Solved Message "Hard drive clusters are partly damaged" Virus?

[Broni]

How is computer doing?

Download TDSSKiller and save it to your desktop.

• Doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
• If an infected file is detected, the default action will be Cure, click on Continue.
• If a suspicious file is detected, the default action will be Skip, click on Continue.
• It may ask you to reboot the computer to complete the process. Click on Reboot Now.
• If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
• If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

 

[candygirl]

My computer is doing...

Ok, I guess. It's taking a little longer to start up once I put my password in. I keep getting an error message that I believe is linked to my printer? (hp error pops up then an alert saying that HP imaging has encountered a problem and needs to close). Internet is slightly slower.

How does it look? What's the verdict so far?

 

[candygirl]

TDSS report

22:23:27.0095 4488 TDSS rootkit removing tool 2.6.14.0 Oct 28 2011 11:11:01
22:23:28.0075 4488 ============================================================
22:23:28.0075 4488 Current date / time: 2011/10/31 22:23:28.0075
22:23:28.0076 4488 SystemInfo:
22:23:28.0076 4488
22:23:28.0076 4488 OS Version: 6.0.6001 ServicePack: 1.0
22:23:28.0076 4488 Product type: Workstation
22:23:28.0077 4488 ComputerName: PIMPONE
22:23:28.0078 4488 UserName: Vianca
22:23:28.0078 4488 Windows directory: C:\Windows
22:23:28.0078 4488 System windows directory: C:\Windows
22:23:28.0078 4488 Running under WOW64
22:23:28.0078 4488 Processor architecture: Intel x64
22:23:28.0078 4488 Number of processors: 2
22:23:28.0078 4488 Page size: 0x1000
22:23:28.0078 4488 Boot type: Normal boot
22:23:28.0078 4488 ============================================================
22:23:29.0370 4488 Initialize success
22:23:43.0506 2864 ============================================================
22:23:43.0506 2864 Scan started
22:23:43.0506 2864 Mode: Manual;
22:23:43.0506 2864 ============================================================
22:23:44.0161 2864 Accelerometer (60fbb29ccce48b4c3a6517caf42c3496) C:\Windows\system32\DRIVERS\Accelerometer.sys
22:23:44.0173 2864 Accelerometer - ok
22:23:44.0217 2864 ACPI (8c99ed256a889d647935a97c543b7b85) C:\Windows\system32\drivers\acpi.sys
22:23:44.0222 2864 ACPI - ok
22:23:44.0266 2864 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
22:23:44.0298 2864 adp94xx - ok
22:23:44.0341 2864 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
22:23:44.0380 2864 adpahci - ok
22:23:44.0397 2864 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
22:23:44.0418 2864 adpu160m - ok
22:23:44.0441 2864 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
22:23:44.0468 2864 adpu320 - ok
22:23:44.0578 2864 AFD (9bb97042fa331a0fb4bdd98b9280a50a) C:\Windows\system32\drivers\afd.sys
22:23:44.0628 2864 AFD - ok
22:23:44.0721 2864 AgereSoftModem (3627a62b10284ffbf862bfd49928edf4) C:\Windows\system32\DRIVERS\agrsm64.sys
22:23:44.0835 2864 AgereSoftModem - ok
22:23:44.0905 2864 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
22:23:44.0931 2864 agp440 - ok
22:23:44.0968 2864 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
22:23:44.0984 2864 aic78xx - ok
22:23:45.0030 2864 aliide (e0ca5bb8e6c79533dc6b1da7361a201e) C:\Windows\system32\drivers\aliide.sys
22:23:45.0042 2864 aliide - ok
22:23:45.0058 2864 amdide (7034f8d1b9703d711d3f92c95deb377d) C:\Windows\system32\drivers\amdide.sys
22:23:45.0068 2864 amdide - ok
22:23:45.0085 2864 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
22:23:45.0101 2864 AmdK8 - ok
22:23:45.0205 2864 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
22:23:45.0222 2864 arc - ok
22:23:45.0246 2864 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
22:23:45.0266 2864 arcsas - ok
22:23:45.0306 2864 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
22:23:45.0315 2864 AsyncMac - ok
22:23:45.0344 2864 atapi (aca311fac841a06e4a7ef9a0f1c195f8) C:\Windows\system32\drivers\atapi.sys
22:23:45.0345 2864 atapi - ok
22:23:45.0415 2864 athr (19f0adc93e97c4d41afe40407bf61ca8) C:\Windows\system32\DRIVERS\athrx.sys
22:23:45.0487 2864 athr - ok
22:23:45.0763 2864 atikmdag (a4379447148ee55330768cc491ee999e) C:\Windows\system32\DRIVERS\atikmdag.sys
22:23:45.0985 2864 atikmdag - ok
22:23:46.0084 2864 AtiPcie (db0d3de15edc96e7529fc0d3f7760894) C:\Windows\system32\DRIVERS\AtiPcie.sys
22:23:46.0095 2864 AtiPcie - ok
22:23:46.0177 2864 avgntflt (aa8f79a1bdfc03b3bc70c44ab00589b4) C:\Windows\system32\DRIVERS\avgntflt.sys
22:23:46.0194 2864 avgntflt - ok
22:23:46.0219 2864 avipbb (d959309ececca73fc79f8ef8521346b2) C:\Windows\system32\DRIVERS\avipbb.sys
22:23:46.0237 2864 avipbb - ok
22:23:46.0265 2864 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
22:23:46.0280 2864 avkmgr - ok
22:23:46.0314 2864 Beep - ok
22:23:46.0393 2864 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
22:23:46.0406 2864 blbdrive - ok
22:23:46.0499 2864 bowser (f0f035fcec3554cc1b70c5611bd87951) C:\Windows\system32\DRIVERS\bowser.sys
22:23:46.0516 2864 bowser - ok
