Solved IE keeps locking up and pop-ups

Status
Not open for further replies.

keel5

Posts: 9   +0
Hi, I'm new here and needs some help. I found this site from Google search. my problem is that ever since I installed then removed a software called podmaxx my IE8 keeps locking up every other time I start it. Now, just recently I started to get ad pop-ups and some sounds that I have disabled are sounding again. I have tryed some malware programs with no luck.

Now I have followed the 8 step instructions to post it here and see if I can get some help. Thanks in advance.

Malwarebytes log:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 5193

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

11/26/2010 12:40:43 PM
mbam-log-2010-11-26 (12-40-43).txt

Scan type: Quick scan
Objects scanned: 155256
Time elapsed: 5 minute(s), 39 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
____________________________________________________

The GMER log was empty
______________________________________________________

DDs logs:


DDS (Ver_10-11-26.01) - NTFS_AMD64
Run by Bobby at 13:10:48.72 on Fri 11/26/2010
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.8183.6429 [GMT -5:00]


============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\McAfee\Anti-Theft\McPvTray.exe
C:\Program Files (x86)\ClipMate7\ClipMate.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files (x86)\Linksys\Linksys Wireless Manager\LinksysWirelessManager64.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Linksys\Linksys Updater\bin\LinksysUpdater.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Windows\system32\mfevtps.exe
c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Windows\SysWOW64\java.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\conhost.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\fxssvc.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Program Files\Common Files\McAfee\Core\mchost.exe
C:\Windows\system32\msiexec.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\syswow64\MsiExec.exe
C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
C:\Users\Bobby\AppData\Local\Temp\{e9513610-f218-4dda-b954-2c7e6ba7cabb}\IDriver.NonElevated.exe
c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Bobby\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.aolnews.com/
uSearch Bar = Preserve
uInternet Settings,ProxyOverride = *.local
mURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll
BHO: IDMIEHlprObj Class: {0055c089-8582-441b-a0bf-17b458c2a3a8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: eBay Toolbar Helper: {22d8e815-4a5e-4dfb-845e-aab64207f5bd} - C:\Program Files (x86)\eBay\eBay Toolbar2\eBayTB.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20101122065509.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
BHO: AIM Toolbar Loader: {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB: AIM Toolbar: {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
TB: eBay Toolbar: {92085ad4-f48a-450d-bd93-b28cc7df67ce} - C:\Program Files (x86)\eBay\eBay Toolbar2\eBayTB.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [ClipMate7] C:\Program Files (x86)\ClipMate7\ClipMate.exe
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Google Update] "C:\Users\Bobby\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [ISUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
mRun: [VolPanel] "C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
mRun: [LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
mRun: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [<NO NAME>]
mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\GOOGLE~1.LNK - C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files\Logitech\SetPoint\SetPoint.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
IE: eBay Search - C:\Program Files (x86)\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
IE: {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - res://C:\Program Files (x86)\ieSpell\iespell.dll/SPELLCHECK.HTM
IE: {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - res://C:\Program Files (x86)\ieSpell\iespell.dll/SPELLOPTION.HTM
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
Trusted Zone: internet
Trusted Zone: mcafee.com
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://systemrequirementslab.com.s3.amazonaws.com/iduu/bin/srldetect_intel.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15112/CTPID.cab
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll
BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL
BHO-X64: McAfee Phishing Filter - No File
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101122065509.dll
BHO-X64: scriptproxy - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
TB-X64: {61539ECD-CC67-4437-A03C-9AACCBD14326} - No File
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
mRun-x64: [Linksys Wireless Manager] "C:\Program Files (x86)\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe" /cm /min /lcid 1033
mRun-x64: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun-x64: [McPvTray] C:\Program Files\McAfee\Anti-Theft\McPvTray.exe

============= SERVICES / DRIVERS ===============

R0 DRVECDB;DRVECDB;C:\Windows\System32\drivers\DRVECDB.SYS [2010-1-7 122776]
R0 McPvDrv;McPvDrv Driver;C:\Windows\System32\drivers\McPvDrv.sys [2009-11-17 72296]
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2010-10-13 529128]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-1-7 52856]
R0 tdrpman251;Acronis Try&Decide and Restore Points filter (build 251);C:\Windows\System32\drivers\tdrpm251.sys [2010-1-10 1455648]
R1 DLARTL_E;DLARTL_E;C:\Windows\System32\drivers\DLARTL_E.SYS [2010-1-7 39288]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\System32\drivers\mfenlfk.sys [2010-11-22 75032]
R1 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2010-11-22 283360]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
R2 a2AntiMalware;Emsisoft Anti-Malware 5.0 - Service;C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [2010-11-25 2806000]
R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-9-16 169312]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-11-24 203264]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2010-1-17 90112]
R2 DLABMFSE;DLABMFSE;C:\Windows\System32\DLA\DLABMFSE.SYS [2010-1-7 44152]
R2 DLABOIOE;DLABOIOE;C:\Windows\System32\DLA\DLABOIOE.SYS [2010-1-7 41976]
R2 DLADResE;DLADResE;C:\Windows\System32\DLA\DLADResE.SYS [2010-1-7 10360]
R2 DLAIFS_E;DLAIFS_E;C:\Windows\System32\DLA\DLAIFS_E.SYS [2010-1-7 141432]
R2 DLAOPIOE;DLAOPIOE;C:\Windows\System32\DLA\DLAOPIOE.SYS [2010-1-7 33656]
R2 DLAPoolE;DLAPoolE;C:\Windows\System32\DLA\DLAPoolE.SYS [2010-1-7 18040]
R2 DLAUDF_E;DLAUDF_E;C:\Windows\System32\DLA\DLAUDF_E.SYS [2010-1-7 143096]
R2 DLAUDFAE;DLAUDFAE;C:\Windows\System32\DLA\DLAUDFAE.SYS [2010-1-7 136952]
R2 DRVEDDM;DRVEDDM;C:\Windows\System32\drivers\DRVEDDM.SYS [2010-1-7 63608]
R2 IDMWFP;IDMWFP;C:\Windows\System32\drivers\idmwfp.sys [2010-11-17 137256]
R2 LinksysUpdater;Linksys Updater;C:\Program Files (x86)\Linksys\Linksys Updater\bin\LinksysUpdater.exe [2008-11-13 204800]
R2 McMPFSvc;McAfee Personal Firewall Service;"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [2010-11-22 355440]
R2 McNaiAnn;McAfee VirusScan Announcer;"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [2010-11-22 355440]
R2 McProxy;McAfee Proxy Service;"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [2010-11-22 355440]
R2 McShield;McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2010-11-22 200056]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2010-11-22 245352]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2010-11-22 149032]
R2 SgtSch2Svc;Seagate Scheduler2 Service;C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe [2008-6-24 605464]
R3 a2acc;a2acc;C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys [2010-11-25 84752]
R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2010-8-4 7451648]
R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2010-8-4 268288]
R3 CAXHWBS2;CAXHWBS2;C:\Windows\System32\drivers\CAXHWBS2.sys [2009-6-30 411136]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2010-11-22 62800]
R3 CT20XUT.SYS;CT20XUT.SYS;C:\Windows\System32\drivers\CT20XUT.sys [2010-7-7 230488]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;C:\Windows\System32\drivers\CTEXFIFX.sys [2010-7-7 1445976]
R3 CTHWIUT.SYS;CTHWIUT.SYS;C:\Windows\System32\drivers\CTHWIUT.sys [2010-7-7 95320]
R3 ha20x22k;Creative 20X2 HAL Driver;C:\Windows\System32\drivers\ha20x22k.sys [2010-7-7 1612888]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2010-11-22 190136]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2010-11-22 441328]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2009-6-19 712704]
S1 DLACDBHE;DLACDBHE;C:\Windows\System32\drivers\DLACDBHE.SYS [2010-1-7 15992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-6 135664]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-1-14 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-1-14 79360]
S3 Creative Media Toolbox 6 Licensing Service;Creative Media Toolbox 6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe [2010-1-14 79360]
S3 CT20XUT;CT20XUT;C:\Windows\System32\drivers\CT20XUT.sys [2010-7-7 230488]
S3 CTEXFIFX;CTEXFIFX;C:\Windows\System32\drivers\CTEXFIFX.sys [2010-7-7 1445976]
S3 CTHWIUT;CTHWIUT;C:\Windows\System32\drivers\CTHWIUT.sys [2010-7-7 95320]
S3 HCW85BDA;Hauppauge WinTV 885 Video Capture;C:\Windows\System32\drivers\HCW85BDA.sys [2009-6-10 1192448]
S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-10-26 32768]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2010-11-22 94864]
S3 mferkdk;McAfee Inc. mferkdk;C:\Windows\System32\drivers\mferkdk.sys [2010-1-6 40904]
S3 mfesmfk;McAfee Inc. mfesmfk;C:\Windows\System32\drivers\mfesmfk.sys [2010-1-6 49480]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-6-23 344680]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2010-9-28 51712]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2009-9-17 1250816]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-2-24 1255736]

=============== File Associations ===============

JSEFile=NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
VBSFile=NOTEPAD.EXE %1

=============== Created Last 30 ================

2010-11-26 02:11:51 -------- d-----w- C:\Program Files (x86)\Emsisoft Anti-Malware
2010-11-26 00:59:26 -------- d-----w- C:\Users\Bobby\AppData\Roaming\Malwarebytes
2010-11-26 00:59:19 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2010-11-26 00:59:18 24664 ----a-w- C:\Windows\System32\drivers\mbam.sys
2010-11-26 00:59:18 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2010-11-26 00:59:18 -------- d-----w- C:\PROGRA~3\Malwarebytes
2010-11-22 11:55:14 -------- d-----w- C:\Program Files (x86)\McAfee.com
2010-11-22 11:55:08 9984 ----a-w- C:\Windows\System32\drivers\mfeclnk.sys
2010-11-22 11:54:54 283360 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys
2010-11-22 11:54:53 94864 ----a-w- C:\Windows\System32\drivers\mferkdet.sys
2010-11-22 11:54:53 75032 ----a-w- C:\Windows\System32\drivers\mfenlfk.sys
2010-11-22 11:54:53 62800 ----a-w- C:\Windows\System32\drivers\cfwids.sys
2010-11-22 11:54:53 441328 ----a-w- C:\Windows\System32\drivers\mfefirek.sys
2010-11-22 11:54:53 190136 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
2010-11-22 11:54:51 -------- d-----w- C:\Program Files\Common Files\McAfee
2010-11-22 11:54:50 -------- d-----w- C:\Program Files\McAfee.com
2010-11-22 11:52:45 149032 ----a-w- C:\Windows\System32\mfevtps.exe
2010-11-22 11:26:48 24416 ----a-r- C:\Windows\System32\AdobePDFUI.dll
2010-11-22 11:26:06 -------- d-----w- C:\_AcroTemp
2010-11-17 20:23:37 137256 ----a-w- C:\Windows\System32\drivers\idmwfp.sys
2010-11-16 21:39:53 -------- d-----w- C:\Program Files\iTunes
2010-11-16 21:39:53 -------- d-----w- C:\Program Files\iPod
2010-11-12 22:46:42 -------- d-----w- C:\Users\Bobby\AppData\Local\Diagnostics
2010-11-06 16:50:28 288256 ----a-w- C:\Windows\System32\MSNP.ax
2010-11-06 16:50:28 258560 ----a-w- C:\Windows\System32\mpg2splt.ax
2010-11-06 16:50:28 199680 ----a-w- C:\Windows\SysWow64\mpg2splt.ax
2010-11-06 12:23:37 8006480 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{0F3D6550-E2A4-42EB-9D53-4EC92E6C9E50}\mpengine.dll
2010-11-06 12:23:36 270720 ------w- C:\Windows\System32\MpSigStub.exe
2010-11-06 12:11:03 -------- d-----w- C:\Program Files (x86)\PC Tools Security
2010-11-06 12:06:30 -------- d-----w- C:\PROGRA~3\PC Tools
2010-11-05 23:28:57 -------- d-----w- C:\Windows\SysWow64\InstallShield Installation Information
2010-11-05 23:06:41 27008 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2010-11-04 21:11:30 511328 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\CAPICOM\CAPICOM.DLL
2010-11-04 20:37:58 469256 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\2a1b7c641cb7c6016\InstallManager_WLE_WLE.exe
2010-11-04 20:37:55 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\28ccd76e1cb7c6015\DSETUP.dll
2010-11-04 20:37:55 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\28ccd76e1cb7c6015\DXSETUP.exe
2010-11-04 20:37:54 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\27ffc06d1cb7c6014\DSETUP.dll
2010-11-04 20:37:31 -------- d-----w- C:\Users\Bobby\AppData\Local\Windows Live
2010-11-04 20:34:37 961024 ----a-w- C:\Windows\System32\CPFilters.dll
2010-11-04 20:34:37 641536 ----a-w- C:\Windows\SysWow64\CPFilters.dll
2010-11-04 20:34:37 552960 ----a-w- C:\Windows\System32\msdri.dll
2010-11-04 20:34:37 204288 ----a-w- C:\Windows\SysWow64\MSNP.ax
2010-11-02 21:57:13 -------- d-----w- C:\Users\Bobby\AppData\Local\IsolatedStorage
2010-11-02 21:56:05 -------- d-----w- C:\Users\Bobby\AppData\Roaming\Bling Software
2010-11-02 21:55:42 -------- d-----w- C:\Program Files (x86)\Podmaxx09
2010-11-02 21:55:39 -------- d-----w- C:\Program Files (x86)\AviSynth 2.5

==================== Find3M ====================

2010-10-14 23:33:48 80 --sh--r- C:\Windows\SysWow64\5984AA01EE.dll
2010-10-14 03:28:54 529128 ----a-w- C:\Windows\System32\drivers\mfehidk.sys
2010-10-14 03:28:54 121248 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys
2010-09-28 20:44:52 51712 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys
2010-09-28 20:44:52 4184352 ----a-w- C:\Windows\System32\usbaaplrc.dll
2010-09-10 05:35:44 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2010-09-10 05:35:43 347648 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2010-09-08 15:17:46 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2010-09-08 15:17:46 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2010-09-08 05:36:17 1192960 ----a-w- C:\Windows\System32\wininet.dll
2010-09-08 05:34:34 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2010-09-08 04:30:04 978432 ----a-w- C:\Windows\SysWow64\wininet.dll
2010-09-08 04:28:15 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2010-09-08 04:16:38 482816 ----a-w- C:\Windows\System32\html.iec
2010-09-08 03:35:30 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2010-09-08 03:22:31 386048 ----a-w- C:\Windows\SysWow64\html.iec
2010-09-08 02:48:16 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2010-09-01 05:12:09 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2010-09-01 04:23:49 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2010-09-01 02:58:34 3123712 ----a-w- C:\Windows\System32\win32k.sys
2010-08-31 04:32:30 954752 ----a-w- C:\Windows\SysWow64\mfc40.dll
2010-08-31 04:32:30 954288 ----a-w- C:\Windows\SysWow64\mfc40u.dll

============= FINISH: 13:11:35.00 ===============



UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-11-26.01)

Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 1/6/2010 4:15:12 PM
System Uptime: 11/26/2010 12:32:40 PM (1 hours ago)

Motherboard: ASUSTeK Computer INC. | | P7P55D
Processor: Intel(R) Core(TM) i7 CPU 860 @ 2.80GHz | LGA1156 | 2801/133mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 931 GiB total, 530.56 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is FIXED (NTFS) - 351 GiB total, 101.336 GiB free.
G: is FIXED (NTFS) - 100 GiB total, 91.625 GiB free.
H: is FIXED (FAT32) - 14 GiB total, 6.632 GiB free.
K: is Removable

==== Disabled Device Manager Items =============

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Realtek PCIe GBE Family Controller
Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_83A31043&REV_03\4&61613AC&0&00E7
Manufacturer: Realtek
Name: Realtek PCIe GBE Family Controller
PNP Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_83A31043&REV_03\4&61613AC&0&00E7
Service: RTL8167

==== System Restore Points ===================

RP172: 11/6/2010 8:23:02 AM - Windows Update
RP174: 11/6/2010 12:23:53 PM - Windows Defender Checkpoint
RP175: 11/6/2010 12:50:35 PM - Windows Update
RP176: 11/10/2010 6:32:10 PM - Windows Update
RP177: 11/17/2010 9:54:26 PM - Scheduled Checkpoint
RP178: 11/25/2010 12:09:18 AM - Scheduled Checkpoint

==== Installed Programs ======================

6400_Help
Acronis*True*Image*Home
Adobe Acrobat 9 Pro - English, Français, Deutsch
Adobe Acrobat 9.4.1 - CPSID_83708
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop Elements 7.0
Adobe Photoshop.com Inspiration Browser
Adobe Premiere Elements 7.0
Adobe Premiere Elements 7.0 Templates
AIM 7
AIM Toolbar
AMD DnD V1.0.19
Apple Application Support
Apple Software Update
ATI Catalyst Registration
BlackBerry Desktop Software 5.0.1
bpd_scan
BPDSoftware
BPDSoftware_Ini
Brother P-touch Editor 5.0
BufferChm
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center HydraVision Full
Catalyst Control Center InstallProxy
ccc-core-static
CCC Help English
ClipMate 7
Creative 3DMIDI Player
Creative ALchemy
Creative Audio Control Panel
Creative Console Launcher
Creative Diagnostics
Creative Media Toolbox 6
Creative Media Toolbox 6 (Shared Components)
Creative MediaSource 5
Creative Software AutoUpdate
Creative Sound Blaster Properties x64 Edition
Creative System Information
Creative WaveStudio 7
DesignPro 5.4 Limited Edition
Destinations
DeviceDiscovery
DivX
DocProc
Dolby Digital Live Pack
Download Updater (AOL LLC)
Emsisoft Anti-Malware 5.0
erLT
Fax
FileOpen Client
GDR 4053 for SQL Server Database Services 2005 ENU (KB970892)
Google Calendar Sync
Google Chrome
Google Earth Plug-in
Google Toolbar for Internet Explorer
Google Update Helper
GPBaseService2
HP Product Detection
HP Update
HPPhotoSmartDiscLabelContent1
HPPhotosmartEssential
HPProductAssistant
HPSSupply
HTC Driver Installer
HTC Sync
ieSpell
Intel(R) Processor ID Utility
Internet Download Manager
J6400
Java(TM) 6 Update 17
Java(TM) 6 Update 3
LimeWire 5.5.16
Linksys EasyLink Advisor
Logitech SetPoint
Malwarebytes' Anti-Malware
MapSend DirectRoute North America
MarketResearch
McAfee Total Protection
McAfee Virtual Technician
Microsoft .NET Framework 1.1
Microsoft Choice Guard
Microsoft Office 2003 Web Components
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Accounting 2007
Microsoft Office Accounting ADP Payroll Addin
Microsoft Office Accounting Equifax Addin
Microsoft Office Accounting Fixed Asset Manager
Microsoft Office Accounting PayPal Addin
Microsoft Office Excel MUI (English) 2007
Microsoft Office Live Add-in 1.5
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Small Business Connectivity Components
Microsoft Office Word MUI (English) 2007
Microsoft Outlook Personal Folders Backup
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server Setup Support Files (English)
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
Microsoft Works 6-9 Converter
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
OpenAL
PC Probe II
PCsync
PhotoshopdotcomInspirationBrowser
Platform
PowerDVD
ProductContext
Pure Networks Platform
QuickTime
Realtek 8136 8168 8169 Ethernet Driver
Roxio Content 9
Roxio Media Manager
Scan
Security Task Manager 1.7h
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office Outlook 2007 (KB2288953)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB982124)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
SmartSound Quicktracks for Premiere Elements
SmartWebPrinting
SolSuite 2010 v10.7
SolutionCenter
Sound Blaster X-Fi
SoundFont Bank Manager
Status
System Requirements Lab for Intel
Toolbox
TrayApp
TuneUp Companion 1.9.0
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2443839)
VIA Platform Device Manager
WebEx Support Manager for Internet Explorer
WebReg
Windows Live Communications Platform
Windows Live Essentials
Windows Live Movie Maker
Windows Live OneCare safety scanner
Windows Live Photo Gallery
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
WinWay Resume Deluxe
WModem Driver Installer
Xingtone Ringtone Maker
Yahoo! Toolbar

==== Event Viewer Messages From Past Week ========

11/26/2010 9:13:28 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: FileDisk
11/26/2010 9:12:38 AM, Error: Application Popup [1060] - \SystemRoot\SysWow64\Drivers\FileDisk.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
11/26/2010 5:45:07 AM, Error: Service Control Manager [7022] - The SQL Server Browser service hung on starting.
11/26/2010 12:33:50 PM, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: {E9513610-F218-4DDA-B954-2C7E6BA7CABB} as /. The error: "740" Happened while starting this command: C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe -Embedding
11/26/2010 12:33:42 PM, Error: Service Control Manager [7023] - The Power service terminated with the following error: The WMI request could not be completed and should be retried.
11/26/2010 12:33:42 PM, Error: Service Control Manager [7000] - The tandpl service failed to start due to the following error: This driver has been blocked from loading
11/26/2010 12:33:42 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\drivers\tandpl.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
11/26/2010 12:33:41 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Roxio Hard Drive Watcher 9 service to connect.
11/26/2010 12:33:08 PM, Error: Service Control Manager [7000] - The enodpl service failed to start due to the following error: This driver has been blocked from loading
11/26/2010 12:33:08 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\drivers\enodpl.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
11/26/2010 12:32:50 PM, Error: Application Popup [876] - Driver DLACDBHE.SYS has been blocked from loading.
11/26/2010 12:28:56 PM, Error: Service Control Manager [7031] - The Emsisoft Anti-Malware 5.0 - Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
11/26/2010 12:00:38 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer BILLCARDONA-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{4DB36477-24C5-4C00-B410-D7BDFB849D0B}. The master browser is stopping or an election is being forced.
11/26/2010 1:08:13 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\SystemRoot\System32\Config\RegBack\SYSTEM' was corrupted and it has been recovered. Some data might have been lost.
11/25/2010 8:55:07 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff80002e5d7e7, 0x0000000000000000, 0x000007fffffa0000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 112510-24507-01.
11/23/2010 9:44:25 PM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.102. The computer with the IP address 192.168.1.107 did not allow the name to be claimed by this computer.
11/22/2010 6:46:04 AM, Error: Service Control Manager [7003] - The McAfee Firewall Core Service service depends the following service: mfevtp. This service might not be installed.
11/22/2010 6:46:04 AM, Error: Service Control Manager [7001] - The McAfee Anti-Spam Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service does not exist or has been marked for deletion.
11/22/2010 6:46:03 AM, Error: Service Control Manager [7001] - The McAfee Personal Firewall Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service does not exist or has been marked for deletion.
11/22/2010 6:42:07 AM, Error: Service Control Manager [7003] - The McShield service depends the following service: mfevtp. This service might not be installed.
11/22/2010 6:36:01 AM, Error: Service Control Manager [7001] - The McAfee Network Agent service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service does not exist or has been marked for deletion.
11/22/2010 6:33:55 AM, Error: Service Control Manager [7001] - The McAfee Proxy Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service does not exist or has been marked for deletion.

==== End Of File ===========================


Good luck with all that.

I really apreciate any help I get. I you need more let me know.

Bobby
 
Download MBRCheck to your desktop

Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run as Administrator).
It will show a black screen with some data on it.
Enter N to exit.
A report called MBRcheckxxxx.txt will be on your desktop
Open this report and post its content in your next reply.

====================================================================

Download SUPERAntiSpyware Free for Home Users:
http://www.superantispyware.com/


  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here: http://www.superantispyware.com/definitions.html.)
  • Close SUPERAntiSpyware.
Restart computer in Safe Mode.
To enter Safe Mode, restart computer, and keep tapping F8 key, until menu appears; pick Safe Mode; you'll see "Safe Mode" in all four corners of your screen

  • Open SUPERAntiSpyware.
  • Under "Configuration and Preferences", click the Preferences button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.

Post SUPERAntiSpyware log.
 
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: (build 7600), 64-bit
Base Board Manufacturer: ASUSTeK Computer INC.
BIOS Manufacturer: American Megatrends Inc.
System Manufacturer: System manufacturer
System Product Name: System Product Name
Logical Drives Mask: 0x000004fc

