache2\bin\httpd.exe
    1352 C:\Windows\SysWOW64\PnkBstrA.exe
    1304 C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    2068 C:\Windows\System32\svchost.exe
    2104 C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
    2144 C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe
    2652 C:\Windows\System32\taskhost.exe
    2768 C:\Windows\System32\dwm.exe
    2800 C:\Windows\explorer.exe
    2904 C:\Program Files (x86)\Marvell\raid\Apache2\bin\httpd.exe
    1244 C:\Program Files (x86)\Marvell\raid\svc\mvraidsvc.exe
    2584 C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
    756 C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
    1656 C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
    2764 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    3148 C:\Program Files\Logitech\Gaming Software\LWEMon.exe
    3464 C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe
    3524 C:\Program Files\Logitech\GamePanel Software\Applets\LCDRSS.exe
    3540 E:\my download files\G15SpeedFan-1.1.0\G15SpeedFan.exe
    3616 C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
    4008 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
    4028 C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
    4056 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    3344 C:\Program Files\Logitech\SetPoint\SetPoint.exe
    3368 C:\Program Files (x86)\SpeedFan\speedfan.exe
    3968 C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
    3244 C:\Program Files\Common Files\logishrd\KHAL2\KHALMNPR.exe
    3248 WmiPrvSE.exe
    4140 taskhost.exe
    4564 C:\Windows\System32\svchost.exe
    4888 C:\Windows\System32\SearchIndexer.exe
    4612 C:\Windows\System32\svchost.exe
    4472 C:\Program Files\Windows Media Player\wmpnetwk.exe
    1176 C:\Program Files (x86)\AIM\aim.exe
    5044 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    5280 C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    2164 C:\Windows\System32\SearchProtocolHost.exe
    5252 C:\Windows\System32\SearchFilterHost.exe
    3972 C:\Users\Jonathan Wu\Desktop\MBRCheck.exe
    3772 C:\Windows\System32\conhost.exe
    3192 C:\Windows\System32\dllhost.exe

    \\.\C: --> \\.\PhysicalDrive0 at offset 0x0000001d`4c130200 (NTFS)
    \\.\D: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
    \\.\E: --> \\.\PhysicalDrive1 at offset 0x00000000`007e0000 (NTFS)

    PhysicalDrive0 Model Number: WDCWD2500KS-00MJB0, Rev: 02.01C03
    PhysicalDrive1 Model Number: ST31000340AS, Rev: SD15

    Size Device Name MBR Status
    --------------------------------------------
    232 GB \\.\PhysicalDrive0 Windows 2008 MBR code detected
    SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979
    931 GB \\.\PhysicalDrive1 Windows XP MBR code detected
    SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A


    Done!
  10. ryukensfj

    ryukensfj Newcomer, in training Topic Starter Posts: 42

    OTL.txt

    OTL logfile created on: 9/2/2010 1:40:08 PM - Run 1
    OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\Jonathan Wu\Desktop
    64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    8.00 Gb Total Physical Memory | 6.00 Gb Available Physical Memory | 74.00% Memory free
    16.00 Gb Paging File | 14.00 Gb Available in Paging File | 87.00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 115.69 Gb Total Space | 29.50 Gb Free Space | 25.50% Space Free | Partition Type: NTFS
    Drive D: | 117.19 Gb Total Space | 72.72 Gb Free Space | 62.05% Space Free | Partition Type: NTFS
    Drive E: | 931.50 Gb Total Space | 222.15 Gb Free Space | 23.85% Space Free | Partition Type: NTFS
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: WIN7_I7
    Current User Name: Jonathan Wu
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: Current user
    Include 64bit Scans
    Company Name Whitelist: On
    Skip Microsoft Files: On
    File Age = 90 Days
    Output = Standard
    Quick Scan

    ========== Processes (SafeList) ==========

    PRC - [2010/09/02 13:38:14 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Jonathan Wu\Desktop\OTL.exe
    PRC - [2010/08/18 12:24:32 | 000,340,520 | ---- | M] (Kaspersky Lab) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
    PRC - [2010/07/22 19:07:03 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    PRC - [2010/07/22 19:06:53 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    PRC - [2010/06/24 07:41:38 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
    PRC - [2010/06/01 10:17:48 | 005,252,408 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
    PRC - [2010/04/11 18:22:23 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
    PRC - [2010/03/19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    PRC - [2010/03/07 19:50:00 | 000,235,560 | ---- | M] () -- C:\Program Files (x86)\Marvell\raid\svc\mvraidsvc.exe
    PRC - [2009/12/01 10:38:47 | 003,951,976 | ---- | M] (AOL LLC) -- C:\Program Files (x86)\AIM\aim.exe
    PRC - [2009/11/25 06:24:14 | 004,009,592 | ---- | M] (Almico Software (www.almico.com)) -- C:\Program Files (x86)\SpeedFan\speedfan.exe
    PRC - [2009/11/17 21:01:30 | 000,194,224 | ---- | M] (Binary Fortress Software) -- E:\my download files\G15SpeedFan-1.1.0\G15SpeedFan.exe
    PRC - [2009/11/04 15:31:02 | 000,278,528 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe
    PRC - [2009/09/25 07:59:18 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
    PRC - [2009/07/20 04:00:00 | 000,077,824 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
    PRC - [2008/06/12 13:05:04 | 000,024,635 | ---- | M] (Apache Software Foundation) -- C:\Program Files (x86)\Marvell\raid\Apache2\bin\httpd.exe
    PRC - [2007/05/28 09:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe


    ========== Modules (SafeList) ==========

    MOD - [2010/09/02 13:38:14 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Jonathan Wu\Desktop\OTL.exe
    MOD - [2009/07/20 04:00:00 | 000,038,912 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\x86\lgscroll.dll
    MOD - [2009/07/13 18:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
    MOD - [2009/07/13 18:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
    MOD - [2009/06/10 14:23:11 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcr80.dll


    ========== Win32 Services (SafeList) ==========

    SRV:64bit: - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA)
    SRV:64bit: - [2009/07/20 12:36:14 | 000,160,784 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
    SRV:64bit: - [2009/07/13 18:41:56 | 000,195,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService)
    SRV:64bit: - [2009/07/13 18:41:53 | 001,361,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PeerDistSvc.dll -- (PeerDistSvc)
    SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV:64bit: - [2009/07/13 18:40:24 | 000,689,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cscsvc.dll -- (CscService)
    SRV:64bit: - [2009/07/13 18:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
    SRV:64bit: - [2008/06/12 11:48:26 | 002,609,016 | ---- | M] (RealVNC Ltd.) [On_Demand | Stopped] -- C:\Program Files\RealVNC\VNC4\WinVNC4.exe -- (WinVNC4)
    SRV - [2010/08/18 12:24:32 | 000,340,520 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -- (AVP)
    SRV - [2010/06/24 07:41:38 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
    SRV - [2010/04/11 18:22:23 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
    SRV - [2010/03/19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
    SRV - [2010/03/18 14:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
    SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2010/03/07 19:50:00 | 000,235,560 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Marvell\raid\svc\mvraidsvc.exe -- (Marvell RAID)
    SRV - [2009/12/11 16:47:44 | 000,036,352 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe -- (OpenVPNService)
    SRV - [2009/11/04 15:31:02 | 000,278,528 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe -- (WSWNDA3100)
    SRV - [2009/06/30 10:28:28 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
    SRV - [2008/06/12 13:05:04 | 000,024,635 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Program Files (x86)\Marvell\raid\Apache2\bin\httpd.exe -- (MRUWebService)
    SRV - [2007/05/28 09:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
    SRV - [2007/01/11 04:02:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)
    SRV - [2005/11/14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\mrv64drv.sys -- (Mrvleap)
    DRV:64bit: - File not found [File_System | Boot | Stopped] -- C:\Windows\SysNative\DRIVERS\Lbd.sys -- (Lbd)
    DRV:64bit: - [2010/06/07 17:10:33 | 000,716,800 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
    DRV:64bit: - [2010/05/31 06:08:36 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
    DRV:64bit: - [2010/01/15 21:08:12 | 000,353,296 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
    DRV:64bit: - [2010/01/15 20:53:53 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
    DRV:64bit: - [2010/01/15 20:04:56 | 000,871,408 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
    DRV:64bit: - [2009/11/23 17:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
    DRV:64bit: - [2009/11/23 17:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
    DRV:64bit: - [2009/11/06 08:40:26 | 000,838,136 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmwlhigh664.sys -- (BCMH43XX)
    DRV:64bit: - [2009/10/26 23:37:14 | 000,022,568 | ---- | M] (Marvell Semiconductor Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv91cons.sys -- (mv91cons)
    DRV:64bit: - [2009/10/20 10:19:54 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
    DRV:64bit: - [2009/10/16 02:33:06 | 000,050,176 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
    DRV:64bit: - [2009/10/14 21:18:38 | 000,040,464 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\klbg.sys -- (KLBG)
    DRV:64bit: - [2009/10/02 19:39:32 | 000,021,008 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
    DRV:64bit: - [2009/09/25 07:58:32 | 000,178,688 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
    DRV:64bit: - [2009/09/25 07:58:24 | 000,073,728 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
    DRV:64bit: - [2009/09/22 18:46:18 | 000,066,304 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
    DRV:64bit: - [2009/09/22 18:46:17 | 000,359,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
    DRV:64bit: - [2009/09/22 18:32:39 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
    DRV:64bit: - [2009/09/22 18:32:33 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
    DRV:64bit: - [2009/09/14 14:46:42 | 000,027,152 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
    DRV:64bit: - [2009/09/11 12:49:18 | 000,076,552 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
    DRV:64bit: - [2009/09/11 12:49:08 | 000,015,880 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
    DRV:64bit: - [2009/09/11 12:48:58 | 000,036,872 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmHidLo.sys -- (WmHidLo)
    DRV:64bit: - [2009/09/11 12:48:46 | 000,041,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
    DRV:64bit: - [2009/09/11 12:48:36 | 000,026,248 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
    DRV:64bit: - [2009/09/01 15:29:56 | 000,157,712 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
    DRV:64bit: - [2009/08/20 09:05:06 | 000,239,616 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
    DRV:64bit: - [2009/07/13 18:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2009/07/13 18:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/13 18:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2009/07/13 18:45:55 | 000,200,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbus.sys -- (vmbus)
    DRV:64bit: - [2009/07/13 18:45:55 | 000,046,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmstorfl.sys -- (storflt)
    DRV:64bit: - [2009/07/13 18:45:55 | 000,034,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsc.sys -- (storvsc)
    DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/07/13 16:42:58 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vms3cap.sys -- (s3cap)
    DRV:64bit: - [2009/07/13 16:42:44 | 000,021,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMBusHID.sys -- (VMBusHID)
    DRV:64bit: - [2009/07/13 16:24:27 | 000,514,048 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\csc.sys -- (CSC)
    DRV:64bit: - [2009/06/19 19:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
    DRV:64bit: - [2009/06/17 09:54:46 | 000,040,976 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
    DRV:64bit: - [2009/06/17 09:54:30 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
    DRV:64bit: - [2009/06/17 09:54:22 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
    DRV:64bit: - [2009/06/10 13:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
    DRV:64bit: - [2009/06/10 13:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
    DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
    DRV:64bit: - [2008/09/24 15:03:22 | 000,092,160 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ser2pl64.sys -- (Ser2pl)
    DRV:64bit: - [2008/06/12 09:46:42 | 000,004,608 | ---- | M] (RealVNC Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vncmirror.sys -- (vncmirror)
    DRV:64bit: - [2007/10/28 20:22:32 | 000,340,480 | ---- | M] (Marvell Semiconductor, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WN111x.sys -- (MRV6X64U) Marvell TOPDOG 802.11n WLAN Driver for Vista x64 (USB8x)
    DRV:64bit: - [2007/05/14 16:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
    DRV:64bit: - [2007/05/11 17:31:02 | 003,612,704 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64) Logitech QuickCam Pro 5000(UVC)
    DRV:64bit: - [2007/05/11 17:30:50 | 000,050,208 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64)
    DRV:64bit: - [2007/05/11 17:29:08 | 001,361,952 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvpopf64.sys -- (lvpopf64)
    DRV:64bit: - [2007/01/19 18:24:24 | 000,025,312 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SCMNdisP.sys -- (SCMNdisP)
    DRV:64bit: - [2006/11/03 17:04:24 | 000,659,488 | ---- | M] (Atheros Communications, Inc. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\N5SG.sys -- (N5SG)
  11. ryukensfj