22:23:46.0560 2864 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
22:23:46.0569 2864 BrFiltLo - ok
22:23:46.0587 2864 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
22:23:46.0596 2864 BrFiltUp - ok
22:23:46.0636 2864 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
22:23:46.0669 2864 Brserid - ok
22:23:46.0826 2864 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
22:23:46.0877 2864 BrSerWdm - ok
22:23:46.0891 2864 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
22:23:46.0904 2864 BrUsbMdm - ok
22:23:46.0937 2864 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
22:23:46.0948 2864 BrUsbSer - ok
22:23:46.0990 2864 BthEnum (471ff09330a53177bbe9fd6ddf8a8259) C:\Windows\system32\DRIVERS\BthEnum.sys
22:23:46.0999 2864 BthEnum - ok
22:23:47.0033 2864 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
22:23:47.0047 2864 BTHMODEM - ok
22:23:47.0087 2864 BthPan (befc5311736b475ac5b60c14ff7c775a) C:\Windows\system32\DRIVERS\bthpan.sys
22:23:47.0102 2864 BthPan - ok
22:23:47.0179 2864 BTHPORT (7d104f22c04a76f0d2f96f789ac07fcb) C:\Windows\system32\Drivers\BTHport.sys
22:23:47.0243 2864 BTHPORT - ok
22:23:47.0284 2864 BTHUSB (d9324f0c142267961ce900bfc3798bb1) C:\Windows\system32\Drivers\BTHUSB.sys
22:23:47.0297 2864 BTHUSB - ok
22:23:47.0309 2864 catchme - ok
22:23:47.0366 2864 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
22:23:47.0378 2864 cdfs - ok
22:23:47.0402 2864 cdrom (3b2fb35363423ed60c8fbf15fc8680bd) C:\Windows\system32\DRIVERS\cdrom.sys
22:23:47.0415 2864 cdrom - ok
22:23:47.0446 2864 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\DRIVERS\circlass.sys
22:23:47.0459 2864 circlass - ok
22:23:47.0503 2864 CLFS (c12c4ee07843b595036da0baa6317936) C:\Windows\system32\CLFS.sys
22:23:47.0538 2864 CLFS - ok
22:23:47.0591 2864 CmBatt (b52d9a14ce4101577900a364ba86f3df) C:\Windows\system32\DRIVERS\CmBatt.sys
22:23:47.0599 2864 CmBatt - ok
22:23:47.0623 2864 cmdide (8c6aa24c1d7273a02284588426ab8ce3) C:\Windows\system32\drivers\cmdide.sys
22:23:47.0633 2864 cmdide - ok
22:23:47.0663 2864 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\DRIVERS\compbatt.sys
22:23:47.0674 2864 Compbatt - ok
22:23:47.0697 2864 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
22:23:47.0708 2864 crcdisk - ok
22:23:47.0790 2864 DfsC (3725c43c9e90731eca651d506cc599a3) C:\Windows\system32\Drivers\dfsc.sys
22:23:47.0792 2864 DfsC - ok
22:23:47.0870 2864 disk (2dc415fc05fb8a079f896cbbacb19324) C:\Windows\system32\drivers\disk.sys
22:23:47.0871 2864 disk - ok
22:23:47.0912 2864 Dot4 (74c02b1717740c3b8039539e23e4b53f) C:\Windows\system32\DRIVERS\Dot4.sys
22:23:47.0925 2864 Dot4 - ok
22:23:47.0957 2864 Dot4Print (08321d1860235bf42cf2854234337aea) C:\Windows\system32\DRIVERS\Dot4Prt.sys
22:23:47.0964 2864 Dot4Print - ok
22:23:47.0981 2864 dot4usb (4adccf0124f2b6911d3786a5d0e779e5) C:\Windows\system32\DRIVERS\dot4usb.sys
22:23:47.0991 2864 dot4usb - ok
22:23:48.0053 2864 drmkaud (97dc2a789c1be458976507846a1a8ced) C:\Windows\system32\drivers\drmkaud.sys
22:23:48.0059 2864 drmkaud - ok
22:23:48.0118 2864 DXGKrnl (412964040ce920ff83aff6b5b551bf99) C:\Windows\System32\drivers\dxgkrnl.sys
22:23:48.0131 2864 DXGKrnl - ok
22:23:48.0180 2864 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
22:23:48.0196 2864 E1G60 - ok
22:23:48.0243 2864 Ecache (7343d950a34a95dcb7441642e3e6beef) C:\Windows\system32\drivers\ecache.sys
22:23:48.0246 2864 Ecache - ok
22:23:48.0304 2864 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
22:23:48.0351 2864 elxstor - ok
22:23:48.0416 2864 enecir (3a70dc8951b995c73a22b9a23210833e) C:\Windows\system32\DRIVERS\enecir.sys
22:23:48.0432 2864 enecir - ok
22:23:48.0467 2864 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
22:23:48.0478 2864 ErrDev - ok
22:23:48.0532 2864 exfat (2a546b9a84658b0554b1ec35cd9adaf5) C:\Windows\system32\drivers\exfat.sys
22:23:48.0554 2864 exfat - ok
22:23:48.0590 2864 fastfat (fe731d345ed9eeabbc72a59b35941834) C:\Windows\system32\drivers\fastfat.sys
22:23:48.0624 2864 fastfat - ok
22:23:48.0666 2864 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
22:23:48.0676 2864 fdc - ok
22:23:48.0723 2864 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
22:23:48.0742 2864 FileInfo - ok
22:23:48.0768 2864 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
22:23:48.0770 2864 Filetrace - ok
22:23:48.0799 2864 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
22:23:48.0810 2864 flpydisk - ok
22:23:48.0849 2864 FltMgr (7dacf1a3a4219575070c6dc7c957428a) C:\Windows\system32\drivers\fltmgr.sys
22:23:48.0855 2864 FltMgr - ok
22:23:48.0879 2864 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
22:23:48.0890 2864 Fs_Rec - ok
22:23:48.0916 2864 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
22:23:48.0930 2864 gagp30kx - ok
22:23:48.0980 2864 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:23:48.0990 2864 GEARAspiWDM - ok
22:23:49.0065 2864 HdAudAddService (df45f8142dc6df9d18c39b3effbd0409) C:\Windows\system32\drivers\HdAudio.sys
22:23:49.0098 2864 HdAudAddService - ok
22:23:49.0120 2864 HDAudBus (0c0d0f8a3ff09ecc81963d09ec6a0a84) C:\Windows\system32\DRIVERS\HDAudBus.sys
22:23:49.0121 2864 HDAudBus - ok