Kernel Drivers (total 242):
0x02E55000 \SystemRoot\system32\ntoskrnl.exe
0x02E0C000 \SystemRoot\system32\hal.dll
0x00BCF000 \SystemRoot\system32\kdcom.dll
0x00CD2000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00D16000 \SystemRoot\system32\PSHED.dll
0x00D2A000 \SystemRoot\system32\CLFS.SYS
0x00C00000 \SystemRoot\system32\CI.dll
0x00E2E000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00ED2000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00EE1000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x00F38000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x00F41000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x00F4B000 \SystemRoot\system32\DRIVERS\pci.sys
0x00F7E000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x00F8B000 \SystemRoot\System32\drivers\partmgr.sys
0x00FA0000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00FA9000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00FB5000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x00D88000 \SystemRoot\System32\drivers\volmgrx.sys
0x00FCA000 \SystemRoot\system32\DRIVERS\pciide.sys
0x00FD1000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x00FE1000 \SystemRoot\System32\drivers\mountmgr.sys
0x01041000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x0115D000 \SystemRoot\system32\DRIVERS\atapi.sys
0x01166000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x01190000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x0119B000 \SystemRoot\system32\drivers\fltmgr.sys
0x011E7000 \SystemRoot\system32\drivers\fileinfo.sys
0x012A9000 \SystemRoot\system32\drivers\mfehidk.sys
0x01328000 \SystemRoot\System32\Drivers\DRVECDB.SYS
0x01345000 \SystemRoot\System32\Drivers\PxHlpa64.sys
0x0141B000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01351000 \SystemRoot\System32\Drivers\msrpc.sys
0x015BE000 \SystemRoot\System32\Drivers\ksecdd.sys
0x01200000 \SystemRoot\System32\Drivers\cng.sys
0x015D8000 \SystemRoot\System32\drivers\pcw.sys
0x015E9000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x01620000 \SystemRoot\system32\drivers\ndis.sys
0x01712000 \SystemRoot\system32\drivers\NETIO.SYS
0x01772000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x018AA000 \SystemRoot\system32\DRIVERS\timntr.sys
0x0198F000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x01A11000 \SystemRoot\system32\DRIVERS\tdrpm251.sys
0x01B77000 \SystemRoot\System32\Drivers\spldr.sys
0x01B7F000 \SystemRoot\system32\DRIVERS\snapman.sys
0x01BBE000 \SystemRoot\System32\drivers\rdyboost.sys
0x019DB000 \SystemRoot\System32\Drivers\mup.sys
0x01800000 \SystemRoot\system32\drivers\McPvDrv.sys
0x01A00000 \SystemRoot\System32\drivers\hwpolicy.sys
0x01818000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x01852000 \SystemRoot\system32\DRIVERS\disk.sys
0x01868000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x043D0000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x04200000 \SystemRoot\System32\Drivers\Null.SYS
0x04209000 \SystemRoot\System32\Drivers\Beep.SYS
0x04210000 \SystemRoot\System32\Drivers\DLARTL_E.SYS
0x04218000 \SystemRoot\System32\drivers\vga.sys
0x04226000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x0424B000 \SystemRoot\System32\drivers\watchdog.sys
0x0425B000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x04264000 \SystemRoot\system32\drivers\rdpencdd.sys
0x0426D000 \SystemRoot\system32\drivers\rdprefmp.sys
0x04276000 \SystemRoot\System32\Drivers\Msfs.SYS
0x04281000 \SystemRoot\System32\Drivers\Npfs.SYS
0x04403000 \SystemRoot\System32\drivers\tcpip.sys
0x0179D000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x013AF000 \SystemRoot\system32\drivers\mfewfpk.sys
0x04292000 \SystemRoot\system32\drivers\TDI.SYS
0x01600000 \SystemRoot\system32\DRIVERS\tdx.sys
0x0469B000 \SystemRoot\System32\DRIVERS\netbt.sys
0x046E0000 \SystemRoot\system32\drivers\afd.sys
0x0476A000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x04773000 \SystemRoot\system32\DRIVERS\pacer.sys
0x04799000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x047AF000 \SystemRoot\system32\DRIVERS\mfenlfk.sys
0x047C0000 \SystemRoot\system32\DRIVERS\netbios.sys
0x047CF000 \SystemRoot\system32\DRIVERS\serial.sys
0x04600000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x0461B000 \SystemRoot\system32\DRIVERS\termdd.sys
0x0462F000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x04680000 \SystemRoot\system32\drivers\nsiproxy.sys
0x0468C000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x047EC000 \SystemRoot\System32\drivers\discache.sys
0x01273000 \SystemRoot\System32\Drivers\dfsc.sys
0x019ED000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x043FA000 \SystemRoot\SysWow64\drivers\AsIO.sys
0x01000000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x017E7000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x04C4D000 \SystemRoot\system32\DRIVERS\atikmpag.sys
0x04E07000 \SystemRoot\system32\DRIVERS\atikmdag.sys
0x04C94000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x05575000 \SystemRoot\System32\Drivers\fastfat.SYS
0x055AB000 \SystemRoot\System32\drivers\dxgmms1.sys
0x04D88000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x04DAC000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x058FD000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x05953000 \SystemRoot\system32\drivers\ctaud2k.sys
0x05800000 \SystemRoot\system32\drivers\portcls.sys
0x0583D000 \SystemRoot\system32\drivers\drmk.sys
0x0585F000 \SystemRoot\system32\drivers\ks.sys
0x058A2000 \SystemRoot\system32\drivers\ctoss2k.sys
0x058D3000 \SystemRoot\system32\drivers\ctprxy2k.sys
0x058DB000 \SystemRoot\system32\drivers\ksthunk.sys
0x05A96000 \SystemRoot\system32\DRIVERS\netr28x.sys
0x05B4C000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x05B59000 \SystemRoot\system32\DRIVERS\CAXHWBS2.sys
0x05C32000 \SystemRoot\system32\DRIVERS\CAX_DPV.sys
0x05ED6000 \SystemRoot\system32\DRIVERS\CAX_CNXT.sys
0x05FA1000 \SystemRoot\system32\drivers\modem.sys
0x05FB0000 \SystemRoot\system32\DRIVERS\1394ohci.sys
0x05FEE000 \SystemRoot\system32\DRIVERS\ASACPI.sys
0x05E00000 \SystemRoot\system32\DRIVERS\serenum.sys
0x05E0C000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x05E2A000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x05E3C000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x05E4C000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x05E55000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x05E65000 \SystemRoot\System32\Drivers\RootMdm.sys
0x05E6D000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x05E83000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x05EA7000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x05DA6000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x05EB3000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x05DD5000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x05C00000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x05ECE000 \SystemRoot\system32\DRIVERS\RimSerial_AMD64.sys
0x05C1A000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x05FF6000 \SystemRoot\system32\DRIVERS\swenum.sys
0x05BC9000 \SystemRoot\system32\DRIVERS\umbus.sys
0x062B1000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x0705F000 \SystemRoot\system32\drivers\ha20x22k.sys
0x07000000 \SystemRoot\system32\drivers\emupia2k.sys
0x0630B000 \SystemRoot\system32\drivers\ctsfm2k.sys
0x0704A000 \SystemRoot\system32\drivers\MODEMCSA.sys
0x06343000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x06358000 \SystemRoot\system32\drivers\AtiHdmi.sys
0x06379000 \SystemRoot\System32\drivers\CTHWIUT.SYS
0x06395000 \SystemRoot\System32\drivers\CT20XUT.SYS
0x07885000 \SystemRoot\System32\drivers\CTEXFIFX.SYS
0x07800000 \SystemRoot\system32\drivers\mfeavfk.sys
0x06200000 \SystemRoot\system32\drivers\mfefirek.sys
0x00050000 \SystemRoot\System32\win32k.sys
0x0782D000 \SystemRoot\System32\drivers\Dxapi.sys
0x07839000 \SystemRoot\System32\Drivers\crashdmp.sys
0x0429F000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x07847000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x0785A000 \SystemRoot\system32\DRIVERS\monitor.sys
0x005C0000 \SystemRoot\System32\TSDDD.dll
0x07868000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x079E9000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x079EB000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x0626A000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x071EC000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x06283000 \SystemRoot\system32\DRIVERS\LHidFilt.Sys
0x06296000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x063D2000 \SystemRoot\system32\DRIVERS\LMouFilt.Sys
0x00620000 \SystemRoot\System32\cdd.dll
0x071F5000 \SystemRoot\system32\DRIVERS\HidBatt.sys
0x063E6000 \SystemRoot\system32\DRIVERS\usbscan.sys
0x062A3000 \SystemRoot\system32\DRIVERS\usbprint.sys
0x05BDB000 \SystemRoot\system32\DRIVERS\dot4usb.sys
0x05A00000 \SystemRoot\system32\DRIVERS\Dot4.sys
0x058E1000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0x05DF6000 \SystemRoot\system32\DRIVERS\Dot4Prt.sys
0x04DBD000 \SystemRoot\system32\drivers\luafv.sys
0x05A28000 \SystemRoot\System32\Drivers\DRVEDDM.SYS
0x04DE0000 \??\C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys
0x04C00000 \SystemRoot\system32\DRIVERS\tifsfilt.sys
0x079F9000 \SystemRoot\System32\DLA\DLADResE.SYS
0x04C17000 \SystemRoot\System32\DLA\DLAIFS_E.SYS
0x07057000 \SystemRoot\System32\DLA\DLAOPIOE.SYS
0x079FA000 \SystemRoot\System32\DLA\DLAPoolE.SYS
0x00E00000 \SystemRoot\system32\drivers\WudfPf.sys
0x05A36000 \SystemRoot\System32\DLA\DLABMFSE.SYS
0x063F7000 \SystemRoot\System32\DLA\DLABOIOE.SYS
0x03E55000 \SystemRoot\System32\DLA\DLAUDFAE.SYS
0x03E75000 \SystemRoot\System32\DLA\DLAUDF_E.SYS
0x03E97000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x03EAC000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x03EFF000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x03F12000 \SystemRoot\system32\DRIVERS\pnarp.sys
0x03F1E000 \SystemRoot\system32\DRIVERS\purendis.sys
0x03F2A000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x07ADA000 \SystemRoot\system32\drivers\HTTP.sys
0x07BA2000 \SystemRoot\system32\DRIVERS\bowser.sys
0x07BC0000 \SystemRoot\System32\drivers\mpsdrv.sys
0x07A00000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x07A2D000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x07A7B000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x07A9E000 \SystemRoot\system32\DRIVERS\idmwfp.sys
0x07AC2000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
0x03F42000 \SystemRoot\system32\drivers\peauth.sys
0x07AC7000 \SystemRoot\System32\Drivers\secdrv.SYS
0x03E00000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x07BD8000 \SystemRoot\System32\drivers\tcpipreg.sys
0x0A884000 \SystemRoot\System32\DRIVERS\srv2.sys
0x0A8EB000 \SystemRoot\System32\DRIVERS\srv.sys
0x0A981000 \SystemRoot\system32\drivers\cfwids.sys
0x0A98F000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0x0A871000 \SystemRoot\system32\DRIVERS\asyncmac.sys
0x0A9DC000 \SystemRoot\system32\drivers\mfeapfk.sys
0x0A800000 \SystemRoot\system32\DRIVERS\Rt64win7.sys
0x775B0000 \Windows\System32\ntdll.dll
0x475E0000 \Windows\System32\smss.exe
0xFF8D0000 \Windows\System32\apisetschema.dll
0xFF820000 \Windows\System32\autochk.exe
0xFF740000 \Windows\System32\urlmon.dll
0xFF670000 \Windows\System32\usp10.dll
0x77780000 \Windows\System32\normaliz.dll
0xFF490000 \Windows\System32\setupapi.dll
0xFF410000 \Windows\System32\difxapi.dll
0xFF370000 \Windows\System32\msvcrt.dll
0xFF290000 \Windows\System32\advapi32.dll
0xFF220000 \Windows\System32\gdi32.dll
0xFF1A0000 \Windows\System32\shlwapi.dll
0xFF100000 \Windows\System32\clbcatq.dll
0xFE370000 \Windows\System32\shell32.dll
0xFE160000 \Windows\System32\ole32.dll
0xFE080000 \Windows\System32\oleaut32.dll
0xFE070000 \Windows\System32\lpk.dll
0x77490000 \Windows\System32\kernel32.dll
0x77770000 \Windows\System32\psapi.dll
0xFDF40000 \Windows\System32\rpcrt4.dll
0x77390000 \Windows\System32\user32.dll
0xFDF20000 \Windows\System32\imagehlp.dll
0xFDED0000 \Windows\System32\Wldap32.dll
0xFDE80000 \Windows\System32\ws2_32.dll
0xFDD50000 \Windows\System32\wininet.dll
0xFDCB0000 \Windows\System32\comdlg32.dll
0xFDA50000 \Windows\System32\iertutil.dll
0xFD940000 \Windows\System32\msctf.dll
0xFD930000 \Windows\System32\nsi.dll
0xFD900000 \Windows\System32\imm32.dll
0xFD8E0000 \Windows\System32\sechost.dll
0xFD8A0000 \Windows\System32\wintrust.dll
0xFD830000 \Windows\System32\KernelBase.dll
0xFD7F0000 \Windows\System32\cfgmgr32.dll
0xFD7D0000 \Windows\System32\devobj.dll
0xFD660000 \Windows\System32\crypt32.dll
0xFD5C0000 \Windows\System32\comctl32.dll
0xFD5B0000 \Windows\System32\msasn1.dll
0x75360000 \Windows\SysWOW64\normaliz.dll

Processes (total 97):
0 System Idle Process
4 System
572 C:\Windows\System32\smss.exe
888 csrss.exe
956 C:\Windows\System32\wininit.exe
972 csrss.exe
140 C:\Windows\System32\winlogon.exe
596 C:\Windows\System32\services.exe
648 C:\Windows\System32\lsass.exe
672 C:\Windows\System32\lsm.exe
908 C:\Windows\System32\svchost.exe
1060 C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
1216 C:\Windows\System32\svchost.exe
1280 C:\Windows\System32\atiesrxx.exe
1360 C:\Windows\System32\svchost.exe
1424 C:\Windows\System32\svchost.exe
1472 C:\Windows\System32\svchost.exe
1580 C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
1616 C:\Windows\System32\svchost.exe
1640 C:\Windows\System32\atieclxx.exe
1748 C:\Windows\System32\svchost.exe
1224 C:\Windows\System32\spoolsv.exe
1668 C:\Windows\System32\taskhost.exe
1700 C:\Windows\System32\dwm.exe
2004 C:\Windows\System32\svchost.exe
1496 C:\Windows\explorer.exe
2224 C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
2308 C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
2568 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
2576 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
2652 C:\Program Files\McAfee\Anti-Theft\McPvTray.exe
2660 C:\Program Files (x86)\ClipMate7\ClipMate.exe
2668 C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
2708 C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
2716 C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
2780 C:\Program Files (x86)\Linksys\Linksys Wireless Manager\LinksysWirelessManager64.exe
2832 C:\Program Files (x86)\Bonjour\mDNSResponder.exe
2108 C:\Windows\SysWOW64\svchost.exe
2564 C:\Program Files (x86)\Linksys\Linksys Updater\bin\LinksysUpdater.exe
2788 C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
2680 C:\Windows\System32\mfevtps.exe
2984 C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
2764 C:\Windows\SysWOW64\java.exe
2140 C:\Windows\System32\svchost.exe
2348 C:\Windows\System32\conhost.exe
3128 C:\Windows\System32\svchost.exe
3188 C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
3280 C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
3320 C:\Program Files\Logitech\SetPoint\SetPoint.exe
3568 C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
3648 C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
3656 C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
3680 C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe
3704 C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
3720 C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
3736 C:\Program Files (x86)\iTunes\iTunesHelper.exe
3744 C:\Program Files\McAfee.com\Agent\mcagent.exe
3852 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
3480 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
4408 C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
4444 C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
4484 C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
4528 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
4572 C:\Windows\System32\svchost.exe
4668 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
4832 C:\Windows\System32\FXSSVC.exe
5012 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
5084 C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
4324 C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
4456 C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
4960 C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
5248 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
5380 C:\Program Files\iPod\bin\iPodService.exe
5500 C:\Windows\System32\SearchIndexer.exe
5840 C:\Windows\System32\svchost.exe
6008 C:\Windows\System32\svchost.exe
6028 WUDFHost.exe
6208 C:\Windows\System32\svchost.exe
7092 C:\Windows\System32\svchost.exe
6744 dllhost.exe
2584 C:\Program Files\Common Files\McAfee\Core\mchost.exe
5456 C:\Program Files\Common Files\McAfee\Core\mchost.exe
324 C:\Program Files (x86)\eBay\eBay Toolbar2\eBayTBDaemon.exe
1628 C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_ActiveX.exe
7444 C:\Windows\System32\audiodg.exe
7324 WmiPrvSE.exe
2360 C:\Windows\System32\SearchProtocolHost.exe
7912 C:\Windows\System32\SearchFilterHost.exe
7756 C:\Windows\System32\msiexec.exe
7652 C:\Windows\SysWOW64\msiexec.exe
1920 C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
7952 C:\Users\Bobby\AppData\Local\Temp\{e9513610-f218-4dda-b954-2c7e6ba7cabb}\IDriver.NonElevated.exe
3688 dllhost.exe
4988 dllhost.exe
8184 C:\Users\Bobby\Desktop\MBRCheck.exe
7376 C:\Windows\System32\conhost.exe
8048 C:\Windows\System32\dllhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`06500000 (NTFS)
\\.\F: --> \\.\PhysicalDrive1 at offset 0x00000003`86166000 (NTFS)
\\.\G: --> \\.\PhysicalDrive1 at offset 0x0000005b`543e9000 (NTFS)
\\.\H: --> \\.\PhysicalDrive1 at offset 0x00000000`00007e00 (FAT32)

PhysicalDrive0 Model Number:
PhysicalDrive1 Model Number: ST3500418AS, Rev: CC38

Size Device Name MBR Status
--------------------------------------------
931 GB \\.\PhysicalDrive0 MBR Code Faked!
SHA1: 1BB72AA843C54C64E74C9F6C9BD22FA2AFA08966
465 GB \\.\PhysicalDrive1 Unknown MBR code
SHA1: 98DFD9F1A89F78E429B3B2BDD871ADDDE473BA50


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Done!
=====================================================

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 11/26/2010 at 05:23 PM

Application Version : 4.46.1000

Core Rules Database Version : 5918
Trace Rules Database Version: 3730

Scan type : Complete Scan
Total Scan Time : 01:00:51

Memory items scanned : 405
Memory threats detected : 0
Registry items scanned : 16453
Registry threats detected : 0
File items scanned : 177598
File threats detected : 0
 
We have some MBR problem, which needs to be addressed.

Please download NTBR by noahdfear and save it to your Desktop.
File size: 2.44 MB (2,565,432 bytes)

  • Place a blank CD in your CD drive.
  • Double click on NTBR_CD.exe file and a folder of the same name will appear.
  • Open the folder and double click on BurnItCD.cmd file. If your CD drive will open, simply close it back.
  • Follow the prompts to burn the CD.
  • Now you will need to set the CD-Rom as first boot device if it isn't already (if you don't know how to do it, see HERE)
  • If you have any questions about this step, ask before you proceed. If you enter the BIOS and are unsure if you have carried out the step correctly, there should be an option to exit without keeping changes, so you won't do any harm.
  • Insert the newly created CD into your infected PC and reboot your computer.
  • Once you have rebooted please press Enter when prompted to continue booting from CD - you have a whole 15 seconds to do this!
  • Read the warning and then continue as prompted.
  • You first need to select your keyboard layout - press Enter for English.
  • Next you want to select the appropriate tool. Enter 1 to choose 1. MBRWORK
  • On the following screen enter 5 to select Install Standard MBR code.
  • Enter 2 to overwrite the infected MBR Code with the Windows 7 MBR code.
  • When asked to confirm please do so.
  • Afterwards, please enter E to leave MBRWORK, then 6 to leave the bootable CD.
  • Eject the disc and then press ctrl+alt+del to reboot the PC.
Once rebooted, run MBRCheck again and post its log.
 