    ryukensfj Newcomer, in training Topic Starter Posts: 42

    OTL.txt continued

    DRV - [2010/02/27 23:21:22 | 000,019,952 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys -- (RivaTuner64)
    DRV - [2007/09/11 03:23:46 | 000,018,944 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\mrv64drv.sys -- (Mrvleap)
    DRV - [2007/02/07 11:27:46 | 000,014,104 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 61 29 C7 F1 4D 4A CB 01 [binary data]
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.startup.homepage: "http://nissan.promo.eprize.com/nismo/"
    FF - prefs.js..extensions.enabledItems: support@lastpass.com:1.69.1
    FF - prefs.js..network.proxy.type: 0

    FF - HKLM\software\mozilla\Firefox\Extensions\\citius@orbiscom: C:\Program Files (x86)\Virtual Account Numbers [2010/02/04 20:46:20 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/08/30 18:59:35 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/08/30 18:59:10 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [2010/08/13 12:01:30 | 000,000,000 | ---D | M]

    [2010/01/15 21:46:15 | 000,000,000 | ---D | M] -- C:\Users\Jonathan Wu\AppData\Roaming\Mozilla\Extensions
    [2010/01/15 21:46:15 | 000,000,000 | ---D | M] -- C:\Users\Jonathan Wu\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
    [2010/01/15 20:09:14 | 000,000,000 | ---D | M] -- C:\Users\Jonathan Wu\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
    [2010/09/01 19:59:54 | 000,000,000 | ---D | M] -- C:\Users\Jonathan Wu\AppData\Roaming\Mozilla\Firefox\Profiles\cu5ng713.default\extensions
    [2010/04/04 19:37:31 | 000,000,000 | ---D | M] (User Agent Switcher) -- C:\Users\Jonathan Wu\AppData\Roaming\Mozilla\Firefox\Profiles\cu5ng713.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}
    [2010/04/04 22:12:04 | 000,000,000 | ---D | M] -- C:\Users\Jonathan Wu\AppData\Roaming\Mozilla\Firefox\Profiles\cu5ng713.default\extensions\SkipScreen@SkipScreen
    [2010/08/30 23:07:46 | 000,000,000 | ---D | M] -- C:\Users\Jonathan Wu\AppData\Roaming\Mozilla\Firefox\Profiles\cu5ng713.default\extensions\support@lastpass.com
    [2010/08/30 18:59:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions

    O1 HOSTS File: ([2010/08/30 19:20:29 | 000,416,980 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 www.007guard.com
    O1 - Hosts: 127.0.0.1 007guard.com
    O1 - Hosts: 127.0.0.1 008i.com
    O1 - Hosts: 127.0.0.1 www.008k.com
    O1 - Hosts: 127.0.0.1 008k.com
    O1 - Hosts: 127.0.0.1 www.00hq.com
    O1 - Hosts: 127.0.0.1 00hq.com
    O1 - Hosts: 127.0.0.1 010402.com
    O1 - Hosts: 127.0.0.1 www.032439.com
    O1 - Hosts: 127.0.0.1 032439.com
    O1 - Hosts: 127.0.0.1 www.0scan.com
    O1 - Hosts: 127.0.0.1 0scan.com
    O1 - Hosts: 127.0.0.1 1000gratisproben.com
    O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
    O1 - Hosts: 127.0.0.1 1001namen.com
    O1 - Hosts: 127.0.0.1 www.1001namen.com
    O1 - Hosts: 127.0.0.1 100888290cs.com
    O1 - Hosts: 127.0.0.1 www.100888290cs.com
    O1 - Hosts: 127.0.0.1 www.100sexlinks.com
    O1 - Hosts: 127.0.0.1 100sexlinks.com
    O1 - Hosts: 127.0.0.1 10sek.com
    O1 - Hosts: 127.0.0.1 www.10sek.com
    O1 - Hosts: 127.0.0.1 www.1-2005-search.com
    O1 - Hosts: 127.0.0.1 1-2005-search.com
    O1 - Hosts: 127.0.0.1 123fporn.info
    O1 - Hosts: 14389 more lines...
    O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\ievkbd.dll (Kaspersky Lab)
    O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll (Kaspersky Lab)
    O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
    O2 - BHO: (Virtual Account Numbers Helper) - {17424104-1444-4810-85D7-B4DA413C5A9A} - C:\Program Files (x86)\Virtual Account Numbers\CitiVANHelper.dll (Orbiscom Ltd. All rights reserved.)
    O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll (Kaspersky Lab)
    O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
    O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O3 - HKLM\..\Toolbar: (Virtual Account Numbers) - {7A21A046-B886-4A62-9D69-EF2059B0A27B} - C:\Program Files (x86)\Virtual Account Numbers\CitiVANToolbar.dll (Orbiscom Ltd. All rights reserved.)
    O3 - HKLM\..\Toolbar: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
    O4:64bit: - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
    O4:64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
    O4:64bit: - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
    O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
    O4:64bit: - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab)
    O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
    O4 - HKCU..\Run: [Aim] C:\Program Files (x86)\AIM\aim.exe (AOL LLC)
    O4 - HKCU..\Run: [EPSON Stylus CX8400 Series] C:\Windows\SysWow64\spool\DRIVERS\x64\3\E_IATICEA.EXE File not found
    O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
    O4 - Startup: C:\Users\Jonathan Wu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RivaTuner.lnk = C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTunerWrapper.exe ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O8:64bit: - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm ()
    O8:64bit: - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8:64bit: - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8:64bit: - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8:64bit: - Extra context menu item: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8:64bit: - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8:64bit: - Extra context menu item: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8:64bit: - Extra context menu item: Convert to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm ()
    O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Convert to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O9:64bit: - Extra Button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll (Kaspersky Lab)
    O9:64bit: - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll (Kaspersky Lab)
    O9 - Extra Button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
    O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O13 - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O15 - HKCU\..Trusted Ranges: Range1 ([http] in Trusted sites)
    O15 - HKCU\..Trusted Ranges: Range1 ([https] in Trusted sites)
    O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab (Reg Error: Key error.)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
    O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 10.61.32.1 1.1.1.1
    O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\sbhook64.dll (Kaspersky Lab)
    O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\kloehk.dll (Kaspersky Lab)
    O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll (Kaspersky Lab)
    O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll acaptuser32.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll acaptuser32.dll File not found
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20:64bit: - Winlogon\Notify\klogon: DllName - Reg Error: Key error. - C:\Windows\SysNative\klogon.dll (Kaspersky Lab)
    O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Program Files\Common Files\logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2010/01/20 14:27:21 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
    O33 - MountPoints2\{3de56e3a-3093-11df-ab03-6cf04902f6e9}\Shell - "" = AutoRun
    O33 - MountPoints2\{3de56e3a-3093-11df-ab03-6cf04902f6e9}\Shell\AutoRun\command - "" = H:\HPLauncher.exe -- File not found
    O33 - MountPoints2\H\Shell - "" = AutoRun
    O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\StartClickFreeBackup.exe -- File not found
    O33 - MountPoints2\I\Shell - "" = AutoRun
    O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\StartClickFreeBackup.exe -- File not found
    O33 - MountPoints2\J\Shell - "" = AutoRun
    O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\StartClickFreeBackup.exe -- File not found
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
  12. ryukensfj