22:23:49.0142 2864 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
22:23:49.0153 2864 HidBth - ok
22:23:49.0186 2864 HidIr (1d4e03e5c5ba4c3679c38cb6b4c60d5f) C:\Windows\system32\DRIVERS\hidir.sys
22:23:49.0195 2864 HidIr - ok
22:23:49.0229 2864 HidUsb (59a7b5e13356c20d67983868242167c5) C:\Windows\system32\DRIVERS\hidusb.sys
22:23:49.0237 2864 HidUsb - ok
22:23:49.0282 2864 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
22:23:49.0295 2864 HpCISSs - ok
22:23:49.0344 2864 hpdskflt (4a435ca815a54639ca09ddf75d751ebc) C:\Windows\system32\DRIVERS\hpdskflt.sys
22:23:49.0353 2864 hpdskflt - ok
22:23:49.0388 2864 HpqKbFiltr (0ecc54fd34d6a089c300846b011e81d6) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
22:23:49.0396 2864 HpqKbFiltr - ok
22:23:49.0461 2864 HTTP (e690736da6c543f5d99c8fa27bea31db) C:\Windows\system32\drivers\HTTP.sys
22:23:49.0525 2864 HTTP - ok
22:23:49.0552 2864 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
22:23:49.0564 2864 i2omp - ok
22:23:49.0604 2864 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
22:23:49.0616 2864 i8042prt - ok
22:23:49.0638 2864 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
22:23:49.0660 2864 iaStorV - ok
22:23:49.0687 2864 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
22:23:49.0698 2864 iirsp - ok
22:23:49.0737 2864 intelide (475490caf376e55e6e8b37bbdfeb2e81) C:\Windows\system32\drivers\intelide.sys
22:23:49.0747 2864 intelide - ok
22:23:49.0776 2864 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
22:23:49.0790 2864 intelppm - ok
22:23:49.0834 2864 IpFilterDriver (99b821f5bebd6a3cc3fe564f802ae0fd) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:23:49.0837 2864 IpFilterDriver - ok
22:23:49.0865 2864 IpInIp - ok
22:23:49.0897 2864 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
22:23:49.0913 2864 IPMIDRV - ok
22:23:49.0928 2864 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
22:23:49.0942 2864 IPNAT - ok
22:23:49.0984 2864 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
22:23:49.0992 2864 IRENUM - ok
22:23:50.0016 2864 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
22:23:50.0027 2864 isapnp - ok
22:23:50.0050 2864 iScsiPrt (49e4ccbf74783fce5d2cc1ff6480e1f4) C:\Windows\system32\DRIVERS\msiscsi.sys
22:23:50.0054 2864 iScsiPrt - ok
22:23:50.0079 2864 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
22:23:50.0091 2864 iteatapi - ok
22:23:50.0107 2864 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
22:23:50.0118 2864 iteraid - ok
22:23:50.0157 2864 JMCR (15371306d1adbbf35e475c8da516a956) C:\Windows\system32\DRIVERS\jmcr.sys
22:23:50.0174 2864 JMCR - ok
22:23:50.0188 2864 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
22:23:50.0200 2864 kbdclass - ok
22:23:50.0226 2864 kbdhid (bf8783a5066cfecf45095459e8010fa7) C:\Windows\system32\DRIVERS\kbdhid.sys
22:23:50.0233 2864 kbdhid - ok
22:23:50.0313 2864 KSecDD (ccdcce6224e1e207e953af826b98a9d9) C:\Windows\system32\Drivers\ksecdd.sys
22:23:50.0362 2864 KSecDD - ok
22:23:50.0386 2864 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
22:23:50.0397 2864 ksthunk - ok
22:23:50.0476 2864 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
22:23:50.0488 2864 lltdio - ok
22:23:50.0549 2864 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
22:23:50.0566 2864 LSI_FC - ok
22:23:50.0589 2864 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
22:23:50.0604 2864 LSI_SAS - ok
22:23:50.0626 2864 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
22:23:50.0642 2864 LSI_SCSI - ok
22:23:50.0658 2864 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
22:23:50.0673 2864 luafv - ok
22:23:50.0695 2864 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
22:23:50.0706 2864 megasas - ok
22:23:50.0741 2864 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
22:23:50.0777 2864 MegaSR - ok
22:23:50.0805 2864 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
22:23:50.0814 2864 Modem - ok
22:23:50.0846 2864 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
22:23:50.0848 2864 monitor - ok
22:23:50.0873 2864 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
22:23:50.0883 2864 mouclass - ok
22:23:50.0912 2864 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
22:23:50.0920 2864 mouhid - ok
22:23:50.0938 2864 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
22:23:50.0954 2864 MountMgr - ok
22:23:50.0973 2864 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
22:23:50.0994 2864 mpio - ok
22:23:51.0016 2864 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
22:23:51.0028 2864 mpsdrv - ok
22:23:51.0051 2864 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
22:23:51.0065 2864 Mraid35x - ok
22:23:51.0090 2864 MRxDAV (fe2706c15f8345c342820e4e4583fea0) C:\Windows\system32\drivers\mrxdav.sys
22:23:51.0107 2864 MRxDAV - ok
22:23:51.0149 2864 mrxsmb (b698eb9acc7ecd4927d99d268918f912) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:23:51.0166 2864 mrxsmb - ok
22:23:51.0196 2864 mrxsmb10 (9a797e27fd28500ee13d43000c931435) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:23:51.0229 2864 mrxsmb10 - ok