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: (build 7600), 64-bit
Base Board Manufacturer: ASUSTeK Computer INC.
BIOS Manufacturer: American Megatrends Inc.
System Manufacturer: System manufacturer
System Product Name: System Product Name
Logical Drives Mask: 0x000004fc

Kernel Drivers (total 243):
0x0304A000 \SystemRoot\system32\ntoskrnl.exe
0x03001000 \SystemRoot\system32\hal.dll
0x00BAD000 \SystemRoot\system32\kdcom.dll
0x00CA6000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00CEA000 \SystemRoot\system32\PSHED.dll
0x00CFE000 \SystemRoot\system32\CLFS.SYS
0x00E30000 \SystemRoot\system32\CI.dll
0x00EF0000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00F94000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00FA3000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x00E00000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x00E09000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x00D5C000 \SystemRoot\system32\DRIVERS\pci.sys
0x00E13000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x00D8F000 \SystemRoot\System32\drivers\partmgr.sys
0x00E20000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00DA4000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00DB0000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x00C00000 \SystemRoot\System32\drivers\volmgrx.sys
0x00E29000 \SystemRoot\system32\DRIVERS\pciide.sys
0x00C5C000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x00C6C000 \SystemRoot\System32\drivers\mountmgr.sys
0x0102D000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x01149000 \SystemRoot\system32\DRIVERS\atapi.sys
0x01152000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x0117C000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x01187000 \SystemRoot\system32\drivers\fltmgr.sys
0x011D3000 \SystemRoot\system32\drivers\fileinfo.sys
0x0120C000 \SystemRoot\system32\drivers\mfehidk.sys
0x0128B000 \SystemRoot\System32\Drivers\DRVECDB.SYS
0x012A8000 \SystemRoot\System32\Drivers\PxHlpa64.sys
0x01437000 \SystemRoot\System32\Drivers\Ntfs.sys
0x012B4000 \SystemRoot\System32\Drivers\msrpc.sys
0x015DA000 \SystemRoot\System32\Drivers\ksecdd.sys
0x01312000 \SystemRoot\System32\Drivers\cng.sys
0x01400000 \SystemRoot\System32\drivers\pcw.sys
0x01411000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x016FA000 \SystemRoot\system32\drivers\ndis.sys
0x01600000 \SystemRoot\system32\drivers\NETIO.SYS
0x01660000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x018D8000 \SystemRoot\system32\DRIVERS\timntr.sys
0x01800000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x01A53000 \SystemRoot\system32\DRIVERS\tdrpm251.sys
0x01BB9000 \SystemRoot\System32\Drivers\spldr.sys
0x01BC1000 \SystemRoot\system32\DRIVERS\snapman.sys
0x01A00000 \SystemRoot\System32\drivers\rdyboost.sys
0x01A3A000 \SystemRoot\System32\Drivers\mup.sys
0x0184C000 \SystemRoot\system32\drivers\McPvDrv.sys
0x01864000 \SystemRoot\System32\drivers\hwpolicy.sys
0x0186D000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x018A7000 \SystemRoot\system32\DRIVERS\disk.sys
0x019BD000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x02F6B000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x02F98000 \SystemRoot\System32\Drivers\Null.SYS
0x02FA1000 \SystemRoot\System32\Drivers\Beep.SYS
0x02FA8000 \SystemRoot\System32\Drivers\DLARTL_E.SYS
0x02FB0000 \SystemRoot\System32\drivers\vga.sys
0x02FBE000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x02FE3000 \SystemRoot\System32\drivers\watchdog.sys
0x02FF3000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x02E00000 \SystemRoot\system32\drivers\rdpencdd.sys
0x02E09000 \SystemRoot\system32\drivers\rdprefmp.sys
0x02E12000 \SystemRoot\System32\Drivers\Msfs.SYS
0x02E1D000 \SystemRoot\System32\Drivers\Npfs.SYS
0x03E03000 \SystemRoot\System32\drivers\tcpip.sys
0x0168B000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x01385000 \SystemRoot\system32\drivers\mfewfpk.sys
0x02E2E000 \SystemRoot\system32\drivers\TDI.SYS
0x016D5000 \SystemRoot\system32\DRIVERS\tdx.sys
0x04423000 \SystemRoot\System32\DRIVERS\netbt.sys
0x04468000 \SystemRoot\system32\drivers\afd.sys
0x044F2000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x044FB000 \SystemRoot\system32\DRIVERS\pacer.sys
0x04521000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x04537000 \SystemRoot\system32\DRIVERS\mfenlfk.sys
0x04548000 \SystemRoot\system32\DRIVERS\netbios.sys
0x04557000 \SystemRoot\system32\DRIVERS\serial.sys
0x04574000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x0458F000 \SystemRoot\system32\DRIVERS\termdd.sys
0x045A3000 \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
0x045AD000 \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
0x0464B000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x0469C000 \SystemRoot\system32\drivers\nsiproxy.sys
0x046A8000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x046B3000 \SystemRoot\System32\drivers\discache.sys
0x046C2000 \SystemRoot\System32\Drivers\dfsc.sys
0x046E0000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x046F1000 \SystemRoot\SysWow64\drivers\AsIO.sys
0x046F7000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x0471D000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x04733000 \SystemRoot\system32\DRIVERS\atikmpag.sys
0x04C16000 \SystemRoot\system32\DRIVERS\atikmdag.sys
0x0542C000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x05520000 \SystemRoot\System32\Drivers\fastfat.SYS
0x05556000 \SystemRoot\System32\drivers\dxgmms1.sys
0x0559C000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x055C0000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x05384000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x0580F000 \SystemRoot\system32\drivers\ctaud2k.sys
0x058B8000 \SystemRoot\system32\drivers\portcls.sys
0x058F5000 \SystemRoot\system32\drivers\drmk.sys
0x05917000 \SystemRoot\system32\drivers\ks.sys
0x0595A000 \SystemRoot\system32\drivers\ctoss2k.sys
0x0598B000 \SystemRoot\system32\drivers\ctprxy2k.sys
0x05993000 \SystemRoot\system32\drivers\ksthunk.sys
0x05999000 \SystemRoot\system32\DRIVERS\Rt64win7.sys
0x0A832000 \SystemRoot\system32\DRIVERS\netr28x.sys
0x0A8E8000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x0A8F5000 \SystemRoot\system32\DRIVERS\CAXHWBS2.sys
0x0AE80000 \SystemRoot\system32\DRIVERS\CAX_DPV.sys
0x0ACDA000 \SystemRoot\system32\DRIVERS\CAX_CNXT.sys
0x0ADA5000 \SystemRoot\system32\drivers\modem.sys
0x0ADB4000 \SystemRoot\system32\DRIVERS\1394ohci.sys
0x0ADF2000 \SystemRoot\system32\DRIVERS\ASACPI.sys
0x0AC00000 \SystemRoot\system32\DRIVERS\serenum.sys
0x0AC0C000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x0AC2A000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x0AC3C000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x0AC4C000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x0AC55000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x0AC65000 \SystemRoot\System32\Drivers\RootMdm.sys
0x0AC6D000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x0AC83000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x0ACA7000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x0AE00000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x0ACB3000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x0AE2F000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x0AE50000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x0ACCE000 \SystemRoot\system32\DRIVERS\RimSerial_AMD64.sys
0x0AE6A000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x0ACD6000 \SystemRoot\system32\DRIVERS\swenum.sys
0x0A965000 \SystemRoot\system32\DRIVERS\umbus.sys
0x0A977000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x06A47000 \SystemRoot\system32\drivers\ha20x22k.sys
0x06BD4000 \SystemRoot\system32\drivers\MODEMCSA.sys
0x0477A000 \SystemRoot\system32\drivers\emupia2k.sys
0x06A00000 \SystemRoot\system32\drivers\ctsfm2k.sys
0x06BE1000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x0A9D1000 \SystemRoot\system32\drivers\AtiHdmi.sys
0x0A800000 \SystemRoot\System32\drivers\CTHWIUT.SYS
0x04600000 \SystemRoot\System32\drivers\CT20XUT.SYS
0x06E3C000 \SystemRoot\System32\drivers\CTEXFIFX.SYS
0x06FA0000 \SystemRoot\system32\drivers\mfeavfk.sys
0x070A1000 \SystemRoot\system32\drivers\mfefirek.sys
0x0710B000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x07128000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x07145000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x07147000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x07155000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x0716E000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x07177000 \SystemRoot\system32\DRIVERS\LHidFilt.Sys
0x0718A000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x07197000 \SystemRoot\system32\DRIVERS\LMouFilt.Sys
0x00010000 \SystemRoot\System32\win32k.sys
0x071AB000 \SystemRoot\System32\drivers\Dxapi.sys
0x071B7000 \SystemRoot\System32\Drivers\crashdmp.sys
0x02E3B000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x071C5000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x071D8000 \SystemRoot\system32\DRIVERS\HidBatt.sys
0x071E3000 \SystemRoot\system32\DRIVERS\usbscan.sys
0x071F4000 \SystemRoot\system32\DRIVERS\usbprint.sys
0x07000000 \SystemRoot\system32\DRIVERS\dot4usb.sys
0x07010000 \SystemRoot\system32\DRIVERS\Dot4.sys
0x07038000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0x07053000 \SystemRoot\system32\DRIVERS\Dot4Prt.sys
0x0705D000 \SystemRoot\system32\DRIVERS\monitor.sys
0x00450000 \SystemRoot\System32\TSDDD.dll
0x00620000 \SystemRoot\System32\cdd.dll
0x0706B000 \SystemRoot\system32\drivers\luafv.sys
0x0708E000 \SystemRoot\System32\Drivers\DRVEDDM.SYS
0x06FCD000 \??\C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys
0x06FE4000 \SystemRoot\system32\DRIVERS\tifsfilt.sys
0x0709C000 \SystemRoot\System32\DLA\DLADResE.SYS
0x06E00000 \SystemRoot\System32\DLA\DLAIFS_E.SYS
0x06E21000 \SystemRoot\System32\DLA\DLAOPIOE.SYS
0x0709D000 \SystemRoot\System32\DLA\DLAPoolE.SYS
0x055D1000 \SystemRoot\system32\drivers\WudfPf.sys
0x06E28000 \SystemRoot\System32\DLA\DLABMFSE.SYS
0x06E32000 \SystemRoot\System32\DLA\DLABOIOE.SYS
0x05400000 \SystemRoot\System32\DLA\DLAUDFAE.SYS
0x053DA000 \SystemRoot\System32\DLA\DLAUDF_E.SYS
0x0A81C000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x048CC000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x0491F000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x04932000 \SystemRoot\system32\DRIVERS\pnarp.sys
0x0493E000 \SystemRoot\system32\DRIVERS\purendis.sys
0x0494A000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x04800000 \SystemRoot\system32\drivers\HTTP.sys
0x04962000 \SystemRoot\system32\DRIVERS\bowser.sys
0x04980000 \SystemRoot\System32\drivers\mpsdrv.sys
0x04998000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x076EB000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x07739000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x0775C000 \SystemRoot\system32\DRIVERS\idmwfp.sys
0x07780000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
0x07600000 \SystemRoot\system32\drivers\peauth.sys
0x076A6000 \SystemRoot\System32\Drivers\secdrv.SYS
0x076B1000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x07785000 \SystemRoot\System32\drivers\tcpipreg.sys
0x07797000 \SystemRoot\System32\DRIVERS\srv2.sys
0x0C897000 \SystemRoot\System32\DRIVERS\srv.sys
0x0C92D000 \SystemRoot\system32\drivers\cfwids.sys
0x0C93B000 \SystemRoot\system32\drivers\mfeapfk.sys
0x0C957000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0x76F30000 \Windows\System32\ntdll.dll
0x47C20000 \Windows\System32\smss.exe
0xFF250000 \Windows\System32\apisetschema.dll
0xFF2C0000 \Windows\System32\autochk.exe
0xFF160000 \Windows\System32\oleaut32.dll
0x77100000 \Windows\System32\normaliz.dll
0xFEFE0000 \Windows\System32\urlmon.dll
0xFEFC0000 \Windows\System32\imagehlp.dll
0xFEDB0000 \Windows\System32\ole32.dll
0xFECD0000 \Windows\System32\advapi32.dll
0xFEBA0000 \Windows\System32\wininet.dll
0xFEB30000 \Windows\System32\gdi32.dll
0xFEB20000 \Windows\System32\nsi.dll
0xFEA80000 \Windows\System32\comdlg32.dll
0xFEA30000 \Windows\System32\Wldap32.dll
0x76E30000 \Windows\System32\user32.dll
0x76D10000 \Windows\System32\kernel32.dll
0xFE960000 \Windows\System32\usp10.dll
0xFE950000 \Windows\System32\lpk.dll
0xFE6F0000 \Windows\System32\iertutil.dll
0xFE6A0000 \Windows\System32\ws2_32.dll
0xFD910000 \Windows\System32\shell32.dll
0xFD870000 \Windows\System32\msvcrt.dll
0xFD740000 \Windows\System32\rpcrt4.dll
0xFD6A0000 \Windows\System32\clbcatq.dll
0xFD670000 \Windows\System32\imm32.dll
0xFD650000 \Windows\System32\sechost.dll
0xFD470000 \Windows\System32\setupapi.dll
0xFD360000 \Windows\System32\msctf.dll
0xFD2E0000 \Windows\System32\difxapi.dll
0x770F0000 \Windows\System32\psapi.dll
0xFD260000 \Windows\System32\shlwapi.dll
0xFD1C0000 \Windows\System32\comctl32.dll
0xFD180000 \Windows\System32\wintrust.dll
0xFD110000 \Windows\System32\KernelBase.dll
0xFD0F0000 \Windows\System32\devobj.dll
0xFCF80000 \Windows\System32\crypt32.dll
0xFCF40000 \Windows\System32\cfgmgr32.dll
0xFCF30000 \Windows\System32\msasn1.dll