    ryukensfj Newcomer, in training Topic Starter Posts: 42

    OTL.txt continued

    NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

    Drivers32:64bit: aux - wdmaud.drv (Microsoft Corporation)
    Drivers32:64bit: aux1 - wdmaud.drv (Microsoft Corporation)
    Drivers32:64bit: aux2 - wdmaud.drv (Microsoft Corporation)
    Drivers32:64bit: aux3 - wdmaud.drv (Microsoft Corporation)
    Drivers32:64bit: aux4 - wdmaud.drv (Microsoft Corporation)
    Drivers32:64bit: midi - wdmaud.drv (Microsoft Corporation)
    Drivers32:64bit: midi1 - wdmaud.drv (Microsoft Corporation)
    Drivers32:64bit: midi2 - wdmaud.drv (Microsoft Corporation)
    Drivers32:64bit: midi3 - wdmaud.drv (Microsoft Corporation)
    Drivers32:64bit: midi4 - wdmaud.drv (Microsoft Corporation)
    Drivers32:64bit: midimapper - midimap.dll (Microsoft Corporation)
    Drivers32:64bit: mixer - wdmaud.drv (Microsoft Corporation)
    Drivers32:64bit: mixer1 - wdmaud.drv (Microsoft Corporation)
    Drivers32:64bit: mixer2 - wdmaud.drv (Microsoft Corporation)
    Drivers32:64bit: mixer3 - wdmaud.drv (Microsoft Corporation)
    Drivers32:64bit: mixer4 - wdmaud.drv (Microsoft Corporation)
    Drivers32:64bit: msacm.imaadpcm - imaadp32.acm (Microsoft Corporation)
    Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32:64bit: msacm.msadpcm - msadp32.acm (Microsoft Corporation)
    Drivers32:64bit: msacm.msg711 - msg711.acm (Microsoft Corporation)
    Drivers32:64bit: msacm.msgsm610 - msgsm32.acm (Microsoft Corporation)
    Drivers32:64bit: MSVideo - vfwwdm32.dll (Microsoft Corporation)
    Drivers32:64bit: MSVideo8 - VfWWDM32.dll (Microsoft Corporation)
    Drivers32:64bit: vidc.i420 - lvcod64.dll (Logitech Inc.)
    Drivers32:64bit: VIDC.IYUV - iyuv_32.dll (Microsoft Corporation)
    Drivers32:64bit: vidc.mrle - msrle32.dll (Microsoft Corporation)
    Drivers32:64bit: vidc.msvc - msvidc32.dll (Microsoft Corporation)
    Drivers32:64bit: VIDC.UYVY - msyuv.dll (Microsoft Corporation)
    Drivers32:64bit: VIDC.YUY2 - msyuv.dll (Microsoft Corporation)
    Drivers32:64bit: VIDC.YVU9 - tsbyuv.dll (Microsoft Corporation)
    Drivers32:64bit: VIDC.YVYU - msyuv.dll (Microsoft Corporation)
    Drivers32:64bit: wave - wdmaud.drv (Microsoft Corporation)
    Drivers32:64bit: wave1 - wdmaud.drv (Microsoft Corporation)
    Drivers32:64bit: wave2 - wdmaud.drv (Microsoft Corporation)
    Drivers32:64bit: wave3 - wdmaud.drv (Microsoft Corporation)
    Drivers32:64bit: wave4 - wdmaud.drv (Microsoft Corporation)
    Drivers32:64bit: wavemapper - msacm32.drv (Microsoft Corporation)
    Drivers32: aux - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
    Drivers32: aux1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
    Drivers32: aux2 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
    Drivers32: aux3 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
    Drivers32: aux4 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
    Drivers32: midi - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
    Drivers32: midi1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
    Drivers32: midi2 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
    Drivers32: midi3 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
    Drivers32: midi4 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
    Drivers32: midimapper - C:\Windows\SysWow64\midimap.dll (Microsoft Corporation)
    Drivers32: mixer - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
    Drivers32: mixer1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
    Drivers32: mixer2 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
    Drivers32: mixer3 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
    Drivers32: mixer4 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
    Drivers32: msacm.imaadpcm - C:\Windows\SysWow64\imaadp32.acm (Microsoft Corporation)
    Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.msadpcm - C:\Windows\SysWow64\msadp32.acm (Microsoft Corporation)
    Drivers32: msacm.msg711 - C:\Windows\SysWow64\msg711.acm (Microsoft Corporation)
    Drivers32: msacm.msgsm610 - C:\Windows\SysWow64\msgsm32.acm (Microsoft Corporation)
    Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
    Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
    Drivers32: vidc.i420 - C:\Windows\SysWow64\lvcodec2.dll (Logitech Inc.)
    Drivers32: vidc.iyuv - C:\Windows\SysWow64\iyuv_32.dll (Microsoft Corporation)
    Drivers32: vidc.mrle - C:\Windows\SysWow64\msrle32.dll (Microsoft Corporation)
    Drivers32: vidc.msvc - C:\Windows\SysWow64\msvidc32.dll (Microsoft Corporation)
    Drivers32: vidc.uyvy - C:\Windows\SysWow64\msyuv.dll (Microsoft Corporation)
    Drivers32: vidc.yuy2 - C:\Windows\SysWow64\msyuv.dll (Microsoft Corporation)
    Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
    Drivers32: vidc.yvu9 - C:\Windows\SysWow64\tsbyuv.dll (Microsoft Corporation)
    Drivers32: vidc.yvyu - C:\Windows\SysWow64\msyuv.dll (Microsoft Corporation)
    Drivers32: wave - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
    Drivers32: wave1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
    Drivers32: wave2 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
    Drivers32: wave3 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
    Drivers32: wave4 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
    Drivers32: wavemapper - C:\Windows\SysWow64\msacm32.drv (Microsoft Corporation)

    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point

    ========== Files/Folders - Created Within 90 Days ==========

    [2010/09/02 13:38:13 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\Jonathan Wu\Desktop\OTL.exe
    [2010/09/01 20:57:35 | 000,000,000 | R--D | C] -- C:\32788R22FWJFW
    [2010/09/01 20:44:16 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Jonathan Wu\Desktop\HijackThis.exe
    [2010/08/31 15:20:26 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
    [2010/08/31 15:02:12 | 000,065,128 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
    [2010/08/31 15:02:12 | 000,056,936 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
    [2010/08/30 19:20:19 | 000,000,000 | ---D | C] -- C:\Users\Jonathan Wu\AppData\Local\Sunbelt Software
    [2010/08/30 19:06:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
    [2010/08/30 19:06:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
    [2010/08/30 18:58:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
    [2010/08/30 10:52:22 | 000,000,000 | ---D | C] -- C:\Users\Jonathan Wu\Desktop\attachments_2010_08_30
    [2010/08/25 19:41:51 | 000,000,000 | ---D | C] -- C:\Users\Jonathan Wu\AppData\Roaming\saltwater
    [2010/08/25 18:14:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Power Mp3 Cutter(Mp3 Sound Cutter)
    [2010/08/25 18:09:05 | 000,352,256 | ---- | C] (eSellerate Inc.) -- C:\Windows\SysWow64\eSellerateEngine.dll
    [2010/08/24 02:49:30 | 000,000,000 | ---D | C] -- C:\Users\Jonathan Wu\Desktop\VBChickBotV8.2
    [2010/08/23 23:34:56 | 000,092,160 | ---- | C] (Prolific Technology Inc.) -- C:\Windows\SysNative\drivers\ser2pl64.sys
    [2010/08/22 14:07:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
    [2010/08/09 04:49:51 | 000,000,000 | -HSD | C] -- C:\Config.Msi
    [2010/08/07 13:58:20 | 000,000,000 | ---D | C] -- C:\Users\Jonathan Wu\Desktop\KW V2s Upload
    [2010/08/07 13:38:00 | 000,000,000 | ---D | C] -- C:\Users\Jonathan Wu\Desktop\Pro-Kit
    [2010/08/07 13:37:39 | 000,000,000 | ---D | C] -- C:\Users\Jonathan Wu\Desktop\KW V2s
    [2010/08/05 03:43:30 | 000,000,000 | ---D | C] -- C:\Users\Jonathan Wu\Desktop\Pete's Files
    [2010/08/01 11:43:03 | 000,000,000 | ---D | C] -- C:\Users\Jonathan Wu\AppData\Local\Yahoo!
    [2010/08/01 11:42:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion
    [2010/08/01 11:42:21 | 000,000,000 | ---D | C] -- C:\Users\Jonathan Wu\AppData\Roaming\Yahoo!
    [2010/08/01 02:03:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
    [2010/07/30 14:51:07 | 000,000,000 | ---D | C] -- C:\Users\Jonathan Wu\AppData\Roaming\IBMERS
    [2010/07/19 22:42:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
    [2010/06/28 15:18:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BitLord
    [2010/06/28 14:13:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PFPortChecker
    [2010/06/24 13:19:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HMA! Pro VPN
    [2010/06/21 14:28:12 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
    [2010/06/20 23:36:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QS
    [2010/06/20 23:36:45 | 000,000,000 | ---D | C] -- C:\Users\Jonathan Wu\AppData\Roaming\TeamViewer
    [2010/06/20 23:36:42 | 000,000,000 | ---D | C] -- C:\Users\Jonathan Wu\temp
    [2010/06/18 18:10:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard
    [2010/06/18 18:07:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
    [2010/06/17 21:54:12 | 000,000,000 | ---D | C] -- C:\Users\Jonathan Wu\Desktop\Jonathan Mazda 3
    [2010/06/16 18:37:10 | 000,026,112 | ---- | C] (RealVNC Ltd.) -- C:\Windows\SysNative\vncmirror.dll
    [2010/06/16 18:37:10 | 000,004,608 | ---- | C] (RealVNC Ltd.) -- C:\Windows\SysNative\drivers\vncmirror.sys
    [2010/06/16 18:37:07 | 000,000,000 | ---D | C] -- C:\Program Files\RealVNC
    [2010/06/16 17:47:41 | 000,281,104 | ---- | C] (CACE Technologies, Inc.) -- C:\Windows\SysWow64\wpcap.dll
    [2010/06/16 17:47:41 | 000,025,312 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\drivers\SCMNdisP.sys
    [2010/06/16 17:47:40 | 000,096,784 | ---- | C] (CACE Technologies, Inc.) -- C:\Windows\SysWow64\Packet.dll
    [2010/06/16 17:47:40 | 000,047,632 | ---- | C] (CACE Technologies, Inc.) -- C:\Windows\SysNative\drivers\npf.sys
    [2010/06/07 17:39:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Marvell
    [2010/06/07 17:11:49 | 000,716,800 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysNative\drivers\netr7364.sys
    [2010/06/07 16:57:23 | 000,305,152 | ---- | C] (Ralink Technology, Inc.) -- C:\Windows\SysNative\RaCoInstx.dll
    [2010/01/15 20:53:53 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Jonathan Wu\AppData\Roaming\pcouffin.sys
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 90 Days ==========