22:23:51.0244 2864 mrxsmb20 (f9425d610712533107a264e2d5b2154b) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:23:51.0247 2864 mrxsmb20 - ok
22:23:51.0281 2864 msahci (9ac2055e4f5d8eb3c2ba6bd17aaf7719) C:\Windows\system32\drivers\msahci.sys
22:23:51.0292 2864 msahci - ok
22:23:51.0312 2864 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
22:23:51.0314 2864 msdsm - ok
22:23:51.0355 2864 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
22:23:51.0364 2864 Msfs - ok
22:23:51.0396 2864 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
22:23:51.0405 2864 msisadrv - ok
22:23:51.0446 2864 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
22:23:51.0453 2864 MSKSSRV - ok
22:23:51.0488 2864 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
22:23:51.0495 2864 MSPCLOCK - ok
22:23:51.0517 2864 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
22:23:51.0526 2864 MSPQM - ok
22:23:51.0556 2864 MsRPC (b8e32e6103fbba9fbb1d0c11ff0d13b5) C:\Windows\system32\drivers\MsRPC.sys
22:23:51.0590 2864 MsRPC - ok
22:23:51.0616 2864 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
22:23:51.0618 2864 mssmbios - ok
22:23:51.0645 2864 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
22:23:51.0651 2864 MSTEE - ok
22:23:51.0679 2864 Mup (ddf133501f68d6988a0f55dfa88637b4) C:\Windows\system32\Drivers\mup.sys
22:23:51.0693 2864 Mup - ok
22:23:51.0758 2864 NativeWifiP (73b99c98fa3a2ed1566e02d6fe1913a5) C:\Windows\system32\DRIVERS\nwifi.sys
22:23:51.0775 2864 NativeWifiP - ok
22:23:51.0819 2864 NDIS (2a2ee457af36c5c9a6808c768bd3a12b) C:\Windows\system32\drivers\ndis.sys
22:23:51.0830 2864 NDIS - ok
22:23:51.0855 2864 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
22:23:51.0864 2864 NdisTapi - ok
22:23:51.0889 2864 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
22:23:51.0901 2864 Ndisuio - ok
22:23:51.0932 2864 NdisWan (52e3e8e35101399be9b2938c992aa087) C:\Windows\system32\DRIVERS\ndiswan.sys
22:23:51.0956 2864 NdisWan - ok
22:23:51.0970 2864 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
22:23:51.0984 2864 NDProxy - ok
22:23:52.0025 2864 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
22:23:52.0035 2864 NetBIOS - ok
22:23:52.0063 2864 netbt (7a29ca243a629230799754162d80120f) C:\Windows\system32\DRIVERS\netbt.sys
22:23:52.0098 2864 netbt - ok
22:23:52.0234 2864 NETw3v64 (c86984aee87900c1eeb6942ede3bf4b6) C:\Windows\system32\DRIVERS\NETw3v64.sys
22:23:52.0395 2864 NETw3v64 - ok
22:23:52.0456 2864 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
22:23:52.0469 2864 nfrd960 - ok
22:23:52.0507 2864 Npfs (b06154e2a2c91e9be5599fca53bc4cd0) C:\Windows\system32\drivers\Npfs.sys
22:23:52.0518 2864 Npfs - ok
22:23:52.0565 2864 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
22:23:52.0574 2864 nsiproxy - ok
22:23:52.0645 2864 Ntfs (fe86ba5ac3b50e2ca911e9c60c07b638) C:\Windows\system32\drivers\Ntfs.sys
22:23:52.0734 2864 Ntfs - ok
22:23:52.0753 2864 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
22:23:52.0762 2864 Null - ok
22:23:52.0778 2864 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
22:23:52.0795 2864 nvraid - ok
22:23:52.0809 2864 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
22:23:52.0822 2864 nvstor - ok
22:23:52.0866 2864 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
22:23:52.0884 2864 nv_agp - ok
22:23:52.0896 2864 NwlnkFlt - ok
22:23:52.0916 2864 NwlnkFwd - ok
22:23:52.0963 2864 ohci1394 (1b30103fde512915a9214b108b6e7a9c) C:\Windows\system32\DRIVERS\ohci1394.sys
22:23:52.0979 2864 ohci1394 - ok
22:23:53.0026 2864 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
22:23:53.0040 2864 Parport - ok
22:23:53.0059 2864 partmgr (5ab40c36894f4c06bdab0c9a2fba282d) C:\Windows\system32\drivers\partmgr.sys
22:23:53.0075 2864 partmgr - ok
22:23:53.0099 2864 pci (2a5b2a51559066ea84742909b5b2cd69) C:\Windows\system32\drivers\pci.sys
22:23:53.0124 2864 pci - ok
22:23:53.0169 2864 pciide (2c548d4e90bfc26fefdd5dbfc7a93e1e) C:\Windows\system32\drivers\pciide.sys
22:23:53.0180 2864 pciide - ok
22:23:53.0208 2864 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
22:23:53.0241 2864 pcmcia - ok
22:23:53.0285 2864 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
22:23:53.0343 2864 PEAUTH - ok
22:23:53.0486 2864 PptpMiniport (f5739f2c6db2534c384ad5150808e8f5) C:\Windows\system32\DRIVERS\raspptp.sys
22:23:53.0500 2864 PptpMiniport - ok
22:23:53.0519 2864 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\DRIVERS\processr.sys
22:23:53.0521 2864 Processor - ok
22:23:53.0577 2864 PSched (0e0e205a296095fe4c631e6a4775ad6c) C:\Windows\system32\DRIVERS\pacer.sys
22:23:53.0591 2864 PSched - ok
22:23:53.0651 2864 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
22:23:53.0728 2864 ql2300 - ok
22:23:53.0751 2864 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
22:23:53.0780 2864 ql40xx - ok
22:23:53.0814 2864 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
22:23:53.0827 2864 QWAVEdrv - ok
22:23:53.0858 2864 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
22:23:53.0865 2864 RasAcd - ok
22:23:53.0901 2864 Rasl2tp (3b9085f91ef00abd15a6f36570e90e12) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:23:53.0916 2864 Rasl2tp - ok