Processes (total 96):
0 System Idle Process
4 System
572 C:\Windows\System32\smss.exe
884 csrss.exe
1004 C:\Windows\System32\wininit.exe
152 csrss.exe
556 C:\Windows\System32\services.exe
596 C:\Windows\System32\lsass.exe
612 C:\Windows\System32\lsm.exe
680 C:\Windows\System32\winlogon.exe
148 C:\Windows\System32\svchost.exe
1040 C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
1196 C:\Windows\System32\svchost.exe
1260 C:\Windows\System32\atiesrxx.exe
1324 C:\Windows\System32\svchost.exe
1360 C:\Windows\System32\svchost.exe
1400 C:\Windows\System32\svchost.exe
1472 C:\Windows\System32\audiodg.exe
1504 C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
1552 C:\Windows\System32\svchost.exe
1640 C:\Windows\System32\atieclxx.exe
1720 C:\Windows\System32\svchost.exe
1880 C:\Windows\System32\spoolsv.exe
1920 C:\Windows\System32\svchost.exe
2028 C:\Program Files\SUPERAntiSpyware\SASCore64.exe
1276 C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
1952 C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
1528 C:\Windows\System32\taskhost.exe
2140 C:\Windows\System32\taskeng.exe
2168 C:\Windows\System32\dwm.exe
2224 C:\Windows\explorer.exe
2312 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
2432 C:\Windows\System32\taskeng.exe
2508 C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
2580 C:\Program Files (x86)\Bonjour\mDNSResponder.exe
2652 C:\Windows\SysWOW64\svchost.exe
2700 C:\Program Files (x86)\Linksys\Linksys Updater\bin\LinksysUpdater.exe
2768 C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
2820 C:\Windows\System32\mfevtps.exe
2852 C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
2884 C:\Windows\SysWOW64\java.exe
2908 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
2916 C:\Windows\System32\conhost.exe
2952 C:\Program Files\McAfee\Anti-Theft\McPvTray.exe
2976 C:\Program Files (x86)\Linksys\Linksys Wireless Manager\LinksysWirelessManager64.exe
2984 C:\Windows\System32\svchost.exe
3024 C:\Program Files (x86)\ClipMate7\ClipMate.exe
3052 C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
2192 C:\Windows\System32\svchost.exe
2112 C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
2368 C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
3148 C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
3208 C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
3232 C:\Program Files\Logitech\SetPoint\SetPoint.exe
3360 C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
3388 C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe
3404 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
3424 C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
3460 C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
3488 C:\Program Files (x86)\iTunes\iTunesHelper.exe
3508 C:\Program Files\McAfee.com\Agent\mcagent.exe
4012 C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
4048 C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
3740 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
4448 C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
4484 C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
4512 C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
4536 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
4580 C:\Windows\System32\svchost.exe
4660 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
4748 C:\Windows\System32\FXSSVC.exe
4800 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
4888 WmiPrvSE.exe
4916 C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
2868 C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
3924 C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
4264 C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
5324 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
5844 C:\Program Files\iPod\bin\iPodService.exe
5916 C:\Windows\System32\SearchIndexer.exe
6020 C:\Windows\System32\msiexec.exe
6120 C:\Windows\System32\svchost.exe
3992 C:\Windows\System32\svchost.exe
3768 C:\Windows\System32\taskhost.exe
5064 C:\Windows\System32\svchost.exe
6420 WUDFHost.exe
6472 C:\Windows\System32\SearchProtocolHost.exe
6492 C:\Windows\System32\SearchFilterHost.exe
6880 C:\Windows\System32\svchost.exe
6004 dllhost.exe
5708 C:\Windows\SysWOW64\msiexec.exe
4004 C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
6268 C:\Users\Bobby\AppData\Local\Temp\{e9513610-f218-4dda-b954-2c7e6ba7cabb}\IDriver.NonElevated.exe
6780 C:\Users\Bobby\Desktop\MBRCheck.exe
7032 C:\Windows\System32\conhost.exe
3368 C:\Windows\System32\dllhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`06500000 (NTFS)
\\.\F: --> \\.\PhysicalDrive1 at offset 0x00000003`86166000 (NTFS)
\\.\G: --> \\.\PhysicalDrive1 at offset 0x0000005b`543e9000 (NTFS)
\\.\H: --> \\.\PhysicalDrive1 at offset 0x00000000`00007e00 (FAT32)

PhysicalDrive0 Model Number:
PhysicalDrive1 Model Number: ST3500418AS, Rev: CC38

Size Device Name MBR Status
--------------------------------------------
931 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79
465 GB \\.\PhysicalDrive1 Unknown MBR code
SHA1: 98DFD9F1A89F78E429B3B2BDD871ADDDE473BA50


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
 
Good job :)

How is computer doing?

Download OTL to your Desktop.

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan box paste this in:


netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /i " " /c
dir /b "%systemroot%\*.exe" | find /i " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
/md5stop


  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
 
I have had much time on the computer since the last post. IE8 does seem to be working much better now. I still get pop-ups even with Google Pop-up blocker running. It always worked before. Here are the two logs, I ran them yesterday.

OTL logfile created on: 11/27/2010 9:49:39 AM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Bobby\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

8.00 Gb Total Physical Memory | 6.00 Gb Available Physical Memory | 72.00% Memory free
16.00 Gb Paging File | 13.00 Gb Available in Paging File | 84.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 530.37 Gb Free Space | 56.94% Space Free | Partition Type: NTFS
Drive D: | 4.08 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 351.22 Gb Total Space | 101.34 Gb Free Space | 28.85% Space Free | Partition Type: NTFS
Drive G: | 100.44 Gb Total Space | 91.62 Gb Free Space | 91.22% Space Free | Partition Type: NTFS
Drive H: | 14.08 Gb Total Space | 6.63 Gb Free Space | 47.10% Space Free | Partition Type: FAT32

Computer Name: DESKTOP | User Name: Bobby | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/11/27 09:47:45 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Bobby\Desktop\OTL.exe
PRC - [2010/11/11 16:46:42 | 000,233,936 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_ActiveX.exe
PRC - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/10/14 09:09:02 | 002,806,000 | ---- | M] (Emsi Software GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
PRC - [2010/09/22 17:11:26 | 000,640,440 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2010/03/30 14:12:56 | 000,249,856 | R--- | M] (Teleca Sweden AB) -- C:\Program Files (x86)\HTC\HTC Sync\Sync Manager\SyncIndicator.exe
PRC - [2010/02/12 09:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
PRC - [2010/02/01 15:59:22 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWOW64\java.exe
PRC - [2010/01/30 08:04:14 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009/07/20 04:00:00 | 000,077,824 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
PRC - [2009/06/04 19:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009/04/01 23:27:27 | 000,090,112 | R--- | M] () -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
PRC - [2009/03/19 10:12:38 | 000,632,048 | ---- | M] (eBay Inc.) -- C:\Program Files (x86)\eBay\eBay Toolbar2\eBayTBDaemon.exe
PRC - [2009/01/31 10:00:40 | 003,760,424 | ---- | M] (Thornsoft Development, Inc.) -- C:\Program Files (x86)\ClipMate7\ClipMate.exe
PRC - [2008/12/12 18:06:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2008/12/12 18:06:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe
PRC - [2008/11/13 14:43:49 | 000,204,800 | ---- | M] () -- C:\Program Files (x86)\Linksys\Linksys Updater\bin\LinksysUpdater.exe
PRC - [2008/10/24 08:14:36 | 000,206,112 | ---- | M] (Macrovision Corporation) -- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
PRC - [2008/10/02 11:23:16 | 000,546,288 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
PRC - [2008/09/16 12:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe


========== Modules (SafeList) ==========

MOD - [2010/11/27 09:47:45 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Bobby\Desktop\OTL.exe
MOD - [2010/08/21 00:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/10/13 22:28:54 | 000,245,352 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV:64bit: - [2010/10/13 22:28:54 | 000,200,056 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2010/10/13 22:28:54 | 000,149,032 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2010/10/07 21:34:28 | 000,509,416 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2010/08/04 00:51:22 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/06/29 12:49:27 | 000,128,752 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2009/07/20 12:36:14 | 000,160,784 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/10/14 09:09:02 | 002,806,000 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/12 09:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2010/01/14 16:24:44 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2010/01/14 16:20:24 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe -- (Creative Media Toolbox 6 Licensing Service)
SRV - [2010/01/14 15:56:57 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2010/01/07 21:41:31 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/10/19 12:11:50 | 000,828,936 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2009/09/23 21:59:36 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2009/04/01 23:27:27 | 000,090,112 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2008/12/12 18:06:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2008/11/13 14:43:49 | 000,204,800 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Linksys\Linksys Updater\bin\LinksysUpdater.exe -- (LinksysUpdater)
SRV - [2008/09/16 12:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0)
SRV - [2008/06/24 19:57:28 | 000,605,464 | ---- | M] (Seagate) [Auto | Running] -- C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe -- (SgtSch2Svc)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\tandpl.sys -- (tandpl)
DRV:64bit: - File not found [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\enodpl.sys -- (enodpl)
DRV:64bit: - File not found [Kernel | System | Stopped] -- C:\Windows\SysNative\DRIVERS\EIO64.sys -- (EIO64)
DRV:64bit: - [2010/11/17 13:07:00 | 000,137,256 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:64bit: - [2010/10/13 22:28:54 | 000,529,128 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2010/10/13 22:28:54 | 000,441,328 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2010/10/13 22:28:54 | 000,283,360 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2010/10/13 22:28:54 | 000,190,136 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2010/10/13 22:28:54 | 000,121,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2010/10/13 22:28:54 | 000,094,864 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2010/10/13 22:28:54 | 000,075,032 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2010/10/13 22:28:54 | 000,062,800 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2010/09/28 15:44:52 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/08/04 01:22:38 | 007,451,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010/08/04 01:22:38 | 007,451,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/08/04 00:15:46 | 000,268,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/07/07 13:21:18 | 001,612,888 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ha20x22k.sys -- (ha20x22k)
DRV:64bit: - [2010/07/07 13:21:06 | 001,567,832 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ha20x2k.sys -- (ha20x2k)
DRV:64bit: - [2010/07/07 13:20:56 | 000,118,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia)
DRV:64bit: - [2010/07/07 13:20:48 | 000,213,080 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV:64bit: - [2010/07/07 13:20:40 | 000,015,960 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV:64bit: - [2010/07/07 13:16:32 | 000,179,288 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv)
DRV:64bit: - [2010/07/07 13:16:24 | 000,697,816 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV:64bit: - [2010/07/07 13:16:14 | 000,580,696 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k)
DRV:64bit: - [2010/07/07 13:16:06 | 001,445,976 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX.SYS)
DRV:64bit: - [2010/07/07 13:16:06 | 001,445,976 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX)
DRV:64bit: - [2010/07/07 13:15:56 | 000,095,320 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT.SYS)
DRV:64bit: - [2010/07/07 13:15:56 | 000,095,320 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT)
DRV:64bit: - [2010/07/07 13:15:50 | 000,230,488 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT.SYS)
DRV:64bit: - [2010/07/07 13:15:50 | 000,230,488 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT)
DRV:64bit: - [2010/06/23 09:10:56 | 000,344,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/02/17 13:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2010/02/17 13:23:05 | 000,012,360 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2010/01/10 17:26:13 | 001,455,648 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpm251.sys -- (tdrpman251) Acronis Try&Decide and Restore Points filter (build 251)
DRV:64bit: - [2010/01/10 17:26:12 | 000,929,312 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2010/01/10 17:26:09 | 000,254,496 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2010/01/10 17:13:42 | 000,081,952 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\tifsfilt.sys -- (tifsfilter)
DRV:64bit: - [2010/01/07 21:39:28 | 000,052,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/11/17 11:15:34 | 000,072,296 | ---- | M] (McAfee) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\McPvDrv.sys -- (McPvDrv)
DRV:64bit: - [2009/11/04 16:54:06 | 000,049,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfesmfk.sys -- (mfesmfk)
DRV:64bit: - [2009/11/04 16:47:38 | 000,040,904 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdk.sys -- (mferkdk)
DRV:64bit: - [2009/10/26 15:54:22 | 000,032,768 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009/09/30 09:34:30 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/09/17 19:04:18 | 001,250,816 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2009/07/15 22:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009/07/13 20:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 20:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:10:49 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MODEMCSA.sys -- (MODEMCSA)
DRV:64bit: - [2009/07/13 19:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009/06/30 05:05:16 | 001,486,848 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_DPV.sys -- (HSF_DPV)
DRV:64bit: - [2009/06/30 05:01:40 | 000,411,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAXHWBS2.sys -- (CAXHWBS2)
DRV:64bit: - [2009/06/30 04:59:54 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2009/06/19 07:56:08 | 000,712,704 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2009/06/17 11:54:30 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2009/06/17 11:54:22 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2009/06/10 15:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 001,192,448 | ---- | M] (Hauppauge Computer Works) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HCW85BDA.sys -- (HCW85BDA)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 08:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/01/09 15:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2008/12/12 18:05:18 | 000,033,072 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\purendis.sys -- (purendis)
DRV:64bit: - [2008/12/12 18:05:18 | 000,031,536 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\pnarp.sys -- (pnarp)
DRV:64bit: - [2008/05/20 17:33:36 | 000,028,416 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2007/02/06 13:30:06 | 000,227,328 | ---- | M] (Hauppauge Computer Works, Inc.) [23|25|26]xxx) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcwPP2.sys -- (hcwPP2)
DRV:64bit: - [2006/08/08 09:18:52 | 000,010,360 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\Windows\SysNative\DLA\DLADResE.SYS -- (DLADResE)
DRV:64bit: - [2006/08/08 09:18:42 | 000,136,952 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\Windows\SysNative\DLA\DLAUDFAE.SYS -- (DLAUDFAE)
DRV:64bit: - [2006/08/08 09:18:42 | 000,044,152 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\Windows\SysNative\DLA\DLABMFSE.SYS -- (DLABMFSE)
DRV:64bit: - [2006/08/08 09:18:40 | 000,143,096 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\Windows\SysNative\DLA\DLAUDF_E.SYS -- (DLAUDF_E)
DRV:64bit: - [2006/08/08 09:18:38 | 000,033,656 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\Windows\SysNative\DLA\DLAOPIOE.SYS -- (DLAOPIOE)
DRV:64bit: - [2006/08/08 09:18:36 | 000,041,976 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\Windows\SysNative\DLA\DLABOIOE.SYS -- (DLABOIOE)
DRV:64bit: - [2006/08/08 09:18:36 | 000,018,040 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\Windows\SysNative\DLA\DLAPoolE.SYS -- (DLAPoolE)
DRV:64bit: - [2006/08/08 09:18:34 | 000,141,432 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\Windows\SysNative\DLA\DLAIFS_E.SYS -- (DLAIFS_E)
DRV:64bit: - [2006/08/01 20:06:26 | 000,039,288 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\Windows\SysNative\drivers\DLARTL_E.SYS -- (DLARTL_E)
DRV:64bit: - [2006/08/01 20:06:26 | 000,015,992 | ---- | M] (Sonic Solutions) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\DLACDBHE.SYS -- (DLACDBHE)
DRV:64bit: - [2006/08/01 19:46:36 | 000,063,608 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\DRVEDDM.SYS -- (DRVEDDM)
DRV:64bit: - [2006/07/21 11:21:28 | 000,122,776 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\DRVECDB.SYS -- (DRVECDB)
DRV:64bit: - [2006/06/19 06:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2010/09/19 07:57:36 | 000,084,752 | ---- | M] (Emsi Software GmbH) [File_System | On_Demand | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys -- (a2acc)
DRV - [2003/04/19 02:32:04 | 000,004,736 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\tandpl.sys -- (tandpl)
DRV - [2003/03/02 19:44:26 | 000,007,552 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\enodpl.sys -- (enodpl)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll (AOL LLC.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.aolnews.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/02/25 04:48:45 | 000,000,000 | ---D | M]