    [2010/09/02 13:46:59 | 006,553,600 | -HS- | M] () -- C:\Users\Jonathan Wu\ntuser.dat
    [2010/09/02 13:38:14 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Jonathan Wu\Desktop\OTL.exe
    [2010/09/02 13:02:01 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4264962670-927182372-1804427768-1001UA.job
    [2010/09/02 00:01:01 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4264962670-927182372-1804427768-1001Core.job
    [2010/09/01 22:49:17 | 000,022,560 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2010/09/01 22:49:17 | 000,022,560 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2010/09/01 20:44:18 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Jonathan Wu\Desktop\HijackThis.exe
    [2010/09/01 20:30:20 | 003,830,204 | ---- | M] () -- C:\Users\Jonathan Wu\Desktop\ComboFix.exe
    [2010/09/01 16:48:10 | 000,018,176 | ---- | M] () -- C:\Windows\za_mv_raid.ev
    [2010/09/01 16:48:10 | 000,000,096 | ---- | M] () -- C:\Windows\za_mv_seqnum.ev
    [2010/09/01 16:48:07 | 000,000,008 | ---- | M] () -- C:\Windows\mvraidver.dat
    [2010/09/01 16:47:53 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
    [2010/09/01 16:47:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2010/09/01 16:47:40 | 2143,936,511 | -HS- | M] () -- C:\hiberfil.sys
    [2010/09/01 16:47:40 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs
    [2010/09/01 15:43:32 | 001,433,641 | -H-- | M] () -- C:\Users\Jonathan Wu\AppData\Local\IconCache.db
    [2010/08/31 15:32:56 | 000,001,299 | ---- | M] () -- C:\Users\Jonathan Wu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RivaTuner.lnk
    [2010/08/31 03:48:08 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
    [2010/08/30 19:20:29 | 000,416,980 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
    [2010/08/30 18:53:34 | 000,002,284 | ---- | M] () -- C:\Users\Jonathan Wu\Documents\cc_20100830_185331.reg
    [2010/08/29 18:49:04 | 000,006,046 | ---- | M] () -- C:\Users\Jonathan Wu\Documents\cc_20100829_184821.reg
    [2010/08/26 18:42:28 | 000,009,973 | ---- | M] () -- C:\Users\Jonathan Wu\Desktop\Lotto.xlsx
    [2010/08/23 23:51:07 | 000,730,320 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2010/08/23 23:51:07 | 000,628,436 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2010/08/23 23:51:07 | 000,107,742 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2010/08/23 14:04:39 | 000,107,203 | ---- | M] () -- C:\Users\Jonathan Wu\Desktop\Change_of_Schedule_Form.pdf
    [2010/08/19 15:24:14 | 000,485,209 | ---- | M] () -- C:\Users\Jonathan Wu\Desktop\IMG00040-20100819-1442.jpg
    [2010/08/16 17:13:45 | 000,175,872 | ---- | M] () -- C:\Users\Jonathan Wu\Desktop\DSCF7717.jpg
    [2010/08/16 15:12:38 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\HMA! Pro VPN.lnk
    [2010/08/14 00:55:47 | 000,524,288 | -HS- | M] () -- C:\Users\Jonathan Wu\ntuser.dat{b935d5da-a70b-11df-aeda-6cf04902f6e9}.TMContainer00000000000000000002.regtrans-ms
    [2010/08/14 00:55:47 | 000,524,288 | -HS- | M] () -- C:\Users\Jonathan Wu\ntuser.dat{b935d5da-a70b-11df-aeda-6cf04902f6e9}.TMContainer00000000000000000001.regtrans-ms
    [2010/08/14 00:55:47 | 000,065,536 | -HS- | M] () -- C:\Users\Jonathan Wu\ntuser.dat{b935d5da-a70b-11df-aeda-6cf04902f6e9}.TM.blf
    [2010/08/13 12:14:22 | 000,001,159 | ---- | M] () -- C:\Users\Jonathan Wu\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
    [2010/08/13 12:03:47 | 000,149,773 | ---- | M] () -- C:\Windows\SysNative\drivers\klin.dat
    [2010/08/13 12:03:47 | 000,106,765 | ---- | M] () -- C:\Windows\SysNative\drivers\klick.dat
    [2010/08/13 11:56:11 | 000,524,288 | -HS- | M] () -- C:\Users\Jonathan Wu\ntuser.dat{26e002d7-a708-11df-a6d5-6cf04902f6e9}.TMContainer00000000000000000002.regtrans-ms
    [2010/08/13 11:56:11 | 000,524,288 | -HS- | M] () -- C:\Users\Jonathan Wu\ntuser.dat{26e002d7-a708-11df-a6d5-6cf04902f6e9}.TMContainer00000000000000000001.regtrans-ms
    [2010/08/13 11:56:11 | 000,065,536 | -HS- | M] () -- C:\Users\Jonathan Wu\ntuser.dat{26e002d7-a708-11df-a6d5-6cf04902f6e9}.TM.blf
    [2010/08/09 05:35:02 | 000,524,288 | -HS- | M] () -- C:\Users\Jonathan Wu\ntuser.dat{0b9330cb-a3af-11df-bbca-6cf04902f6e9}.TMContainer00000000000000000002.regtrans-ms
    [2010/08/09 05:35:02 | 000,524,288 | -HS- | M] () -- C:\Users\Jonathan Wu\ntuser.dat{0b9330cb-a3af-11df-bbca-6cf04902f6e9}.TMContainer00000000000000000001.regtrans-ms
    [2010/08/09 05:35:02 | 000,065,536 | -HS- | M] () -- C:\Users\Jonathan Wu\ntuser.dat{0b9330cb-a3af-11df-bbca-6cf04902f6e9}.TM.blf
    [2010/08/09 04:42:57 | 000,524,288 | -HS- | M] () -- C:\Users\Jonathan Wu\ntuser.dat{5eb5b54b-a3a8-11df-b730-e609a8fa427d}.TMContainer00000000000000000002.regtrans-ms
    [2010/08/09 04:42:57 | 000,524,288 | -HS- | M] () -- C:\Users\Jonathan Wu\ntuser.dat{5eb5b54b-a3a8-11df-b730-e609a8fa427d}.TMContainer00000000000000000001.regtrans-ms
    [2010/08/09 04:42:57 | 000,065,536 | -HS- | M] () -- C:\Users\Jonathan Wu\ntuser.dat{5eb5b54b-a3a8-11df-b730-e609a8fa427d}.TM.blf
    [2010/07/29 16:49:38 | 000,078,551 | ---- | M] () -- C:\Users\Jonathan Wu\Desktop\COR-6087 (US).pdf
    [2010/07/22 14:23:48 | 003,097,319 | ---- | M] () -- C:\Users\Jonathan Wu\Desktop\Jonathan's Form.jpg
    [2010/07/21 18:06:42 | 000,178,176 | ---- | M] () -- C:\Users\Jonathan Wu\Desktop\KWContestWinner.doc
    [2010/07/17 00:22:21 | 000,001,730 | ---- | M] () -- C:\Users\Jonathan Wu\Documents\cc_20100717_002217.reg
    [2010/07/12 16:58:19 | 000,133,614 | ---- | M] () -- C:\Users\Jonathan Wu\Desktop\carshow_2010.pdf
    [2010/07/11 21:46:50 | 000,244,167 | ---- | M] () -- C:\Users\Jonathan Wu\Desktop\Flashlight_full_big.jpg
    [2010/07/11 21:43:18 | 000,780,416 | ---- | M] () -- C:\Users\Jonathan Wu\Desktop\flashlight_full.jpg
    [2010/07/11 21:35:41 | 000,046,001 | ---- | M] () -- C:\Users\Jonathan Wu\Desktop\flash_c.jpg
    [2010/07/09 15:38:00 | 000,065,128 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
    [2010/07/09 15:38:00 | 000,056,936 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
    [2010/07/09 15:38:00 | 000,012,264 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
    [2010/07/09 13:18:36 | 004,570,608 | ---- | M] () -- C:\Users\Jonathan Wu\Desktop\Spirit.exe
    [2010/07/08 23:52:12 | 000,063,752 | ---- | M] () -- C:\Users\Jonathan Wu\Desktop\Capture.JPG
    [2010/07/07 22:05:00 | 277,794,671 | ---- | M] () -- C:\Users\Jonathan Wu\Desktop\iPod2,1_3.1.2_7D11_Restore.ipsw
    [2010/07/07 21:58:05 | 000,608,256 | ---- | M] () -- C:\Users\Jonathan Wu\Desktop\blackra1n.exe
    [2010/06/28 15:18:39 | 000,001,003 | ---- | M] () -- C:\Users\Jonathan Wu\Desktop\BitLord.lnk
    [2010/06/28 13:46:18 | 000,000,943 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
    [2010/06/28 12:04:42 | 000,001,336 | ---- | M] () -- C:\Users\Jonathan Wu\Documents\cc_20100628_120439.reg
    [2010/06/24 03:22:40 | 000,000,651 | ---- | M] () -- C:\Users\Jonathan Wu\Desktop\utorrent.ini
    [2010/06/22 23:30:06 | 000,001,234 | ---- | M] () -- C:\Users\Jonathan Wu\Documents\cc_20100622_232945.reg
    [2010/06/20 18:10:29 | 000,524,288 | -HS- | M] () -- C:\Users\Jonathan Wu\ntuser.dat{d7262513-7ca7-11df-8be4-6cf04902f6e9}.TMContainer00000000000000000002.regtrans-ms
    [2010/06/20 18:10:29 | 000,524,288 | -HS- | M] () -- C:\Users\Jonathan Wu\ntuser.dat{d7262513-7ca7-11df-8be4-6cf04902f6e9}.TMContainer00000000000000000001.regtrans-ms
    [2010/06/20 18:10:29 | 000,065,536 | -HS- | M] () -- C:\Users\Jonathan Wu\ntuser.dat{d7262513-7ca7-11df-8be4-6cf04902f6e9}.TM.blf
    [2010/06/18 18:26:01 | 000,022,924 | ---- | M] () -- C:\Users\Jonathan Wu\Documents\cc_20100618_182545.reg
    [2010/06/18 18:25:34 | 000,000,082 | ---- | M] () -- C:\Users\Jonathan Wu\Documents\cc_20100618_182530.reg
    [2010/06/16 23:33:34 | 000,413,368 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2010/06/16 17:50:22 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_bcmwlhigh664_01009.Wdf
    [2010/06/16 17:47:40 | 000,000,928 | ---- | M] () -- C:\Users\Public\Desktop\NETGEAR WNDA3100v2 Smart Wizard.lnk
    [2010/06/07 17:49:16 | 000,000,127 | ---- | M] () -- C:\Windows\zraidtray.ini
    [2010/06/07 17:41:31 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\mvcli.ini
    [2010/06/07 17:41:05 | 000,050,360 | ---- | M] () -- C:\Windows\php.ini
    [2010/06/07 17:10:33 | 000,716,800 | ---- | M] (Ralink Technology, Corp.) -- C:\Windows\SysNative\drivers\netr7364.sys
    [2010/06/07 16:56:03 | 000,305,152 | ---- | M] (Ralink Technology, Inc.) -- C:\Windows\SysNative\RaCoInstx.dll
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
  13. ryukensfj