22:23:53.0950 2864 RasPppoe (2ce1703c27196094fb6e4c6e439f2c21) C:\Windows\system32\DRIVERS\raspppoe.sys
22:23:53.0962 2864 RasPppoe - ok
22:23:53.0979 2864 RasSstp (fcd04fa67e8b40fa0ad361dd38593942) C:\Windows\system32\DRIVERS\rassstp.sys
22:23:53.0992 2864 RasSstp - ok
22:23:54.0027 2864 rdbss (33fa5b6136d92ee0f53f021c79091300) C:\Windows\system32\DRIVERS\rdbss.sys
22:23:54.0060 2864 rdbss - ok
22:23:54.0074 2864 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:23:54.0082 2864 RDPCDD - ok
22:23:54.0115 2864 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
22:23:54.0150 2864 rdpdr - ok
22:23:54.0174 2864 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
22:23:54.0181 2864 RDPENCDD - ok
22:23:54.0208 2864 RDPWD (7747082f672aa2846235c9cea42e2e72) C:\Windows\system32\drivers\RDPWD.sys
22:23:54.0230 2864 RDPWD - ok
22:23:54.0308 2864 RFCOMM (72c35598ba591abddc37fce7d26fe1c4) C:\Windows\system32\DRIVERS\rfcomm.sys
22:23:54.0323 2864 RFCOMM - ok
22:23:54.0371 2864 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
22:23:54.0384 2864 rspndr - ok
22:23:54.0445 2864 RTL8169 (390482953c63e81bae52f20386394421) C:\Windows\system32\DRIVERS\Rtlh64.sys
22:23:54.0460 2864 RTL8169 - ok
22:23:54.0489 2864 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
22:23:54.0504 2864 sbp2port - ok
22:23:54.0555 2864 sdbus (b42ee50f7d24f837f925332eb349eca5) C:\Windows\system32\DRIVERS\sdbus.sys
22:23:54.0570 2864 sdbus - ok
22:23:54.0598 2864 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
22:23:54.0606 2864 secdrv - ok
22:23:54.0634 2864 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
22:23:54.0642 2864 Serenum - ok
22:23:54.0663 2864 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
22:23:54.0677 2864 Serial - ok
22:23:54.0693 2864 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
22:23:54.0705 2864 sermouse - ok
22:23:54.0746 2864 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
22:23:54.0754 2864 sffdisk - ok
22:23:54.0793 2864 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
22:23:54.0802 2864 sffp_mmc - ok
22:23:54.0816 2864 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
22:23:54.0823 2864 sffp_sd - ok
22:23:54.0839 2864 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
22:23:54.0851 2864 sfloppy - ok
22:23:54.0891 2864 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
22:23:54.0904 2864 SiSRaid2 - ok
22:23:54.0920 2864 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
22:23:54.0935 2864 SiSRaid4 - ok
22:23:54.0989 2864 Smb (41eb2e8e005feedcafce301983eff932) C:\Windows\system32\DRIVERS\smb.sys
22:23:55.0002 2864 Smb - ok
22:23:55.0038 2864 spldr (f9cb0672162f7f04248e2b82c1ff4617) C:\Windows\system32\drivers\spldr.sys
22:23:55.0049 2864 spldr - ok
22:23:55.0106 2864 srv (a8abd7d0d907b45cf3831f4dd8644349) C:\Windows\system32\DRIVERS\srv.sys
22:23:55.0153 2864 srv - ok
22:23:55.0193 2864 srv2 (6c72eea39e1c37b436a6d1532999f9ec) C:\Windows\system32\DRIVERS\srv2.sys
22:23:55.0210 2864 srv2 - ok
22:23:55.0257 2864 srvnet (7f69bcf9e6fa3d93c82ee6b87812666d) C:\Windows\system32\DRIVERS\srvnet.sys
22:23:55.0282 2864 srvnet - ok
22:23:55.0370 2864 STHDA (e01797a54f8a61512b7e590fde6d1988) C:\Windows\system32\DRIVERS\stwrt64.sys
22:23:55.0418 2864 STHDA - ok
22:23:55.0469 2864 StillCam (14b4db4381e4a55f570d8bb699b791d6) C:\Windows\system32\DRIVERS\serscan.sys
22:23:55.0479 2864 StillCam - ok
22:23:55.0523 2864 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
22:23:55.0536 2864 swenum - ok
22:23:55.0565 2864 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
22:23:55.0578 2864 Symc8xx - ok
22:23:55.0598 2864 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
22:23:55.0609 2864 Sym_hi - ok
22:23:55.0637 2864 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
22:23:55.0648 2864 Sym_u3 - ok
22:23:55.0698 2864 SynTP (b432c6063d4c621241c2b6e05ca0c3e3) C:\Windows\system32\DRIVERS\SynTP.sys
22:23:55.0715 2864 SynTP - ok
22:23:55.0808 2864 Tcpip (7d86275fb640011b372fd566c0eafa8d) C:\Windows\system32\drivers\tcpip.sys
22:23:55.0903 2864 Tcpip - ok
22:23:55.0968 2864 Tcpip6 (7d86275fb640011b372fd566c0eafa8d) C:\Windows\system32\DRIVERS\tcpip.sys
22:23:55.0999 2864 Tcpip6 - ok
22:23:56.0030 2864 tcpipreg (c29d4b3b08ad0b7e8564814e4ff6a57b) C:\Windows\system32\drivers\tcpipreg.sys
22:23:56.0042 2864 tcpipreg - ok
22:23:56.0071 2864 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
22:23:56.0083 2864 TDPIPE - ok
22:23:56.0103 2864 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
22:23:56.0112 2864 TDTCP - ok
22:23:56.0155 2864 tdx (8c39c72e0e853de04748c0337d9b9216) C:\Windows\system32\DRIVERS\tdx.sys
22:23:56.0178 2864 tdx - ok
22:23:56.0209 2864 TermDD (3f0ebf6ee609f2a276c0d5faf244ec90) C:\Windows\system32\DRIVERS\termdd.sys
22:23:56.0222 2864 TermDD - ok
22:23:56.0279 2864 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:23:56.0292 2864 tssecsrv - ok
22:23:56.0320 2864 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
22:23:56.0328 2864 tunmp - ok
22:23:56.0355 2864 tunnel (f6a4fba7c03ac2efd00f3301c0c1e067) C:\Windows\system32\DRIVERS\tunnel.sys
22:23:56.0364 2864 tunnel - ok
22:23:56.0403 2864 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