[2010/03/13 07:22:11 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\Mozilla\Extensions
[2010/03/13 07:22:11 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho64.dll ()
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101122065509.dll (McAfee, Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll (Google Inc.)
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (eBay Toolbar Helper) - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files (x86)\eBay\eBay Toolbar2\eBayTb.dll (eBay Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20101122065509.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (AIM Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll (AOL LLC.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (eBay Toolbar) - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files (x86)\eBay\eBay Toolbar2\eBayTb.dll (eBay Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll (AOL LLC.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Linksys Wireless Manager] C:\Program Files (x86)\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe (Linksys, LLC)
O4:64bit: - HKLM..\Run: [McPvTray] C:\Program Files\McAfee\Anti-Theft\McPvTray.exe (McAfee)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [nmctxth] C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [ClipMate7] C:\Program Files (x86)\ClipMate7\ClipMate.exe (Thornsoft Development, Inc.)
O4 - HKCU..\Run: [ISUSPM] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8:64bit: - Extra context menu item: eBay Search - C:\Program Files (x86)\eBay\eBay Toolbar2\eBayTb.dll (eBay Inc.)
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: eBay Search - C:\Program Files (x86)\eBay\eBay Toolbar2\eBayTb.dll (eBay Inc.)
O9 - Extra Button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files (x86)\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files (x86)\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files (x86)\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab (Reg Error: Key error.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab (Windows Live OneCare safety scanner control)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://systemrequirementslab.com.s3.amazonaws.com/iduu/bin/srldetect_intel.cab (SysInfo Class)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15112/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.245.129 167.206.245.130
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - F:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 05:07:38 | 000,000,000 | -HS- | M] () - H:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2004/04/30 06:01:14 | 000,000,053 | -HS- | M] () - H:\Autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{605e086b-b6e1-11df-ae49-002618fe6f85}\Shell - "" = AutoRun
O33 - MountPoints2\{605e086b-b6e1-11df-ae49-002618fe6f85}\Shell\AutoRun\command - "" = J:\TL-Bootstrap.exe -- File not found
O33 - MountPoints2\{8939119e-fb1c-11de-a8fd-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{8939119e-fb1c-11de-a8fd-806e6f6e6963}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: wave1 - serwvdrv.dll (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivXNetworks)
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivXNetworks)
Drivers32: wave1 - C:\Windows\SysWow64\serwvdrv.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2010/11/27 09:47:43 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Bobby\Desktop\OTL.exe
[2010/11/26 17:50:16 | 000,000,000 | ---D | C] -- C:\Users\Bobby\Desktop\NTBR_CD
[2010/11/26 16:14:54 | 000,000,000 | ---D | C] -- C:\Users\Bobby\AppData\Roaming\SUPERAntiSpyware.com
[2010/11/26 16:14:54 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010/11/26 16:14:51 | 000,000,000 | ---D | C] -- C:\ProgramData\!SASCORE
[2010/11/26 16:14:49 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/11/26 16:05:09 | 009,852,776 | ---- | C] (SUPERAntiSpyware.com) -- C:\Users\Bobby\Desktop\SUPERAntiSpyware.exe
[2010/11/26 12:27:34 | 000,000,000 | ---D | C] -- C:\Users\Bobby\Desktop\logs
[2010/11/26 12:09:48 | 000,000,000 | ---D | C] -- C:\Users\Bobby\Desktop\gmer
[2010/11/26 12:09:06 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\Bobby\Desktop\TFC.exe
[2010/11/25 21:11:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft Anti-Malware
[2010/11/25 21:11:51 | 000,000,000 | ---D | C] -- C:\Users\Bobby\Documents\Anti-Malware
[2010/11/25 19:59:26 | 000,000,000 | ---D | C] -- C:\Users\Bobby\AppData\Roaming\Malwarebytes
[2010/11/25 19:59:19 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/11/25 19:59:18 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/11/25 19:59:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/11/25 19:59:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/11/22 06:55:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee.com
[2010/11/22 06:55:08 | 000,009,984 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeclnk.sys
[2010/11/22 06:54:54 | 000,283,360 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfewfpk.sys
[2010/11/22 06:54:53 | 000,441,328 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfefirek.sys
[2010/11/22 06:54:53 | 000,190,136 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeavfk.sys
[2010/11/22 06:54:53 | 000,094,864 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mferkdet.sys
[2010/11/22 06:54:53 | 000,075,032 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfenlfk.sys
[2010/11/22 06:54:53 | 000,062,800 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\cfwids.sys
[2010/11/22 06:54:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2010/11/22 06:54:50 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2010/11/22 06:52:45 | 000,149,032 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\mfevtps.exe
[2010/11/22 06:26:06 | 000,000,000 | ---D | C] -- C:\_AcroTemp
[2010/11/17 15:23:37 | 000,137,256 | ---- | C] (Tonec Inc.) -- C:\Windows\SysNative\drivers\idmwfp.sys
[2010/11/16 16:39:53 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/11/16 16:39:53 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/11/12 17:46:42 | 000,000,000 | ---D | C] -- C:\Users\Bobby\AppData\Local\Diagnostics
[2010/11/09 01:44:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live Safety Center
[2010/11/06 07:11:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools Security
[2010/11/06 07:06:30 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2010/11/05 18:28:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\InstallShield Installation Information
[2010/11/04 15:37:31 | 000,000,000 | ---D | C] -- C:\Users\Bobby\AppData\Local\Windows Live
[2010/11/02 16:57:13 | 000,000,000 | ---D | C] -- C:\Users\Bobby\AppData\Local\IsolatedStorage
[2010/11/02 16:56:05 | 000,000,000 | ---D | C] -- C:\Users\Bobby\AppData\Roaming\Bling Software
[2010/11/02 16:55:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Podmaxx09
[2010/11/02 16:55:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AviSynth 2.5
[2010/07/07 11:36:44 | 000,014,336 | ---- | C] ( ) -- C:\Windows\SysWow64\a3d.dll
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2010/11/27 09:47:43 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Bobby\Desktop\OTL.exe
[2010/11/26 17:50:16 | 000,000,000 | ---D | C] -- C:\Users\Bobby\Desktop\NTBR_CD
[2010/11/26 16:14:54 | 000,000,000 | ---D | C] -- C:\Users\Bobby\AppData\Roaming\SUPERAntiSpyware.com
[2010/11/26 16:14:54 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010/11/26 16:14:51 | 000,000,000 | ---D | C] -- C:\ProgramData\!SASCORE
[2010/11/26 16:14:49 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/11/26 16:05:09 | 009,852,776 | ---- | C] (SUPERAntiSpyware.com) -- C:\Users\Bobby\Desktop\SUPERAntiSpyware.exe
[2010/11/26 12:27:34 | 000,000,000 | ---D | C] -- C:\Users\Bobby\Desktop\logs
[2010/11/26 12:09:48 | 000,000,000 | ---D | C] -- C:\Users\Bobby\Desktop\gmer
[2010/11/26 12:09:06 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\Bobby\Desktop\TFC.exe
[2010/11/25 21:11:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft Anti-Malware
[2010/11/25 21:11:51 | 000,000,000 | ---D | C] -- C:\Users\Bobby\Documents\Anti-Malware
[2010/11/25 19:59:26 | 000,000,000 | ---D | C] -- C:\Users\Bobby\AppData\Roaming\Malwarebytes
[2010/11/25 19:59:19 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/11/25 19:59:18 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/11/25 19:59:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/11/25 19:59:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/11/22 06:55:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee.com
[2010/11/22 06:55:08 | 000,009,984 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeclnk.sys
[2010/11/22 06:54:54 | 000,283,360 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfewfpk.sys
[2010/11/22 06:54:53 | 000,441,328 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfefirek.sys
[2010/11/22 06:54:53 | 000,190,136 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeavfk.sys
[2010/11/22 06:54:53 | 000,094,864 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mferkdet.sys
[2010/11/22 06:54:53 | 000,075,032 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfenlfk.sys
[2010/11/22 06:54:53 | 000,062,800 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\cfwids.sys
[2010/11/22 06:54:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2010/11/22 06:54:50 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2010/11/22 06:52:45 | 000,149,032 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\mfevtps.exe
[2010/11/22 06:26:06 | 000,000,000 | ---D | C] -- C:\_AcroTemp
[2010/11/17 15:23:37 | 000,137,256 | ---- | C] (Tonec Inc.) -- C:\Windows\SysNative\drivers\idmwfp.sys
[2010/11/16 16:39:53 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/11/16 16:39:53 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/11/12 17:46:42 | 000,000,000 | ---D | C] -- C:\Users\Bobby\AppData\Local\Diagnostics
[2010/11/09 01:44:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live Safety Center
[2010/11/06 07:11:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools Security
[2010/11/06 07:06:30 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2010/11/05 18:28:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\InstallShield Installation Information
[2010/11/04 15:37:31 | 000,000,000 | ---D | C] -- C:\Users\Bobby\AppData\Local\Windows Live
[2010/11/02 16:57:13 | 000,000,000 | ---D | C] -- C:\Users\Bobby\AppData\Local\IsolatedStorage
[2010/11/02 16:56:05 | 000,000,000 | ---D | C] -- C:\Users\Bobby\AppData\Roaming\Bling Software
[2010/11/02 16:55:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Podmaxx09
[2010/11/02 16:55:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AviSynth 2.5
[2010/07/07 11:36:44 | 000,014,336 | ---- | C] ( ) -- C:\Windows\SysWow64\a3d.dll

========== Files - Modified Within 30 Days ==========

[2010/11/27 09:51:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/11/27 09:47:45 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Bobby\Desktop\OTL.exe
[2010/11/27 09:42:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1883524782-1493650506-1266417903-1000UA.job
[2010/11/27 04:56:15 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/11/27 04:42:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1883524782-1493650506-1266417903-1000Core.job
[2010/11/26 18:09:11 | 000,013,632 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/11/26 18:09:11 | 000,013,632 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/11/26 18:06:29 | 000,809,480 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/11/26 18:06:29 | 000,682,542 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/11/26 18:06:29 | 000,128,930 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/11/26 18:01:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/11/26 18:01:07 | 2140,418,047 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/26 17:53:55 | 000,063,336 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000004-00000000-00000000-00001102-0000000B-00431102}.rfx
[2010/11/26 17:53:55 | 000,063,336 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000004-00000000-00000000-00001102-0000000B-00431102}.rfx
[2010/11/26 17:53:55 | 000,000,820 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000004-00000000-00000000-00001102-0000000B-00431102}.rfx
[2010/11/26 17:48:08 | 002,565,432 | ---- | M] () -- C:\Users\Bobby\Desktop\NTBR_CD.exe
[2010/11/26 16:14:51 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/11/26 16:07:58 | 000,080,384 | ---- | M] () -- C:\Users\Bobby\Desktop\MBRCheck.exe
[2010/11/26 16:05:09 | 009,852,776 | ---- | M] (SUPERAntiSpyware.com) -- C:\Users\Bobby\Desktop\SUPERAntiSpyware.exe
[2010/11/26 16:00:11 | 000,000,414 | ---- | M] () -- C:\Windows\tasks\vtscheduletask.job
[2010/11/26 12:11:59 | 000,625,272 | ---- | M] () -- C:\Users\Bobby\Desktop\dds.scr
[2010/11/26 12:09:07 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Bobby\Desktop\TFC.exe
[2010/11/26 05:45:57 | 034,012,895 | ---- | M] () -- C:\Users\Bobby\Documents\ClipMate7_DB_My Clips_2010-11-26_0545.ZIP
[2010/11/25 21:12:02 | 000,001,095 | ---- | M] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
[2010/11/25 19:59:21 | 000,001,013 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/11/25 11:02:11 | 000,008,624 | ---- | M] () -- C:\Users\Bobby\Desktop\Resume2.rsm
[2010/11/23 13:07:53 | 000,644,528 | ---- | M] () -- C:\Users\Bobby\AppData\Local\rx_image.Cache
[2010/11/23 13:07:53 | 000,411,060 | ---- | M] () -- C:\Users\Bobby\AppData\Local\rx_audio.Cache
[2010/11/17 13:07:00 | 000,137,256 | ---- | M] (Tonec Inc.) -- C:\Windows\SysNative\drivers\idmwfp.sys
[2010/11/16 16:40:10 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/11/06 07:11:36 | 001,233,614 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2010/11/06 03:42:30 | 000,002,400 | ---- | M] () -- C:\Users\Bobby\Desktop\Google Chrome.lnk
[2010/11/05 20:11:42 | 033,943,711 | ---- | M] () -- C:\Users\Bobby\Documents\ClipMate7_DB_My Clips_2010-11-05_2111.ZIP
[2010/11/05 17:21:46 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2010/11/04 21:14:40 | 033,943,711 | ---- | M] () -- C:\Users\Bobby\Documents\ClipMate7_DB_My Clips_2010-11-04_2214.ZIP
[2010/11/01 12:38:38 | 033,943,713 | ---- | M] () -- C:\Users\Bobby\Documents\ClipMate7_DB_My Clips_2010-11-01_1338.ZIP

========== Files Created - No Company Name ==========

[2010/11/26 17:48:05 | 002,565,432 | ---- | C] () -- C:\Users\Bobby\Desktop\NTBR_CD.exe
[2010/11/26 16:14:51 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/11/26 15:59:00 | 000,080,384 | ---- | C] () -- C:\Users\Bobby\Desktop\MBRCheck.exe
[2010/11/26 12:11:59 | 000,625,272 | ---- | C] () -- C:\Users\Bobby\Desktop\dds.scr
[2010/11/26 05:45:47 | 034,012,895 | ---- | C] () -- C:\Users\Bobby\Documents\ClipMate7_DB_My Clips_2010-11-26_0545.ZIP
[2010/11/25 21:12:02 | 000,001,095 | ---- | C] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
[2010/11/25 19:59:21 | 000,001,013 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/11/23 16:22:56 | 000,008,624 | ---- | C] () -- C:\Users\Bobby\Desktop\Resume2.rsm
[2010/11/22 06:43:59 | 000,000,414 | ---- | C] () -- C:\Windows\tasks\vtscheduletask.job
[2010/11/16 16:40:10 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/11/06 07:11:23 | 001,233,614 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB
[2010/11/05 20:11:34 | 033,943,711 | ---- | C] () -- C:\Users\Bobby\Documents\ClipMate7_DB_My Clips_2010-11-05_2111.ZIP
[2010/11/05 17:18:59 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2010/11/04 21:14:31 | 033,943,711 | ---- | C] () -- C:\Users\Bobby\Documents\ClipMate7_DB_My Clips_2010-11-04_2214.ZIP
[2010/11/01 12:38:30 | 033,943,713 | ---- | C] () -- C:\Users\Bobby\Documents\ClipMate7_DB_My Clips_2010-11-01_1338.ZIP
[2010/10/14 18:02:10 | 000,000,080 | RHS- | C] () -- C:\Windows\SysWow64\5984AA01EE.dll
[2010/09/04 14:30:49 | 000,000,005 | ---- | C] () -- C:\ProgramData\DragToDiscUserNameD.txt
[2010/07/22 21:01:48 | 000,000,286 | ---- | C] () -- C:\Users\Bobby\AppData\Roaming\wklnhst.dat
[2010/07/17 03:42:37 | 000,644,528 | ---- | C] () -- C:\Users\Bobby\AppData\Local\rx_image.Cache
[2010/07/17 03:42:36 | 000,411,060 | ---- | C] () -- C:\Users\Bobby\AppData\Local\rx_audio.Cache
[2010/07/07 12:23:10 | 000,017,868 | ---- | C] () -- C:\Windows\SysWow64\instwdm.ini
[2010/07/07 11:33:04 | 000,002,560 | ---- | C] () -- C:\Windows\SysWow64\CtxfiRes.dll
[2010/01/17 08:28:13 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2010/01/17 08:28:13 | 000,013,368 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2010/01/14 15:56:03 | 000,166,912 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2010/01/14 15:56:03 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2010/01/10 20:30:05 | 000,033,134 | ---- | C] () -- C:\Users\Bobby\AppData\Roaming\UserTile.png
[2010/01/10 17:59:20 | 000,007,552 | ---- | C] () -- C:\Windows\SysWow64\drivers\enodpl.sys
[2010/01/10 17:59:20 | 000,004,736 | ---- | C] () -- C:\Windows\SysWow64\drivers\tandpl.sys
[2010/01/10 12:44:07 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\HCWxds.dll
[2010/01/09 11:31:07 | 000,007,596 | ---- | C] () -- C:\Users\Bobby\AppData\Local\Resmon.ResmonCfg
[2010/01/08 22:06:14 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll
[2010/01/07 20:41:03 | 000,056,056 | ---- | C] () -- C:\Windows\SysWow64\DLAAPI_W.DLL
[2010/01/07 20:41:03 | 000,000,132 | ---- | C] () -- C:\Windows\wininit.ini
[2010/01/07 20:33:50 | 000,747,990 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/01/06 19:56:49 | 000,002,326 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2010/01/06 18:08:25 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/01/06 16:24:44 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2010/01/06 16:24:39 | 000,022,227 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2009/07/14 01:14:16 | 000,000,054 | ---- | C] () -- C:\Windows\SysWow64\ctzapxx.ini
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/05/26 12:12:38 | 000,000,285 | ---- | C] () -- C:\Windows\SysWow64\kill.ini
[2009/04/02 07:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2008/08/26 14:26:24 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\pt243F.DLL
[2006/08/15 14:54:02 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\px.ini
[2005/07/15 13:35:56 | 000,831,488 | ---- | C] () -- C:\Windows\SysWow64\libeay32.dll
[2005/07/15 13:35:56 | 000,159,744 | ---- | C] () -- C:\Windows\SysWow64\ssleay32.dll
[2005/07/15 13:35:24 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll

========== LOP Check ==========

[2010/01/10 15:22:49 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\acccore
[2010/08/01 08:57:22 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\Blackberry Desktop
[2010/11/02 16:56:05 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\Bling Software
[2010/11/22 06:01:49 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\DMCache
[2010/01/08 22:18:22 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\eBay
[2010/01/28 22:06:37 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\FileOpen
[2010/11/18 15:14:51 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\IDM
[2010/01/16 14:27:51 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\ieSpell
[2010/10/14 18:03:42 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\Individual Software
[2010/02/06 13:17:45 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\iolo
[2010/01/06 20:28:50 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\Laplink
[2010/01/10 14:13:03 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\Leadertech
[2010/10/16 13:06:31 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\LimeWire
[2010/01/24 13:53:47 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\Research In Motion
[2010/01/16 08:34:39 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\Smart Recorder
[2010/11/18 13:47:46 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\SolSuite
[2010/08/04 16:17:25 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\Teleca
[2010/07/22 21:01:50 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\Template
[2010/01/08 21:28:54 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\Thornsoft Development
[2010/07/10 13:08:55 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\tidysongs15.27F6A35B76E5883BF9E6FEE514586561E60595CA.1
[2010/11/21 13:53:10 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\TuneUpMedia
[2010/10/23 12:18:16 | 000,000,000 | ---D | M] -- C:\Users\Bobby\AppData\Roaming\WinWay
[2010/11/09 17:38:29 | 000,032,586 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/11/26 16:00:11 | 000,000,414 | ---- | M] () -- C:\Windows\Tasks\vtscheduletask.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2010/01/10 12:58:14 | 000,000,102 | ---- | M] () -- C:\hcwclear.txt
[2010/11/26 18:01:07 | 2140,418,047 | -HS- | M] () -- C:\hiberfil.sys
[2010/01/10 15:22:03 | 000,000,348 | -H-- | M] () -- C:\IPH.PH
[2006/12/01 23:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll
[2010/11/26 18:01:11 | 4285,550,591 | -HS- | M] () -- C:\pagefile.sys
[2010/01/10 17:11:05 | 000,029,512 | ---- | M] () -- C:\WindowsSerifastd-black.otf
[2010/01/10 17:11:05 | 000,027,772 | ---- | M] () -- C:\WindowsSerifastd-bold.otf
[2010/01/10 17:11:05 | 000,028,252 | ---- | M] () -- C:\WindowsSerifastd-italic.otf
[2010/01/10 17:11:05 | 000,027,440 | ---- | M] () -- C:\WindowsSerifastd-light.otf
[2010/01/10 17:11:05 | 000,028,260 | ---- | M] () -- C:\WindowsSerifastd-lightitalic.otf
[2010/01/10 17:11:05 | 000,027,452 | ---- | M] () -- C:\WindowsSerifastd-roman.otf
[2010/01/31 14:24:13 | 000,000,030 | ---- | M] () -- C:\wizard.txt

< %systemroot%\Fonts\*.com >
[2009/07/14 00:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/14 00:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/14 00:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/14 00:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2009/06/10 15:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2009/07/10 12:15:46 | 000,306,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2009/07/13 23:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2010/01/06 16:51:17 | 000,000,221 | -HS- | M] () -- C:\Users\Bobby\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2010/11/26 16:07:58 | 000,080,384 | ---- | M] () -- C:\Users\Bobby\Desktop\MBRCheck.exe
[2010/11/26 17:48:08 | 002,565,432 | ---- | M] () -- C:\Users\Bobby\Desktop\NTBR_CD.exe
[2010/11/27 09:47:45 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Bobby\Desktop\OTL.exe
[2010/11/26 16:05:09 | 009,852,776 | ---- | M] (SUPERAntiSpyware.com) -- C:\Users\Bobby\Desktop\SUPERAntiSpyware.exe
[2010/11/26 12:09:07 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Bobby\Desktop\TFC.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >
[2009/06/10 16:20:04 | 000,000,802 | ---- | M] () -- C:\Windows\addins\FXSEXT.ecf

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >
[2010/01/06 18:45:34 | 000,008,192 | ---- | M] () -- C:\Windows\security\database\edb.chk
[2010/01/06 18:45:34 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edb.log
[2010/01/06 18:39:33 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edbres00001.jrs
[2010/01/06 18:39:33 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edbres00002.jrs

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2010/08/02 18:55:48 | 000,000,402 | -HS- | M] () -- C:\Users\Bobby\Favorites\desktop.ini
[2010/11/16 17:38:50 | 000,001,914 | ---- | M] () -- C:\Users\Bobby\Favorites\eBay

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >
[2010/09/04 14:32:32 | 000,000,005 | ---- | M] () -- C:\ProgramData\DragToDiscUserNameD.txt
[2010/02/25 04:49:02 | 000,002,326 | ---- | M] () -- C:\ProgramData\hpzinstall.log

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 180 bytes -> C:\ProgramData\TEMP:40F038C5
@Alternate Data Stream - 173 bytes -> C:\ProgramData\TEMP:B0D4D817
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >


=================================================================
 
My last two posts needed to be approved. They where very long logs and needed to be broken up into a few posts.

I think I posted the logs in a mixed up order so when they show up I will delete them and try again.
 
OTL Extras logfile created on: 11/27/2010 9:49:39 AM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Bobby\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

8.00 Gb Total Physical Memory | 6.00 Gb Available Physical Memory | 72.00% Memory free
16.00 Gb Paging File | 13.00 Gb Available in Paging File | 84.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 530.37 Gb Free Space | 56.94% Space Free | Partition Type: NTFS
Drive D: | 4.08 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 351.22 Gb Total Space | 101.34 Gb Free Space | 28.85% Space Free | Partition Type: NTFS
Drive G: | 100.44 Gb Total Space | 91.62 Gb Free Space | 91.22% Space Free | Partition Type: NTFS
Drive H: | 14.08 Gb Total Space | 6.63 Gb Free Space | 47.10% Space Free | Partition Type: FAT32

Computer Name: DESKTOP | User Name: Bobby | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{21185083-5C3F-45E1-A52F-1279E0724967}" = iTunes
"{22ABA92B-6C1B-46D8-AC2B-C48EEAE172A9}" = VD64Inst
"{27BAA191-CEB0-4F17-95FA-B44DD128375E}" = MobileMe Control Panel
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}" = Bonjour
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{624880EA-7610-47B6-B4A6-40DD83DB1AB4}" = McAfee Anti-Theft
"{79BF7CB8-1E09-489F-9547-DB3EE8EA3F16}" = Microsoft SQL Server Native Client
"{86177DAE-38B1-49DD-912E-35CB703AB779}" = Microsoft SQL Server VSS Writer
"{8AB2AC00-AFFF-4043-83D9-0086528B337F}" = HP OfficeJet J6400
"{8DA5428C-3D35-317C-2FBA-485AAC49E9C0}" = ccc-utility64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{963BFE7E-C350-4346-B43C-B02358306A45}" = Apple Mobile Device Support
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CCC50A42-892B-AF23-6188-6E8D2FDF34E3}" = ATI Catalyst Install Manager
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CNXT_MODEM_PCI_HSF" = PCI SoftV92 Modem
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Linksys Wireless Manager" = Linksys Wireless Manager
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Shop for HP Supplies" = Shop for HP Supplies

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{0BDE949A-3CF5-3852-B4F7-92EAE4F25F73}" = CCC Help English
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{171E6C1E-B5FC-11DF-B115-005056C00008}" = Google Earth Plug-in
"{172423F9-522A-483A-AD65-03600CE4CA4F}" = Microsoft Works 6-9 Converter
"{17424F35-8B77-4ADF-BC63-BF9B81418539}" = Apple Application Support
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20288888-A7AF-4B24-8AEB-398D20CD563C}" = Sound Blaster X-Fi
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{279D3818-7287-4ab4-A927-542EBEA9E365}" = ProductContext
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{2E924A2A-8FBC-4C84-8A3A-63FB386C9A29}_is1" = ClipMate 7
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{353D20CC-719B-4A60-AD33-D03F88C10330}" = Microsoft Office Accounting PayPal Addin
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{45350494-82B7-3E53-85B7-79A1AD9AE080}" = Catalyst Control Center Graphics Light
"{46614A49-222A-48EF-87A9-BFD603E608E1}" = Microsoft Office Accounting Fixed Asset Manager
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{525E7F71-67C1-806E-69D0-892CC3CE2F8E}" = Catalyst Control Center Graphics Full Existing
"{537306C2-CDAC-F606-5D46-D5727F58FAD3}" = Catalyst Control Center Graphics Previews Vista
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{5D934326-165A-413b-B056-26BE1EC082AF}" = J6400
"{5FA793A6-0071-42C1-9355-8F69A428C44F}" = Microsoft Office Accounting ADP Payroll Addin
"{625304B0-2976-473B-AD81-5CA376093F03}" = Xingtone Ringtone Maker
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6809408A-56A8-4863-A7E9-3723FF8C24A4}" = BPDSoftware_Ini
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{71F6DF7D-B639-4FAD-BA93-E6DF267AA44D}" = DesignPro 5.4 Limited Edition
"{72736F5F-520D-472A-88CC-7B02872FD34E}" = ATI Catalyst Registration
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77663A9E-EDA4-4873-907D-6315E6D0462A}" = 6400_Help
"{787F2DC2-1699-44FA-A72F-9107166AF9CC}" = Roxio Content 9
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{84DDA651-FA15-4DF2-8AE8-E98FA329B1CD}" = System Requirements Lab for Intel
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{857CBF4A-192C-44B0-86A5-6281FCEFA1FE}" = FileOpen Client
"{85AF94EC-55DE-452A-8FD7-C34E598B3F1F}" = Adobe Premiere Elements 7.0 Templates
"{85C8D391-0EAE-4492-8A0A-2EE8B0B6DA03}" = BPDSoftware
"{87BB78C4-F36D-4D93-A7C7-F80F18219848}" = AMD DnD V1.0.19
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{88DDBE5E-8AC0-F463-AC50-E56FAA2E3CEB}" = Catalyst Control Center Graphics Previews Common
"{897B3B21-8691-26F5-97E8-A9955C20BB20}" = Catalyst Control Center HydraVision Full
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8C711818-076E-475C-B95B-DF11CD9D8DBE}" = Microsoft Office Accounting Equifax Addin
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_PROR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_PROR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_PROR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{970704F5-579F-4430-A6A8-B562561B4D3D}" = WinWay Resume Deluxe
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A842C34B-2083-6947-BC0E-5654BDBADCDA}" = Catalyst Control Center Graphics Full New
"{A92A4DB0-CD37-42D1-BE1D-603D53C24328}" = Intel(R) Processor ID Utility
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-1033-F400-7760-000000000004}_941" = Adobe Acrobat 9.4.1 - CPSID_83708
"{AC76BA86-1033-F400-7760-000000000004}{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AFBBF30D-ADA9-4313-464E-14458B6BE034}" = PhotoshopdotcomInspirationBrowser
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B0717D5A-1976-482B-9ADF-F19631A541A4}" = Microsoft Office Accounting 2007
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B98BE95C-E76F-4246-B8E6-BEB8EE791D06}" = Roxio Media Manager
"{BA3B34EB-3F4B-0E19-0916-971C1AD3F0AD}" = Catalyst Control Center InstallProxy
"{BC4174D1-7970-40E6-AC57-F095F961FB08}" = HTC Sync
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{BF2A74BF-8D12-47F1-8B19-22B30AF6B0D1}" = Linksys EasyLink Advisor
"{C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7}" = WebEx Support Manager for Internet Explorer
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}" = Microsoft Outlook Personal Folders Backup
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CB166F48-6219-2DFD-8800-191BE6F5923A}" = ccc-core-static
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB6075D9-F912-40AE-BEA6-E590DA24F16B}" = Adobe Photoshop Elements 7.0
"{CE86E2F5-850C-4207-94A3-A58D647B1733}" = BlackBerry Desktop Software 5.0.1
"{D1E0E859-F46D-4708-A41D-ED90C0C1822A}" = Acronis*True*Image*Home
"{D50AD12E-4EDC-48D4-992C-A74B2FBE05B3}" = PCsync
"{D564B5E2-CCB5-4A5C-B35E-2FC30BBC9336}" = Adobe Premiere Elements 7.0
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DF9A6075-9308-4572-8932-A4316243C4D9}" = Brother P-touch Editor 5.0
"{E0B71631-6AA8-C596-A485-8480E92DD745}" = Catalyst Control Center Core Implementation
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1A14CB2-A048-45A6-AFDA-3571296E1D76}" = Creative Media Toolbox 6
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F6234880-85BE-4DCB-8A45-1FF85A1A8552}" = SmartSound Quicktracks for Premiere Elements
"{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II
"{F979ACC9-A874-457A-9BE1-7FD2085F126F}" = MapSend DirectRoute North America
"{FA30FFD4-8DF3-4B29-9C2C-EE30584CD795}" = bpd_scan
"{FBDBC490-089D-4476-BF72-1F7A6368200A}" = Pure Networks Platform
"3DMIDI" = Creative 3DMIDI Player
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 7" = Adobe Photoshop Elements 7.0
"AIM Toolbar" = AIM Toolbar
"AIM_7" = AIM 7
"ALchemy" = Creative ALchemy
"AudioCS" = Creative Audio Control Panel
"BlackBerry_{CE86E2F5-850C-4207-94A3-A58D647B1733}" = BlackBerry Desktop Software 5.0.1
"Console Launcher" = Creative Console Launcher
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition
"Diagnostics 4_5" = Creative Diagnostics
"Dolby Digital Live Pack" = Dolby Digital Live Pack
"Emsisoft Anti-Malware_is1" = Emsisoft Anti-Malware 5.0
"Google Calendar Sync" = Google Calendar Sync
"HTC_WModemDriver" = WModem Driver Installer
"ieSpell" = ieSpell
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{71F6DF7D-B639-4FAD-BA93-E6DF267AA44D}" = DesignPro 5.4 Limited Edition
"InstallShield_{DF9A6075-9308-4572-8932-A4316243C4D9}" = Brother P-touch Editor 5.0
"InstallShield_{F6234880-85BE-4DCB-8A45-1FF85A1A8552}" = SmartSound Quicktracks for Premiere Elements
"Internet Download Manager" = Internet Download Manager
"LimeWire" = LimeWire 5.5.16
"Linksys EasyLink Advisor" = Linksys EasyLink Advisor
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Virtual Technician" = McAfee Virtual Technician
"Microsoft Office Accounting 2007" = Microsoft Office Accounting 2007
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MSC" = McAfee Total Protection
"OpenAL" = OpenAL
"PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1" = Adobe Photoshop.com Inspiration Browser
"PremElem70" = Adobe Premiere Elements 7.0
"PremElem70Templates" = Adobe Premiere Elements 7.0 Templates
"PROR" = Microsoft Office Professional 2007
"Security Task Manager" = Security Task Manager 1.7h
"SFBM" = SoundFont Bank Manager
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SolSuite_is1" = SolSuite 2010 v10.7
"SysInfo" = Creative System Information
"TuneUpMedia" = TuneUp Companion 1.9.0
"Uninstaller_B4736000_Creative Media Toolbox 6" = Creative Media Toolbox 6 (Shared Components)
"WaveStudio 7" = Creative WaveStudio 7
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinLiveSuite_Wave3" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/26/2010 6:38:50 PM | Computer Name = DeskTop | Source = MsiInstaller | ID = 11706
Description =