    ryukensfj Newcomer, in training Topic Starter Posts: 42

    OTL.txt continued

    ========== Files Created - No Company Name ==========

    [2010/09/01 20:30:05 | 003,830,204 | ---- | C] () -- C:\Users\Jonathan Wu\Desktop\ComboFix.exe
    [2010/08/31 15:02:12 | 000,012,264 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
    [2010/08/31 03:48:06 | 000,000,394 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
    [2010/08/30 18:53:33 | 000,002,284 | ---- | C] () -- C:\Users\Jonathan Wu\Documents\cc_20100830_185331.reg
    [2010/08/29 18:48:38 | 000,006,046 | ---- | C] () -- C:\Users\Jonathan Wu\Documents\cc_20100829_184821.reg
    [2010/08/26 18:19:20 | 000,009,973 | ---- | C] () -- C:\Users\Jonathan Wu\Desktop\Lotto.xlsx
    [2010/08/23 12:33:56 | 000,107,203 | ---- | C] () -- C:\Users\Jonathan Wu\Desktop\Change_of_Schedule_Form.pdf
    [2010/08/19 15:24:34 | 000,485,209 | ---- | C] () -- C:\Users\Jonathan Wu\Desktop\IMG00040-20100819-1442.jpg
    [2010/08/16 17:13:44 | 000,175,872 | ---- | C] () -- C:\Users\Jonathan Wu\Desktop\DSCF7717.jpg
    [2010/08/13 12:14:22 | 000,001,159 | ---- | C] () -- C:\Users\Jonathan Wu\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
    [2010/08/13 12:03:18 | 000,524,288 | -HS- | C] () -- C:\Users\Jonathan Wu\ntuser.dat{b935d5da-a70b-11df-aeda-6cf04902f6e9}.TMContainer00000000000000000002.regtrans-ms
    [2010/08/13 12:03:18 | 000,524,288 | -HS- | C] () -- C:\Users\Jonathan Wu\ntuser.dat{b935d5da-a70b-11df-aeda-6cf04902f6e9}.TMContainer00000000000000000001.regtrans-ms
    [2010/08/13 12:03:18 | 000,065,536 | -HS- | C] () -- C:\Users\Jonathan Wu\ntuser.dat{b935d5da-a70b-11df-aeda-6cf04902f6e9}.TM.blf
    [2010/08/13 11:51:26 | 000,524,288 | -HS- | C] () -- C:\Users\Jonathan Wu\ntuser.dat{26e002d7-a708-11df-a6d5-6cf04902f6e9}.TMContainer00000000000000000002.regtrans-ms
    [2010/08/13 11:51:26 | 000,524,288 | -HS- | C] () -- C:\Users\Jonathan Wu\ntuser.dat{26e002d7-a708-11df-a6d5-6cf04902f6e9}.TMContainer00000000000000000001.regtrans-ms
    [2010/08/13 11:51:26 | 000,065,536 | -HS- | C] () -- C:\Users\Jonathan Wu\ntuser.dat{26e002d7-a708-11df-a6d5-6cf04902f6e9}.TM.blf
    [2010/08/09 05:23:48 | 000,524,288 | -HS- | C] () -- C:\Users\Jonathan Wu\ntuser.dat{0b9330cb-a3af-11df-bbca-6cf04902f6e9}.TMContainer00000000000000000002.regtrans-ms
    [2010/08/09 05:23:48 | 000,524,288 | -HS- | C] () -- C:\Users\Jonathan Wu\ntuser.dat{0b9330cb-a3af-11df-bbca-6cf04902f6e9}.TMContainer00000000000000000001.regtrans-ms
    [2010/08/09 05:23:48 | 000,065,536 | -HS- | C] () -- C:\Users\Jonathan Wu\ntuser.dat{0b9330cb-a3af-11df-bbca-6cf04902f6e9}.TM.blf
    [2010/08/09 04:32:21 | 000,524,288 | -HS- | C] () -- C:\Users\Jonathan Wu\ntuser.dat{5eb5b54b-a3a8-11df-b730-e609a8fa427d}.TMContainer00000000000000000002.regtrans-ms
    [2010/08/09 04:32:21 | 000,524,288 | -HS- | C] () -- C:\Users\Jonathan Wu\ntuser.dat{5eb5b54b-a3a8-11df-b730-e609a8fa427d}.TMContainer00000000000000000001.regtrans-ms
    [2010/08/09 04:32:21 | 000,065,536 | -HS- | C] () -- C:\Users\Jonathan Wu\ntuser.dat{5eb5b54b-a3a8-11df-b730-e609a8fa427d}.TM.blf
    [2010/07/29 16:49:38 | 000,078,551 | ---- | C] () -- C:\Users\Jonathan Wu\Desktop\COR-6087 (US).pdf
    [2010/07/22 14:32:17 | 003,097,319 | ---- | C] () -- C:\Users\Jonathan Wu\Desktop\Jonathan's Form.jpg
    [2010/07/21 18:06:36 | 000,178,176 | ---- | C] () -- C:\Users\Jonathan Wu\Desktop\KWContestWinner.doc
    [2010/07/17 00:22:19 | 000,001,730 | ---- | C] () -- C:\Users\Jonathan Wu\Documents\cc_20100717_002217.reg
    [2010/07/12 16:44:12 | 000,133,614 | ---- | C] () -- C:\Users\Jonathan Wu\Desktop\carshow_2010.pdf
    [2010/07/11 21:46:48 | 000,244,167 | ---- | C] () -- C:\Users\Jonathan Wu\Desktop\Flashlight_full_big.jpg
    [2010/07/11 21:43:12 | 000,780,416 | ---- | C] () -- C:\Users\Jonathan Wu\Desktop\flashlight_full.jpg
    [2010/07/11 21:35:39 | 000,046,001 | ---- | C] () -- C:\Users\Jonathan Wu\Desktop\flash_c.jpg
    [2010/07/09 13:07:12 | 004,570,608 | ---- | C] () -- C:\Users\Jonathan Wu\Desktop\Spirit.exe
    [2010/07/08 23:52:11 | 000,063,752 | ---- | C] () -- C:\Users\Jonathan Wu\Desktop\Capture.JPG
    [2010/07/07 22:00:05 | 277,794,671 | ---- | C] () -- C:\Users\Jonathan Wu\Desktop\iPod2,1_3.1.2_7D11_Restore.ipsw
    [2010/07/07 21:58:05 | 000,608,256 | ---- | C] () -- C:\Users\Jonathan Wu\Desktop\blackra1n.exe
    [2010/06/28 15:18:39 | 000,001,003 | ---- | C] () -- C:\Users\Jonathan Wu\Desktop\BitLord.lnk
    [2010/06/28 13:46:18 | 000,000,943 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
    [2010/06/28 12:04:41 | 000,001,336 | ---- | C] () -- C:\Users\Jonathan Wu\Documents\cc_20100628_120439.reg
    [2010/06/24 13:20:00 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\HMA! Pro VPN.lnk
    [2010/06/24 03:20:30 | 000,000,651 | ---- | C] () -- C:\Users\Jonathan Wu\Desktop\utorrent.ini
    [2010/06/22 23:29:49 | 000,001,234 | ---- | C] () -- C:\Users\Jonathan Wu\Documents\cc_20100622_232945.reg
    [2010/06/20 13:23:45 | 000,524,288 | -HS- | C] () -- C:\Users\Jonathan Wu\ntuser.dat{d7262513-7ca7-11df-8be4-6cf04902f6e9}.TMContainer00000000000000000002.regtrans-ms
    [2010/06/20 13:23:45 | 000,524,288 | -HS- | C] () -- C:\Users\Jonathan Wu\ntuser.dat{d7262513-7ca7-11df-8be4-6cf04902f6e9}.TMContainer00000000000000000001.regtrans-ms
    [2010/06/20 13:23:45 | 000,065,536 | -HS- | C] () -- C:\Users\Jonathan Wu\ntuser.dat{d7262513-7ca7-11df-8be4-6cf04902f6e9}.TM.blf
    [2010/06/18 18:25:47 | 000,022,924 | ---- | C] () -- C:\Users\Jonathan Wu\Documents\cc_20100618_182545.reg
    [2010/06/18 18:25:34 | 000,000,082 | ---- | C] () -- C:\Users\Jonathan Wu\Documents\cc_20100618_182530.reg
    [2010/06/16 17:50:22 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_bcmwlhigh664_01009.Wdf
    [2010/06/16 17:47:41 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
    [2010/06/16 17:47:40 | 000,000,928 | ---- | C] () -- C:\Users\Public\Desktop\NETGEAR WNDA3100v2 Smart Wizard.lnk
    [2010/06/07 17:41:37 | 000,018,176 | ---- | C] () -- C:\Windows\za_mv_raid.ev
    [2010/06/07 17:41:37 | 000,000,096 | ---- | C] () -- C:\Windows\za_mv_seqnum.ev
    [2010/06/07 17:41:34 | 000,000,008 | ---- | C] () -- C:\Windows\mvraidver.dat
    [2010/06/07 17:41:31 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\mvcli.ini
    [2010/06/07 17:11:49 | 000,200,704 | ---- | C] () -- C:\Windows\SysWow64\UpdateDriver.exe
    [2010/06/07 17:11:49 | 000,005,224 | ---- | C] () -- C:\Windows\SysWow64\ucuiinfo.ini
    [2010/03/31 22:21:03 | 001,970,176 | ---- | C] () -- C:\Windows\SysWow64\d3dx9.dll
    [2010/02/12 19:11:56 | 000,000,163 | ---- | C] () -- C:\Users\Jonathan Wu\AppData\Roaming\PLGComp.ini
    [2010/02/03 18:05:11 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
    [2010/02/02 22:59:18 | 000,000,600 | ---- | C] () -- C:\Users\Jonathan Wu\AppData\Local\PUTTY.RND
    [2010/02/02 22:43:51 | 000,000,600 | ---- | C] () -- C:\Users\Jonathan Wu\AppData\Roaming\winscp.rnd
    [2010/01/25 12:55:15 | 000,730,638 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2010/01/16 12:48:18 | 000,782,336 | ---- | C] () -- C:\Windows\SysWow64\IlmImf.dll
    [2010/01/16 12:48:18 | 000,446,464 | ---- | C] () -- C:\Windows\SysWow64\Photomatix_jpg.dll
    [2010/01/16 12:48:18 | 000,353,280 | ---- | C] () -- C:\Windows\SysWow64\pmtf2.dll
    [2010/01/16 12:48:18 | 000,266,240 | ---- | C] () -- C:\Windows\SysWow64\Photomatix25Lib.dll
    [2010/01/16 12:48:18 | 000,249,856 | ---- | C] () -- C:\Windows\SysWow64\Photomatix25Lib2.dll
    [2010/01/16 12:48:18 | 000,205,824 | ---- | C] () -- C:\Windows\SysWow64\pmtf1.dll
    [2010/01/16 12:48:18 | 000,204,288 | ---- | C] () -- C:\Windows\SysWow64\pmtf3.dll
    [2010/01/16 12:48:18 | 000,167,936 | ---- | C] () -- C:\Windows\SysWow64\Photomatix25Lib3.dll
    [2010/01/16 12:48:18 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\pmexr.dll
    [2010/01/16 12:48:18 | 000,011,776 | ---- | C] () -- C:\Windows\SysWow64\pmbm.dll
    [2010/01/15 20:54:07 | 000,000,034 | ---- | C] () -- C:\Users\Jonathan Wu\AppData\Roaming\pcouffin.log
    [2010/01/15 20:53:53 | 000,099,384 | ---- | C] () -- C:\Users\Jonathan Wu\AppData\Roaming\inst.exe
    [2010/01/15 20:53:53 | 000,007,859 | ---- | C] () -- C:\Users\Jonathan Wu\AppData\Roaming\pcouffin.cat
    [2010/01/15 20:53:53 | 000,001,167 | ---- | C] () -- C:\Users\Jonathan Wu\AppData\Roaming\pcouffin.inf
    [2009/09/29 18:44:52 | 000,000,127 | ---- | C] () -- C:\Windows\zraidtray.ini
    [2009/09/29 02:18:02 | 000,050,360 | ---- | C] () -- C:\Windows\php.ini
    [2009/07/13 16:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
    [2009/07/13 14:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
    [2004/01/30 09:37:50 | 000,000,092 | R--- | C] () -- C:\Windows\SysWow64\FTDIUN2K.INI
    [2002/03/01 14:43:34 | 000,028,008 | ---- | C] () -- C:\Windows\SysWow64\SUSUSB.SYS