22:23:56.0419 2864 uagp35 - ok
22:23:56.0466 2864 udfs (eca6629e33f122afff18a2ab7c3eb033) C:\Windows\system32\DRIVERS\udfs.sys
22:23:56.0499 2864 udfs - ok
22:23:56.0558 2864 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
22:23:56.0573 2864 uliagpkx - ok
22:23:56.0611 2864 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
22:23:56.0644 2864 uliahci - ok
22:23:56.0663 2864 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
22:23:56.0683 2864 UlSata - ok
22:23:56.0704 2864 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
22:23:56.0722 2864 ulsata2 - ok
22:23:56.0744 2864 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
22:23:56.0757 2864 umbus - ok
22:23:56.0808 2864 USBAAPL64 (9e58997a211c8c9ac9e6cffa53614a73) C:\Windows\system32\Drivers\usbaapl64.sys
22:23:56.0820 2864 USBAAPL64 - ok
22:23:56.0877 2864 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
22:23:56.0891 2864 usbccgp - ok
22:23:56.0920 2864 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
22:23:56.0941 2864 usbcir - ok
22:23:56.0973 2864 usbehci (da6d8d8ed0a53c63ac6f4bd40fe83fbe) C:\Windows\system32\DRIVERS\usbehci.sys
22:23:56.0985 2864 usbehci - ok
22:23:57.0014 2864 usbfilter (8fec71666aba7114f9cab9e56065ec80) C:\Windows\system32\DRIVERS\usbfilter.sys
22:23:57.0023 2864 usbfilter - ok
22:23:57.0054 2864 usbhub (99045369ae3216216573d0775fd7ed56) C:\Windows\system32\DRIVERS\usbhub.sys
22:23:57.0087 2864 usbhub - ok
22:23:57.0123 2864 usbohci (540b622da0949695c40cdc9d5d497a8b) C:\Windows\system32\DRIVERS\usbohci.sys
22:23:57.0131 2864 usbohci - ok
22:23:57.0187 2864 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
22:23:57.0196 2864 usbprint - ok
22:23:57.0217 2864 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
22:23:57.0228 2864 usbscan - ok
22:23:57.0255 2864 USBSTOR (586d9876a4945779c8eea926c0d16889) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:23:57.0266 2864 USBSTOR - ok
22:23:57.0296 2864 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
22:23:57.0306 2864 usbuhci - ok
22:23:57.0343 2864 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys
22:23:57.0358 2864 usbvideo - ok
22:23:57.0403 2864 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
22:23:57.0413 2864 vga - ok
22:23:57.0432 2864 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
22:23:57.0444 2864 VgaSave - ok
22:23:57.0473 2864 viaide (4f964e6828156f0ef3fa8d3a9a7895de) C:\Windows\system32\drivers\viaide.sys
22:23:57.0483 2864 viaide - ok
22:23:57.0506 2864 volmgr (793d9b32a1c462c91f6f70358283ac97) C:\Windows\system32\drivers\volmgr.sys
22:23:57.0522 2864 volmgr - ok
22:23:57.0545 2864 volmgrx (5aa217da5dc4ff5b9ac9ab86563b3223) C:\Windows\system32\drivers\volmgrx.sys
22:23:57.0573 2864 volmgrx - ok
22:23:57.0628 2864 volsnap (de4307412d98050239026e56a7dff3c0) C:\Windows\system32\drivers\volsnap.sys
22:23:57.0665 2864 volsnap - ok
22:23:57.0690 2864 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
22:23:57.0708 2864 vsmraid - ok
22:23:57.0750 2864 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
22:23:57.0760 2864 WacomPen - ok
22:23:57.0798 2864 Wanarp (aea75207e443c8623c36b8d03596f84f) C:\Windows\system32\DRIVERS\wanarp.sys
22:23:57.0813 2864 Wanarp - ok
22:23:57.0822 2864 Wanarpv6 (aea75207e443c8623c36b8d03596f84f) C:\Windows\system32\DRIVERS\wanarp.sys
22:23:57.0824 2864 Wanarpv6 - ok
22:23:57.0863 2864 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
22:23:57.0874 2864 Wd - ok
22:23:57.0924 2864 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
22:23:57.0982 2864 Wdf01000 - ok
22:23:58.0088 2864 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\DRIVERS\wmiacpi.sys
22:23:58.0089 2864 WmiAcpi - ok
22:23:58.0174 2864 WpdUsb (6329d1990db931073b86ab5946d8e317) C:\Windows\system32\DRIVERS\wpdusb.sys
22:23:58.0186 2864 WpdUsb - ok
22:23:58.0214 2864 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
22:23:58.0222 2864 ws2ifsl - ok
22:23:58.0287 2864 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:23:58.0301 2864 WUDFRd - ok
22:23:58.0349 2864 yukonx64 (07f7285220307aafb755d890295f0f9a) C:\Windows\system32\DRIVERS\yk60x64.sys
22:23:58.0380 2864 yukonx64 - ok
22:23:58.0464 2864 {55662437-DA8C-40c0-AADA-2C816A897A49} (1cacfef9e5dd866c5b79a135ee729e18) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
22:23:58.0470 2864 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
22:23:58.0511 2864 MBR (0x1B8) (5c86adec17b739c437e145e3b3fc2e6d) \Device\Harddisk0\DR0
22:23:58.0526 2864 \Device\Harddisk0\DR0 - ok
22:23:58.0537 2864 Boot (0x1200) (8f87af450ef580830a99c91762730d34) \Device\Harddisk0\DR0\Partition0
22:23:58.0543 2864 \Device\Harddisk0\DR0\Partition0 - ok
22:23:58.0582 2864 Boot (0x1200) (f602c7a43943b4a63483a94ad55557db) \Device\Harddisk0\DR0\Partition1
22:23:58.0584 2864 \Device\Harddisk0\DR0\Partition1 - ok
22:23:58.0585 2864 ============================================================
22:23:58.0585 2864 Scan finished
22:23:58.0585 2864 ============================================================
22:23:58.0616 4184 Detected object count: 0
22:23:58.0616 4184 Actual detected object count: 0