Error - 11/26/2010 6:39:41 PM | Computer Name = DeskTop | Source = MsiInstaller | ID = 11706
Description =

Error - 11/26/2010 7:03:04 PM | Computer Name = DeskTop | Source = MsiInstaller | ID = 11706
Description =

Error - 11/26/2010 7:04:00 PM | Computer Name = DeskTop | Source = MsiInstaller | ID = 11706
Description =

Error - 11/26/2010 7:14:53 PM | Computer Name = DeskTop | Source = MsiInstaller | ID = 11706
Description =

Error - 11/26/2010 7:15:43 PM | Computer Name = DeskTop | Source = MsiInstaller | ID = 11706
Description =

Error - 11/26/2010 7:26:36 PM | Computer Name = DeskTop | Source = MsiInstaller | ID = 11706
Description =

Error - 11/26/2010 7:27:27 PM | Computer Name = DeskTop | Source = MsiInstaller | ID = 11706
Description =

Error - 11/27/2010 1:39:32 AM | Computer Name = DeskTop | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "c:\program files (x86)\windows
live\photo gallery\MovieMaker.Exe".Error in manifest or policy file "c:\program
files (x86)\windows live\photo gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.

Error - 11/27/2010 1:40:45 AM | Computer Name = DeskTop | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files (x86)\Adobe\Acrobat
9.0\Designer 8.2\FormDesigner.exe".Error in manifest or policy file "" on line
. A component version required by the application conflicts with another component
version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

[ Media Center Events ]
Error - 1/28/2010 4:49:12 AM | Computer Name = DeskTop | Source = MCUpdate | ID = 0
Description = 3:49:12 AM - Error connecting to the internet. 3:49:12 AM - Unable
to contact server..

Error - 2/2/2010 4:49:33 AM | Computer Name = DeskTop | Source = MCUpdate | ID = 0
Description = 3:49:33 AM - Error connecting to the internet. 3:49:33 AM - Unable
to contact server..

Error - 2/7/2010 4:46:18 AM | Computer Name = DeskTop | Source = MCUpdate | ID = 0
Description = 3:46:17 AM - Error connecting to the internet. 3:46:17 AM - Unable
to contact server..

Error - 2/12/2010 4:55:44 AM | Computer Name = DeskTop | Source = MCUpdate | ID = 0
Description = 3:55:44 AM - Error connecting to the internet. 3:55:44 AM - Unable
to contact server..

Error - 2/17/2010 4:29:20 AM | Computer Name = DeskTop | Source = MCUpdate | ID = 0
Description = 3:29:19 AM - Error connecting to the internet. 3:29:19 AM - Unable
to contact server..

Error - 2/22/2010 4:17:07 AM | Computer Name = DeskTop | Source = MCUpdate | ID = 0
Description = 3:17:06 AM - Error connecting to the internet. 3:17:06 AM - Unable
to contact server..

Error - 3/4/2010 4:10:41 AM | Computer Name = DeskTop | Source = MCUpdate | ID = 0
Description = 3:10:41 AM - Error connecting to the internet. 3:10:41 AM - Unable
to contact server..

Error - 3/4/2010 5:11:23 AM | Computer Name = DeskTop | Source = MCUpdate | ID = 0
Description = 4:11:23 AM - Error connecting to the internet. 4:11:23 AM - Unable
to contact server..

Error - 3/4/2010 6:12:06 AM | Computer Name = DeskTop | Source = MCUpdate | ID = 0
Description = 5:12:06 AM - Error connecting to the internet. 5:12:06 AM - Unable
to contact server..

Error - 3/9/2010 4:42:09 AM | Computer Name = DeskTop | Source = MCUpdate | ID = 0
Description = 3:42:09 AM - Error connecting to the internet. 3:42:09 AM - Unable
to contact server..

[ OSession Events ]
Error - 2/4/2010 10:20:50 PM | Computer Name = DeskTop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 470
seconds with 180 seconds of active time. This session ended with a crash.

Error - 11/4/2010 6:52:54 PM | Computer Name = DeskTop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 19
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 11/26/2010 6:25:59 PM | Computer Name = DeskTop | Source = Service Control Manager | ID = 7023
Description = The Power service terminated with the following error: %%4203

Error - 11/26/2010 6:26:07 PM | Computer Name = DeskTop | Source = DCOM | ID = 10001
Description =

Error - 11/26/2010 7:01:04 PM | Computer Name = DeskTop | Source = Application Popup | ID = 876
Description = Driver DLACDBHE.SYS has been blocked from loading.

Error - 11/26/2010 7:01:18 PM | Computer Name = DeskTop | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\drivers\enodpl.sys has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.

Error - 11/26/2010 7:01:18 PM | Computer Name = DeskTop | Source = Service Control Manager | ID = 7000
Description = The enodpl service failed to start due to the following error: %%1275

Error - 11/26/2010 7:02:00 PM | Computer Name = DeskTop | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Roxio
Hard Drive Watcher 9 service to connect.

Error - 11/26/2010 7:02:01 PM | Computer Name = DeskTop | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\drivers\tandpl.sys has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.

Error - 11/26/2010 7:02:01 PM | Computer Name = DeskTop | Source = Service Control Manager | ID = 7000
Description = The tandpl service failed to start due to the following error: %%1275

Error - 11/26/2010 7:02:01 PM | Computer Name = DeskTop | Source = Service Control Manager | ID = 7023
Description = The Power service terminated with the following error: %%4203

Error - 11/26/2010 7:02:10 PM | Computer Name = DeskTop | Source = DCOM | ID = 10001
Description =


< End of report >
 
Update your Java version here: http://www.java.com/en/download/installed.jsp

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

Now, we need to remove old Java version and its remnants...

Download JavaRa to your desktop and unzip it to its own folder
  • Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
  • Accept any prompts.

========================================================================

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    Code:
    :OTL
    O4 - HKLM..\Run: [] File not found
    O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
    O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
    O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
    O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn...Detection2.cab (Reg Error: Key error.)
    O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanage...ex-2.2.5.0.cab (Reg Error: Key error.)
    O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O33 - MountPoints2\{605e086b-b6e1-11df-ae49-002618fe6f85}\Shell - "" = AutoRun
    O33 - MountPoints2\{605e086b-b6e1-11df-ae49-002618fe6f85}\Shell\AutoRun\command - "" = J:\TL-Bootstrap.exe -- File not found
    O33 - MountPoints2\{8939119e-fb1c-11de-a8fd-806e6f6e6963}\Shell - "" = AutoRun
    O33 - MountPoints2\{8939119e-fb1c-11de-a8fd-806e6f6e6963}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -- File not found
    @Alternate Data Stream - 180 bytes -> C:\ProgramData\TEMP:40F038C5
    @Alternate Data Stream - 173 bytes -> C:\ProgramData\TEMP:B0D4D817
    @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:DFC5A2B2
    
    
    :Services
    
    :Reg
    
    :Files
    
    :Commands
    [purity]
    [emptytemp]
    [emptyflash]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • You will get a log that shows the results of the fix. Please post it.

======================================================================

Last scans....

1. Download Security Check from HERE, and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

    NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.


2. Download Temp File Cleaner (TFC)
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.


3. Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • IMPORTANT! UN-check Remove found threats
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • NOTE. If Eset won't find any threats, it won't produce any log.
 
All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\internet\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee.com\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee.com\ not found.
Starting removal of ActiveX control {73ECB3AA-4717-450C-A2AB-D00DAD9EE203}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{73ECB3AA-4717-450C-A2AB-D00DAD9EE203}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73ECB3AA-4717-450C-A2AB-D00DAD9EE203}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{73ECB3AA-4717-450C-A2AB-D00DAD9EE203}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73ECB3AA-4717-450C-A2AB-D00DAD9EE203}\ not found.
Starting removal of ActiveX control {4871A87A-BFDD-4106-8153-FFDE2BAC2967}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Starting removal of ActiveX control {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
C:\ProgramData\webex\ieatgpc.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E06E2E99-0AA1-11D4-ABA6-0060082AA75C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E06E2E99-0AA1-11D4-ABA6-0060082AA75C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E06E2E99-0AA1-11D4-ABA6-0060082AA75C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E06E2E99-0AA1-11D4-ABA6-0060082AA75C}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{605e086b-b6e1-11df-ae49-002618fe6f85}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{605e086b-b6e1-11df-ae49-002618fe6f85}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{605e086b-b6e1-11df-ae49-002618fe6f85}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{605e086b-b6e1-11df-ae49-002618fe6f85}\ not found.
File J:\TL-Bootstrap.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8939119e-fb1c-11de-a8fd-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8939119e-fb1c-11de-a8fd-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8939119e-fb1c-11de-a8fd-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8939119e-fb1c-11de-a8fd-806e6f6e6963}\ not found.
File J:\LaunchU3.exe not found.
ADS C:\ProgramData\TEMP:40F038C5 deleted successfully.
ADS C:\ProgramData\TEMP:B0D4D817 deleted successfully.
ADS C:\ProgramData\TEMP:DFC5A2B2 deleted successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Bobby
->Temp folder emptied: 5358750 bytes
->Temporary Internet Files folder emptied: 70778497 bytes
->Java cache emptied: 74699 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 3753 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 78943 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 32902 bytes
RecycleBin emptied: 689536 bytes

Total Files Cleaned = 73.00 mb


[EMPTYFLASH]

User: All Users

User: Bobby
->Flash cache emptied: 0 bytes

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.17.3 log created on 11282010_212945

Files\Folders moved on Reboot...
C:\Users\Bobby\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Windows\temp\mcafee_p60W7FA6Caee2ZN not found!

Registry entries deleted on Reboot...


=================================================================

Results of screen317's Security Check version 0.99.5
Windows 7 (UAC is enabled)
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
McAfee Total Protection
McAfee Virtual Technician
[size=1]WMI entry may not exist for antivirus; attempting automatic update.[/size]
```````````````````````````````
Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware
TuneUp Companion 1.9.0
Java(TM) 6 Update 22
Java(TM) 6 Update 3
Out of date Java installed!
Adobe Flash Player 10.0.45.2
````````````````````````````````
Process Check:
objlist.exe by Laurent

mcafee VIRUSS~1 mcvsshld.exe
mcafee VIRUSS~1 mcvsmap.exe
Emsisoft Anti-Malware a2service.exe
````````````````````````````````
DNS Vulnerability Check:

GREAT! (Not vulnerable to DNS cache poisoning)

``````````End of Log````````````


=============================================================

No ESET log.
 
I still can see some old Java installed.
Make sure to run JavaRa to remove them.

Other than that....

Your computer is clean

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point, using following OTL script:

Run OTL

  • Under the Custom Scans/Fixes box at the bottom, paste in the following:

Code:
:OTL
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Post resulting log.

2. Now, we'll remove all tools, we used during our cleaning process

Clean up with OTL:

  • Double-click OTL.exe to start the program.
  • Close all other programs apart from OTL as this step will require a reboot
  • On the OTL main screen, press the CLEANUP button
  • Say Yes to the prompt and then allow the program to reboot your computer.

If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

3. Make sure, Windows Updates are current.

4. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

7. Run Temporary File Cleaner (TFC) weekly.

8. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

10. Run defrag at your convenience.

11. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html

12. Please, let me know, how your computer is doing.
 
Here's the last log you asked for. I did run JavaRa twice. I checked with the Java link you posted and it says I have the latest version. I run security check again and it still says I have out of date Java.

The computer is running great at this point.

Thank You so much for all your help.

Lastly, could you tell me what you found on my computer? Was it an infection or just some corrupt files?


All processes killed
========== OTL ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Bobby
->Temp folder emptied: 5481437 bytes
->Temporary Internet Files folder emptied: 58415182 bytes
->Java cache emptied: 2027 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 2371 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 145184 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 29582 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 32902 bytes
RecycleBin emptied: 302 bytes

Total Files Cleaned = 61.00 mb


[EMPTYFLASH]

User: All Users

User: Bobby
->Flash cache emptied: 0 bytes

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.17.3 log created on 11302010_184837

Files\Folders moved on Reboot...
C:\Users\Bobby\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\Bobby\AppData\Local\Temp\~DF4FAA4A3258EBE455.TMP not found!
File\Folder C:\Users\Bobby\AppData\Local\Temp\~DF5906DA547B4B0E22.TMP not found!
File\Folder C:\Users\Bobby\AppData\Local\Temp\~DFD86C79255CD64D15.TMP not found!
File\Folder C:\Users\Bobby\AppData\Local\Temp\~DFF600C1F01DED80D2.TMP not found!
C:\Users\Bobby\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\YMJ5GE45\topic157228[1].html moved successfully.
C:\Users\Bobby\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AHEOILMJ\crosspixel-dest[1].htm moved successfully.
C:\Users\Bobby\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AHEOILMJ\sh28[1].html moved successfully.
File\Folder C:\Windows\temp\mcafee_FcfqtKkXvn6DlvE not found!

Registry entries deleted on Reboot...
 
I run security check again and it still says I have out of date Java.
NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.
You're fine :)

I'm glad to hear good news :)

We found possibly infected MBR (this is serious issue, which we fixed and we cleaned some garbage.

Good luck and stay safe :)
 
Status
Not open for further replies.
Back