    ========== LOP Check ==========

    [2010/01/15 21:21:09 | 000,000,000 | ---D | M] -- C:\Users\Jonathan Wu\AppData\Roaming\acccore
    [2010/01/29 00:14:16 | 000,000,000 | ---D | M] -- C:\Users\Jonathan Wu\AppData\Roaming\Desktopicon
    [2010/02/08 13:08:38 | 000,000,000 | ---D | M] -- C:\Users\Jonathan Wu\AppData\Roaming\Folding@home-x86
    [2010/07/30 14:51:07 | 000,000,000 | ---D | M] -- C:\Users\Jonathan Wu\AppData\Roaming\IBMERS
    [2010/01/15 21:33:03 | 000,000,000 | ---D | M] -- C:\Users\Jonathan Wu\AppData\Roaming\IM
    [2010/01/15 21:07:07 | 000,000,000 | ---D | M] -- C:\Users\Jonathan Wu\AppData\Roaming\Leadertech
    [2010/08/13 11:59:32 | 000,000,000 | ---D | M] -- C:\Users\Jonathan Wu\AppData\Roaming\LimeWire
    [2010/03/30 10:10:49 | 000,000,000 | ---D | M] -- C:\Users\Jonathan Wu\AppData\Roaming\mkvtoolnix
    [2010/08/25 19:41:51 | 000,000,000 | ---D | M] -- C:\Users\Jonathan Wu\AppData\Roaming\saltwater
    [2010/04/10 22:53:57 | 000,000,000 | ---D | M] -- C:\Users\Jonathan Wu\AppData\Roaming\SystemRequirementsLab
    [2010/07/31 23:58:13 | 000,000,000 | ---D | M] -- C:\Users\Jonathan Wu\AppData\Roaming\TeamViewer
    [2010/01/15 21:46:15 | 000,000,000 | ---D | M] -- C:\Users\Jonathan Wu\AppData\Roaming\TomTom
    [2010/09/02 12:16:37 | 000,000,000 | ---D | M] -- C:\Users\Jonathan Wu\AppData\Roaming\uTorrent
    [2010/01/15 20:55:11 | 000,000,000 | ---D | M] -- C:\Users\Jonathan Wu\AppData\Roaming\Vso
    [2010/08/31 03:48:08 | 000,000,394 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
    [2010/04/30 12:17:08 | 000,032,564 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

    ========== Purity Check ==========



    ========== Custom Scans ==========


    < %SYSTEMDRIVE%\*.* >
    [2010/09/01 14:52:43 | 000,046,220 | ---- | M] () -- C:\aaw7boot.log
    [2009/07/13 18:38:58 | 000,383,562 | ---- | M] () -- C:\bootmgr
    [2010/02/03 18:16:17 | 000,000,032 | ---- | M] () -- C:\csb.log
    [2010/09/01 16:47:40 | 2143,936,511 | -HS- | M] () -- C:\hiberfil.sys
    [2010/02/03 18:13:00 | 000,000,086 | ---- | M] () -- C:\Install.log
    [2010/01/15 21:20:32 | 000,000,975 | -H-- | M] () -- C:\IPH.PH
    [2010/04/30 00:34:24 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt
    [2010/09/01 16:47:40 | 4290,240,511 | -HS- | M] () -- C:\pagefile.sys
    [2010/02/03 18:10:19 | 000,002,117 | ---- | M] () -- C:\RHDSetup.log

    < %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >

    < %systemroot%\system32\*.wt >

    < %systemroot%\system32\*.ruy >

    < %systemroot%\Fonts\*.com >
    [2009/07/13 22:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
    [2009/07/13 22:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
    [2009/07/13 22:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
    [2009/07/13 22:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

    < %systemroot%\Fonts\*.dll >

    < %systemroot%\system32\spool\prtprocs\w32x86\*.tmp >

    < %systemroot%\*. /mp /s >


    < %systemroot%\system32\*.dll /lockedfiles >
    [2009/07/13 18:15:28 | 000,186,368 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\iepeers.dll
    [2009/07/13 18:15:50 | 001,386,496 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\msvbvm60.dll

    < %systemroot%\Tasks\*.job /lockedfiles >

    < %systemroot%\System32\config\*.sav >

    < %systemroot%\system32\user32.dll /md5 >
    [2009/07/13 18:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll

    < %systemroot%\system32\ws2_32.dll /md5 >
    [2009/07/13 18:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll

    < %systemroot%\system32\ws2help.dll /md5 >
    [2009/07/13 18:11:26 | 000,004,608 | ---- | M] (Microsoft Corporation) MD5=808AABDF9337312195CAFF76D1804786 -- C:\Windows\SysWOW64\ws2help.dll

    < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

    < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >
    < End of report >
     
  14. ryukensfj

    ryukensfj Newcomer, in training Topic Starter Posts: 42

    Extras.txt

    OTL Extras logfile created on: 9/2/2010 1:40:10 PM - Run 1
    OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\Jonathan Wu\Desktop
    64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    8.00 Gb Total Physical Memory | 6.00 Gb Available Physical Memory | 74.00% Memory free
    16.00 Gb Paging File | 14.00 Gb Available in Paging File | 87.00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 115.69 Gb Total Space | 29.50 Gb Free Space | 25.50% Space Free | Partition Type: NTFS
    Drive D: | 117.19 Gb Total Space | 72.72 Gb Free Space | 62.05% Space Free | Partition Type: NTFS
    Drive E: | 931.50 Gb Total Space | 222.15 Gb Free Space | 23.85% Space Free | Partition Type: NTFS
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: WIN7_I7
    Current User Name: Jonathan Wu
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: Current user
    Include 64bit Scans
    Company Name Whitelist: On
    Skip Microsoft Files: On
    File Age = 90 Days
    Output = Standard
    Quick Scan