 

[Broni]

All logs look clean now.

We'll keep checking....

Download OTL to your Desktop.

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• Click the Scan All Users checkbox.
• Under the Custom Scan box paste this in:

netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /i " " /c
dir /b "%systemroot%\*.exe" | find /i " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
/md5stop

• Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
• When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

 

[candygirl]

OTL log (part 1)

OTL logfile created on: 10/31/2011 10:43:19 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Vianca\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 2.62 Gb Available Physical Memory | 69.87% Memory free
7.71 Gb Paging File | 6.27 Gb Available in Paging File | 81.34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.71 Gb Total Space | 325.72 Gb Free Space | 72.11% Space Free | Partition Type: NTFS
Drive D: | 14.05 Gb Total Space | 2.13 Gb Free Space | 15.19% Space Free | Partition Type: NTFS

Computer Name: PIMPONE | User Name: Vianca | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/10/31 22:40:47 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Vianca\Desktop\OTL.exe
PRC - [2011/10/19 16:56:36 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011/10/19 16:56:24 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011/10/19 16:56:24 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/08/03 13:42:04 | 000,804,352 | ---- | M] (Audiovox Electronics Corp.) -- C:\Users\Vianca\Documents\RCA Detective\RCADetective.exe
PRC - [2008/12/02 21:28:22 | 000,365,952 | ---- | M] () -- C:\Program Files (x86)\SMINST\BLService.exe
PRC - [2008/11/26 20:13:08 | 000,296,320 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
PRC - [2008/11/26 20:13:08 | 000,116,096 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe


========== Modules (No Company Name) ==========

MOD - [2009/11/03 16:51:42 | 000,067,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2008/12/10 10:04:58 | 000,935,424 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility)
SRV:64bit: - [2008/09/26 15:13:54 | 000,279,040 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_bd5387da\STacSV64.exe -- (STacSV)
SRV:64bit: - [2008/09/26 15:13:24 | 000,089,088 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_bd5387da\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2008/03/18 19:25:40 | 000,023,040 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\Hpservice.exe -- (hpsrv)
SRV:64bit: - [2008/01/20 22:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/12/11 15:11:30 | 000,015,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\agr64svc.exe -- (AgereModemAudio)
SRV - [2011/10/19 16:56:36 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/10/19 16:56:24 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/05/28 03:14:56 | 001,044,840 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\Hp\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2008/12/02 21:28:22 | 000,365,952 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008/11/26 20:13:08 | 000,296,320 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe -- (TVCapSvc) TV Background Capture Service (TVBCS)
SRV - [2008/11/26 20:13:08 | 000,116,096 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- (TVSched) TV Task Scheduler (TVTS)
SRV - [2008/07/27 14:03:13 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/10/19 16:56:50 | 000,027,760 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011/10/19 16:56:49 | 000,130,760 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avipbb.sys -- (avipbb)
DRV:64bit: - [2011/10/19 16:56:49 | 000,097,312 | ---- | M] () [File_System | Auto | Running] -- C:\Windows\SysNative\DRIVERS\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2009/08/28 20:42:52 | 000,049,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/05/18 15:17:08 | 000,034,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/12/10 11:31:26 | 004,993,024 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2008/11/10 15:26:30 | 000,184,832 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2008/10/27 20:40:02 | 001,164,288 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\athrx.sys -- (athr)
DRV:64bit: - [2008/09/26 15:14:14 | 000,465,408 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\stwrt64.sys -- (STHDA)
DRV:64bit: - [2008/07/21 06:53:04 | 000,145,496 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\jmcr.sys -- (JMCR)
DRV:64bit: - [2008/05/28 20:54:18 | 000,026,168 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2008/04/28 01:25:06 | 000,016,400 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV:64bit: - [2008/03/27 15:10:56 | 000,026,984 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2008/03/27 15:10:14 | 000,040,296 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2008/02/29 18:59:32 | 001,252,352 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2008/01/24 09:24:24 | 000,060,928 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\enecir.sys -- (enecir)
DRV:64bit: - [2008/01/20 22:47:28 | 000,046,080 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2008/01/20 22:47:25 | 000,012,288 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\serscan.sys -- (StillCam)
DRV:64bit: - [2008/01/20 22:46:57 | 003,154,432 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\NETw3v64.sys -- (NETw3v64) Intel(R)
DRV:64bit: - [2008/01/20 22:46:55 | 000,111,104 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV:64bit: - [2008/01/18 07:31:30 | 000,320,560 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP)
DRV:64bit: - [2007/06/18 19:13:12 | 000,018,432 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2006/10/03 21:45:36 | 000,273,408 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV - [2008/11/28 21:04:24 | 000,146,928 | ---- | M] (CyberLink Corp.) [2009/08/12 17:38:24] [Kernel | Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll (AOL LLC.)


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1188132796-2589654712-3005709553-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
IE - HKU\S-1-5-21-1188132796-2589654712-3005709553-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1188132796-2589654712-3005709553-1000\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll (AOL LLC.)
IE - HKU\S-1-5-21-1188132796-2589654712-3005709553-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1188132796-2589654712-3005709553-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Vianca\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Vianca\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/10/29 17:18:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/10/29 17:18:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/07/23 20:42:49 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/10/29 17:18:16 | 000,000,000 | ---D | M]

[2011/07/23 20:45:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vianca\AppData\Roaming\Mozilla\Extensions
[2011/07/23 20:45:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/10/08 15:14:23 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/10/08 15:14:19 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Vianca\AppData\Local\Google\Chrome\Application\13.0.782.220\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Chrome NaCl (Disabled) = C:\Users\Vianca\AppData\Local\Google\Chrome\Application\13.0.782.220\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Vianca\AppData\Local\Google\Chrome\Application\13.0.782.220\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2011/10/31 21:54:11 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AIM Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll (AOL LLC.)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll (AOL LLC.)
O3 - HKU\S-1-5-21-1188132796-2589654712-3005709553-1000\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll (AOL LLC.)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - Startup: C:\Users\Vianca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RCA Detective.lnk = C:\Users\Vianca\Documents\RCA Detective\RCADetective.exe (Audiovox Electronics Corp.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1188132796-2589654712-3005709553-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1188132796-2589654712-3005709553-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-21-1188132796-2589654712-3005709553-1000\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1BC653EC-F1C4-4804-8B40-C54357C121EB}: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A9A0B2C0-D36D-4F2A-8206-BA06C7140994}: DhcpNameServer = 68.87.74.166 68.87.68.166
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Vianca\Pictures\lil monster.jpg
O24 - Desktop BackupWallPaper: C:\Users\Vianca\Pictures\lil monster.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

 

[candygirl]