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %* File not found
    cmdfile [open] -- "%1" %* File not found
    comfile [open] -- "%1" %* File not found
    exefile [open] -- "%1" %* File not found
    helpfile [open] -- Reg Error: Key error.
    htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %* File not found
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1" File not found
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] -- "%1" /S File not found
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
    Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
    Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
    Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
    Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
    "DisableMonitoring" = 1
    "" =

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 0

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\Program Files (x86)\iCall\iCall.exe" = C:\Program Files (x86)\iCall\iCall.exe:*:Enabled:iCall -- ()
    "C:\Program Files (x86)\iCall\iCall.exe" = C:\Program Files (x86)\iCall\iCall.exe:*:Enabled:iCall -- ()


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
    "{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Windows XP Mode
    "{4CE36E6A-300B-427C-BEC7-B261CC13814E}" = iTunes
    "{55C09FC1-D2D8-495A-BD80-D6725F0DCA58}" = Logitech GamePanel Software 3.04.137
    "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    "{877924AA-E044-4266-B37D-E974CD799934}" = Bonjour
    "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
    "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
    "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
    "{96F1BA99-300F-4DD5-A26B-788EF63B53B1}" = Logitech Gaming Software 5.08
    "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
    "{CA4AF936-3312-4AF4-A191-527531490DCD}" = Apple Mobile Device Support
    "{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
    "{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "EPSON Printer and Utilities" = EPSON Printer Software
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "NVIDIA Display Control Panel" = NVIDIA Display Control Panel
    "NVIDIA Drivers" = NVIDIA Drivers
    "RealVNC_is1" = VNC Enterprise Edition E4.4.2
    "VNCMirror_is1" = VNC Mirror Driver 1.8.0
    "WinRAR archiver" = WinRAR archiver

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
    "{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}" = Adobe Flash Player 10 Plugin
    "{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
    "{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
    "{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab
    "{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
    "{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 21
    "{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
    "{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
    "{3C7839E7-21F4-49E0-B4D5-AC8ED818CCB0}" = NETGEAR WNDA3100v2 wireless USB 2.0 adapter
    "{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
    "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
    "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
    "{6B755EC3-C709-4F5C-BC58-BC0D3967B6B6}" = Folding@home-x86
    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
    "{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{786C5747-1437-443D-B06E-79A00FE45110}" = Adobe Stock Photos 1.0
    "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
    "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
    "{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer
    "{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
    "{8FFC924C-ED06-44CB-8867-3CA778ECE903}" = Adobe Help Center 2.0
    "{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
    "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
    "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
    "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
    "{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
    "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
    "{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
    "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
    "{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
    "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
    "{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
    "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
    "{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
    "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
    "{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
    "{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
    "{90120000-002A-0409-1000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
    "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
    "{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
    "{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
    "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
    "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
    "{90120000-0115-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
    "{90120000-0116-0409-1000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
    "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
    "{90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
    "{9C411DC9-B8B8-45F3-B688-073BF4B59094}" = Virtual Account Numbers
    "{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010
    "{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
    "{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
    "{AC76BA86-1033-F400-7760-0000003D0002}" = Adobe Acrobat 3D
    "{AFCE4D19-D385-4232-9B0E-809D85A25A10}" = NETGEAR WN111 wireless USB 2.0 adapter
    "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
    "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
    "{B74D4E10-6884-0000-0000-000000000103}" = Adobe Bridge 1.0
    "{BB406CEB-6207-4512-9BB2-89950DC9D6B6}_is1" = ConvertXtoDVD 2.2.3.258
    "{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT
    "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
    "{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
    "{DE700910-58F7-4D2E-B7E6-3BA2DA1B6806}" = Virtual Account Numbers
    "{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
    "{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
    "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
    "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
    "{F3759A9F-7AFA-4FB4-8DF1-53F26B979DEE}" = Belkin 54Mbps Wireless Network Adapter
    "{F5F56D88-56A2-4157-BED4-D650634974E3}" = honestech Video Editor
    "{FC98FBE9-E931-494C-8717-497185371033}" = Nero 7 Ultra Edition
    "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    "Adobe Acrobat 3D" = Adobe Acrobat 3D 7.1.0
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
    "AIM_7" = AIM 7
    "BitLord" = BitLord 1.1
    "CCleaner" = CCleaner
    "Cheat Engine 5.5_is1" = Cheat Engine 5.5
    "DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
    "DivX Setup.divx.com" = DivX Setup
    "DVD Ripper Platinum 4" = DVD Ripper Platinum 4
    "HMA! Pro VPN" = HMA! Pro VPN 2.4.1
    "iCall_is1" = iCall
    "InstallShield_{AFCE4D19-D385-4232-9B0E-809D85A25A10}" = NETGEAR WN111 wireless USB 2.0 adapter
    "InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
    "InstallWIX_{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010
    "LimeWire" = LimeWire PRO 5.4.8
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
    "MKVtoolnix" = MKVtoolnix 3.2.0
    "Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
    "mv61xxMRU" = Marvell MRU V4
    "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
    "OJOsoft Total Video Converter_is1" = OJOsoft Total Video Converter
    "PFPortChecker" = PFPortChecker 1.0.32
    "Photomatix Pro_is1" = Photomatix Pro version 2.5
    "Power Mp3 Cutter(Mp3 Sound Cutter)_is1" = Power Mp3 Cutter(Mp3 Sound Cutter) 1.40
    "Precision" = EVGA Precision 1.9.1
    "PROPLUS" = Microsoft Office Professional Plus 2007
    "PunkBusterSvc" = PunkBuster Services
    "PuTTY_is1" = PuTTY version 0.59
    "RivaTuner" = RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
    "SpeedFan" = SpeedFan (remove only)
    "Steam App 10180" = Call of Duty: Modern Warfare 2
    "Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
    "stunnel" = stunnel
    "TomTom HOME" = TomTom HOME 2.7.5.2014
    "Unlocker" = Unlocker 1.8.8
    "uTorrent" = µTorrent
    "VLC media player" = VLC media player 1.0.5
    "Winamp" = Winamp
    "winscp3_is1" = WinSCP 4.1.9
    "Yahoo! Messenger" = Yahoo! Messenger

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Google Chrome" = Google Chrome
    "UnityWebPlayer" = Unity Web Player
    "Winamp Detect" = Winamp Detector Plug-in

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 8/27/2010 5:14:11 AM | Computer Name = Win7_i7 | Source = Bonjour Service | ID = 100
    Description = 252: ERROR: read_msg errno 10054 (An existing connection was forcibly
    closed by the remote host.)

    Error - 8/27/2010 5:14:11 AM | Computer Name = Win7_i7 | Source = Bonjour Service | ID = 100
    Description = 248: ERROR: read_msg errno 10054 (An existing connection was forcibly
    closed by the remote host.)
  15. ryukensfj

    ryukensfj Newcomer, in training Topic Starter Posts: 42

    Extras.txt continued

    Error - 8/30/2010 5:51:33 PM | Computer Name = Win7_i7 | Source = Application Hang | ID = 1002
    Description = The program VBChickBot.exe version 1.0.0.0 stopped interacting with
    Windows and was closed. To see if more information about the problem is available,
    check the problem history in the Action Center control panel. Process ID: 14e0 Start
    Time: 01cb488b9bd57695 Termination Time: 10 Application Path: C:\Users\Jonathan Wu\Desktop\VBChickBotV8.2\VBChickBot.exe

    Report
    Id: beede2e3-b480-11df-8bb7-6cf04902f6e9

    Error - 8/30/2010 9:56:32 PM | Computer Name = Win7_i7 | Source = Lavasoft Ad-Aware Service | ID = 0
    Description =

    Error - 8/30/2010 9:57:15 PM | Computer Name = Win7_i7 | Source = Lavasoft Ad-Aware Service | ID = 0
    Description =

    Error - 8/30/2010 9:59:28 PM | Computer Name = Win7_i7 | Source = Lavasoft Ad-Aware Service | ID = 0
    Description =

    Error - 8/30/2010 10:00:09 PM | Computer Name = Win7_i7 | Source = Lavasoft Ad-Aware Service | ID = 0
    Description =

    Error - 8/31/2010 4:48:34 PM | Computer Name = Win7_i7 | Source = System Restore | ID = 8193
    Description =

    Error - 9/1/2010 8:10:13 PM | Computer Name = Win7_i7 | Source = SideBySide | ID = 16842815
    Description = Activation context generation failed for "c:\program files (x86)\spybot
    - search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program
    files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of
    attribute "language" in element "assemblyIdentity" is invalid.

    Error - 9/2/2010 7:15:37 AM | Computer Name = Win7_i7 | Source = SideBySide | ID = 16842815
    Description = Activation context generation failed for "c:\program files (x86)\spybot
    - search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program
    files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of
    attribute "language" in element "assemblyIdentity" is invalid.

    [ System Events ]
    Error - 7/13/2010 4:23:35 AM | Computer Name = Win7_i7 | Source = Disk | ID = 262155
    Description = The driver detected a controller error on \Device\Harddisk2\DR2.

    Error - 7/13/2010 4:30:14 AM | Computer Name = Win7_i7 | Source = Disk | ID = 262155
    Description = The driver detected a controller error on \Device\Harddisk2\DR4.

    Error - 7/13/2010 3:45:30 PM | Computer Name = Win7_i7 | Source = Server | ID = 2505
    Description = The server could not bind to the transport \Device\NetBT_Tcpip_{F97DC581-2B55-44E1-A7BA-C8FAC05ECD20}
    because another computer on the network has the same name. The server could not
    start.

    Error - 7/13/2010 3:46:03 PM | Computer Name = Win7_i7 | Source = Server | ID = 2505
    Description = The server could not bind to the transport \Device\NetBT_Tcpip_{F97DC581-2B55-44E1-A7BA-C8FAC05ECD20}
    because another computer on the network has the same name. The server could not
    start.

    Error - 7/21/2010 3:39:27 PM | Computer Name = Win7_i7 | Source = EventLog | ID = 6008
    Description = The previous system shutdown at 12:37:33 PM on ?7/?21/?2010 was unexpected.

    Error - 7/22/2010 5:33:14 PM | Computer Name = Win7_i7 | Source = Disk | ID = 262155
    Description = The driver detected a controller error on \Device\Harddisk2\DR4.

    Error - 7/22/2010 5:33:14 PM | Computer Name = Win7_i7 | Source = Disk | ID = 262155
    Description = The driver detected a controller error on \Device\Harddisk2\DR4.

    Error - 7/22/2010 5:33:15 PM | Computer Name = Win7_i7 | Source = Disk | ID = 262155
    Description = The driver detected a controller error on \Device\Harddisk2\DR4.

    Error - 7/22/2010 5:33:15 PM | Computer Name = Win7_i7 | Source = Disk | ID = 262155
    Description = The driver detected a controller error on \Device\Harddisk2\DR4.

    Error - 7/26/2010 2:00:14 AM | Computer Name = Win7_i7 | Source = DCOM | ID = 10010
    Description =


    < End of report >
  16. ryukensfj

    ryukensfj Newcomer, in training Topic Starter Posts: 42

    Wow that some very long logs... Thanks for taking a look at these and helping me out Broni!
  17. Broni

    Broni Malware Annihilator Posts: 45,208   +243

    Sure thing :)

    Check couple of things for me....

    Close Firefox. Go Start>All Programs>Mozilla Firefox, click on Mozilla Firefox (safe mode). Same thing?

    Restart in Safe Mode with Networking and see, if you have same issue there.

    When done, restart in normal mode and.....

    Run OTL
    • Under the Custom Scans/Fixes box at the bottom, paste in the following

      Code:
      :OTL
      O3 - HKLM\..\Toolbar: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found.
      O4 - HKLM..\Run: [] File not found
      O4 - HKCU..\Run: [EPSON Stylus CX8400 Series] C:\Windows\SysWow64\spool\DRIVERS\x64\3\E_IATICEA.EXE File not found
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
      O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} http://content.systemrequirementslab...i_4.1.71.0.cab (Reg Error: Key error.)
      O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
      O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
      O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll acaptuser32.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll acaptuser32.dll File not found
      O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
      O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
      O20:64bit: - Winlogon\Notify\klogon: DllName - Reg Error: Key error. - C:\Windows\SysNative\klogon.dll (Kaspersky Lab)
      O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Program Files\Common Files\logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
      O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
      O33 - MountPoints2\{3de56e3a-3093-11df-ab03-6cf04902f6e9}\Shell - "" = AutoRun
      O33 - MountPoints2\{3de56e3a-3093-11df-ab03-6cf04902f6e9}\Shell\AutoRun\command - "" = H:\HPLauncher.exe -- File not found
      O33 - MountPoints2\H\Shell - "" = AutoRun
      O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\StartClickFreeBackup.exe -- File not found
      O33 - MountPoints2\I\Shell - "" = AutoRun
      O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\StartClickFreeBackup.exe -- File not found
      O33 - MountPoints2\J\Shell - "" = AutoRun
      O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\StartClickFreeBackup.exe -- File not found
      [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
      
      
      :Services
      
      :Reg
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
      "DisableMonitoring" =-
      "" =-
      
      :Files
      
      :Commands
      [purity]
      [emptytemp]
      [emptyflash]
      [Reboot]
      
    • Then click the Run Fix button at the top
    • Let the program run unhindered, reboot the PC when it is done
    • You will get a log that shows the results of the fix. Please post it.


    Any better?
  18. ryukensfj

    ryukensfj Newcomer, in training Topic Starter Posts: 42

    Oh I'm sorry what do you mean same thing with firefox safe mode? BTW is my system clean, other than the firefox issue. It might compatiablity issue with drivers,other programs, or plugins...

    BTW firefox is working fine atm but it will sometimes freeze up. Did the first OTL scan fixed anything?

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
    "DisableMonitoring" =- Will that affect the security on kaspersky? Disable monitoring sounds bad, lol
  19. Broni

    Broni Malware Annihilator Posts: 45,208   +243

    I want you to check, if FF will still freeze, if you run it for a while in FF Safe Mode.

    We're still checking....

    We're removing registry key, which was set to NOT to monitor Kaspersky.
  20. ryukensfj

    ryukensfj Newcomer, in training Topic Starter Posts: 42

    FF has been running normal since this morning... Did the first OTL do anything other than just scan and produced logs?
  21. Broni

    Broni Malware Annihilator Posts: 45,208   +243

    OTL is just a scanner. It doesn't fix anything. Unless, you ran my script already.
  22. ryukensfj

    ryukensfj Newcomer, in training Topic Starter Posts: 42

    Yeah I ran the script just now and here is the log...

    All processes killed
    ========== OTL ==========
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{DE9C389F-3316-41A7-809B-AA305ED9D922} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DE9C389F-3316-41A7-809B-AA305ED9D922}\ not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\EPSON Stylus CX8400 Series deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
    Starting removal of ActiveX control {140E4DF8-9E14-4A34-9577-C77561ED7883}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{140E4DF8-9E14-4A34-9577-C77561ED7883}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{140E4DF8-9E14-4A34-9577-C77561ED7883}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{140E4DF8-9E14-4A34-9577-C77561ED7883}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{140E4DF8-9E14-4A34-9577-C77561ED7883}\ not found.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\ not found.
    File {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found not found.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}\ not found.
    File {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found not found.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll acaptuser32.dll deleted successfully.
    64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon\ deleted successfully.
    File move failed. C:\Windows\SysNative\klogon.dll scheduled to be moved on reboot.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn\ deleted successfully.
    c:\Program Files\Common Files\logishrd\Bluetooth\LBTWLgn.dll moved successfully.
    64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3de56e3a-3093-11df-ab03-6cf04902f6e9}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3de56e3a-3093-11df-ab03-6cf04902f6e9}\ not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3de56e3a-3093-11df-ab03-6cf04902f6e9}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3de56e3a-3093-11df-ab03-6cf04902f6e9}\ not found.
    File H:\HPLauncher.exe not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H\ deleted successfully.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H\ not found.
    File H:\StartClickFreeBackup.exe not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\I\ deleted successfully.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\I\ not found.
    File I:\StartClickFreeBackup.exe not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\J\ deleted successfully.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\J\ not found.
    File J:\StartClickFreeBackup.exe not found.
    C:\Windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP\WiseCustomCalla.dll deleted successfully.
    C:\Windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP folder deleted successfully.
    ========== SERVICES/DRIVERS ==========
    ========== REGISTRY ==========
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\\DisableMonitoring deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\\ deleted successfully.
    ========== FILES ==========
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Jonathan Wu
    ->Temp folder emptied: 59401568 bytes
    ->Temporary Internet Files folder emptied: 327974 bytes
    ->Java cache emptied: 32677783 bytes
    ->FireFox cache emptied: 89740995 bytes
    ->Google Chrome cache emptied: 95974953 bytes
    ->Flash cache emptied: 18012 bytes

    User: Public

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 142388927 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67630 bytes
    RecycleBin emptied: 2051966567 bytes

    Total Files Cleaned = 2,358.00 mb


    [EMPTYFLASH]

    User: All Users

    User: Default

    User: Default User

    User: Jonathan Wu
    ->Flash cache emptied: 0 bytes

    User: Public

    Total Flash Files Cleaned = 0.00 mb


    OTL by OldTimer - Version 3.2.11.0 log created on 09022010_151149

    Files\Folders moved on Reboot...
    File move failed. C:\Windows\SysNative\klogon.dll scheduled to be moved on reboot.
    C:\Users\Jonathan Wu\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

    Registry entries deleted on Reboot...
  23. Broni

    Broni Malware Annihilator Posts: 45,208   +243

    OK, we'll finalize cleaning process and we'll go from there....

    Last scans....

    1. Download Security Check from HERE, and save it to your Desktop.
    • Double-click SecurityCheck.exe
    • Follow the onscreen instructions inside of the black box.
    • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


    2. Download Temp File Cleaner (TFC)
    • Double click on TFC.exe to run the program.
    • Click on Start button to begin cleaning process.
    • TFC will close all running programs, and it may ask you to restart computer.


    3. Please run a free online scan with the ESET Online Scanner

    • Disable your antivirus program
    • Tick the box next to YES, I accept the Terms of Use
    • IMPORTANT! UN-check Remove found threats
    • Click Start
    • Accept any security warnings from your browser.
    • Check Scan archives
    • Click Start
    • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    • When the scan completes, push List of found threats
    • Push Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  24. ryukensfj

    ryukensfj Newcomer, in training Topic Starter Posts: 42

    Security Check

    Results of screen317's Security Check version 0.99.5
    Windows 7 (UAC is disabled!)
    Internet Explorer 8
    ``````````````````````````````
    Antivirus/Firewall Check:

    Windows Firewall Disabled!
    Kaspersky Internet Security 2010
    WMI entry may not exist for antivirus; attempting automatic update.
    ```````````````````````````````
    Anti-malware/Other Utilities Check:

    Malwarebytes' Anti-Malware
    CCleaner
    Java(TM) 6 Update 21
    Adobe Flash Player 10.0.32.18
    Mozilla Firefox (3.6.8)
    ````````````````````````````````
    Process Check:
    objlist.exe by Laurent

    Kaspersky Lab Kaspersky Internet Security 2010 avp.exe
    ````````````````````````````````
    DNS Vulnerability Check:

    Request Timed Out (Wireless Internet connection/Disconnected Internet/Proxy?)

    ``````````End of Log````````````
  25. ryukensfj

    ryukensfj Newcomer, in training Topic Starter Posts: 42

    I'm trying to do the eset scanner but there is no box for # IMPORTANT! UN-check Remove found threats Should I just continue?
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.