OTL log (part 2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/10/31 22:40:45 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Vianca\Desktop\OTL.exe
[2011/10/31 22:22:35 | 001,564,464 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Vianca\Desktop\tdsskiller.exe
[2011/10/31 21:59:10 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/10/31 21:56:51 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/10/31 21:56:51 | 000,000,000 | ---D | C] -- C:\Users\Vianca\AppData\Local\temp
[2011/10/31 21:43:58 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/10/31 21:43:58 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/10/31 21:43:58 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/10/31 21:43:53 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/10/31 21:43:50 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/10/31 21:25:08 | 004,279,921 | R--- | C] (Swearware) -- C:\Users\Vianca\Desktop\ComboFix.exe
[2011/10/31 07:07:15 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WindowsPowerShell
[2011/10/31 07:07:11 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WindowsPowerShell
[2011/10/30 16:42:40 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/10/30 16:37:58 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Users\Vianca\Desktop\aswMBR.exe
[2011/10/30 16:13:03 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Vianca\Desktop\dds.scr
[2011/10/30 15:29:02 | 000,000,000 | ---D | C] -- C:\Users\Vianca\Desktop\Infection
[2011/10/30 15:17:44 | 000,000,000 | ---D | C] -- C:\Users\Vianca\AppData\Roaming\Malwarebytes
[2011/10/30 15:16:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/10/30 15:16:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/10/30 15:16:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/10/30 15:15:37 | 000,000,000 | ---D | C] -- C:\Users\Vianca\AppData\Roaming\Avira
[2011/10/30 15:13:53 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Vianca\Desktop\mbam-setup-1.51.2.1300.exe
[2011/10/30 15:00:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011/10/30 14:59:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011/10/30 14:59:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2011/10/28 12:53:03 | 000,000,000 | ---D | C] -- C:\Users\Vianca\Desktop\CAPC
[2011/10/07 12:00:08 | 000,000,000 | ---D | C] -- C:\Users\Vianca\Documents\RCA Detective
[2011/10/07 12:00:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RCA Detective
[2011/10/07 11:59:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RCA Digital Voice Recorder
[2011/10/07 11:59:54 | 000,000,000 | ---D | C] -- C:\Users\Vianca\Documents\RCA Digital Voice Manager
[1 C:\Users\Vianca\AppData\Local\*.tmp files -> C:\Users\Vianca\AppData\Local\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/10/31 22:40:47 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Vianca\Desktop\OTL.exe
[2011/10/31 22:28:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1188132796-2589654712-3005709553-1000UA.job
[2011/10/31 22:22:40 | 001,564,464 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Vianca\Desktop\tdsskiller.exe
[2011/10/31 22:11:01 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/10/31 22:04:25 | 000,595,684 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/10/31 22:04:25 | 000,101,350 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/10/31 22:04:24 | 000,690,960 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/10/31 21:59:15 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/10/31 21:59:14 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/10/31 21:59:05 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/10/31 21:58:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/10/31 21:58:32 | 4024,258,560 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/31 21:54:11 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/10/31 21:40:45 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/10/31 21:25:09 | 004,279,921 | R--- | M] (Swearware) -- C:\Users\Vianca\Desktop\ComboFix.exe
[2011/10/31 17:52:55 | 000,302,592 | ---- | M] () -- C:\Users\Vianca\Desktop\6teqoz3k.exe
[2011/10/31 16:28:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1188132796-2589654712-3005709553-1000Core.job
[2011/10/31 13:13:56 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\WebReg Officejet 6500 E709n Series.job
[2011/10/31 12:00:31 | 000,000,732 | ---- | M] () -- C:\Users\Vianca\AppData\Local\d3d9caps64.dat
[2011/10/31 07:13:38 | 000,397,808 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/10/30 18:17:24 | 282,950,735 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/10/30 16:38:07 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Users\Vianca\Desktop\aswMBR.exe
[2011/10/30 16:13:04 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Vianca\Desktop\dds.scr
[2011/10/30 15:16:54 | 000,000,948 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/10/30 15:14:38 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Vianca\Desktop\mbam-setup-1.51.2.1300.exe
[2011/10/30 15:00:08 | 000,001,901 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2011/10/29 12:10:40 | 000,000,448 | ---- | M] () -- C:\ProgramData\6DSS92c31Apgjk
[2011/10/29 12:09:31 | 000,000,192 | ---- | M] () -- C:\ProgramData\~6DSS92c31Apgjk
[2011/10/29 12:09:30 | 000,000,088 | ---- | M] () -- C:\ProgramData\~6DSS92c31Apgjkr
[2011/10/28 11:16:31 | 000,007,052 | ---- | M] () -- C:\Users\Vianca\AppData\Local\d3d9caps.dat
[2011/10/21 13:31:35 | 000,933,758 | ---- | M] () -- C:\Users\Vianca\Desktop\Scan004.jpg
[2011/10/21 13:26:52 | 005,108,422 | ---- | M] () -- C:\Users\Vianca\Desktop\Scan003.jpg
[2011/10/19 16:56:50 | 000,027,760 | ---- | M] () -- C:\Windows\SysNative\drivers\avkmgr.sys
[2011/10/19 16:56:49 | 000,130,760 | ---- | M] () -- C:\Windows\SysNative\drivers\avipbb.sys
[2011/10/19 16:56:49 | 000,097,312 | ---- | M] () -- C:\Windows\SysNative\drivers\avgntflt.sys
[2011/10/07 12:04:48 | 000,000,000 | ---- | M] () -- C:\Windows\DVM.INI
[2011/10/07 12:00:08 | 000,000,781 | ---- | M] () -- C:\Users\Vianca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RCA Detective.lnk
[2011/10/06 17:50:12 | 000,006,656 | ---- | M] () -- C:\Users\Vianca\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[1 C:\Users\Vianca\AppData\Local\*.tmp files -> C:\Users\Vianca\AppData\Local\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/10/31 21:58:32 | 4024,258,560 | -HS- | C] () -- C:\hiberfil.sys
[2011/10/31 21:43:58 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/10/31 21:43:58 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/10/31 21:43:58 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/10/31 21:43:58 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/10/31 21:43:58 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/10/31 17:52:54 | 000,302,592 | ---- | C] () -- C:\Users\Vianca\Desktop\6teqoz3k.exe
[2011/10/31 13:13:55 | 000,000,330 | ---- | C] () -- C:\Windows\tasks\WebReg Officejet 6500 E709n Series.job
[2011/10/31 06:34:24 | 000,316,416 | ---- | C] () -- C:\Windows\SysNative\msshsq.dll
[2011/10/31 04:32:17 | 000,049,160 | ---- | C] () -- C:\Windows\SysNative\infocardcpl.cpl
[2011/10/31 04:32:09 | 000,011,264 | ---- | C] () -- C:\Windows\SysNative\icardres.dll
[2011/10/31 04:32:07 | 000,052,760 | ---- | C] () -- C:\Windows\SysNative\PresentationHostProxy.dll
[2011/10/31 04:32:04 | 001,168,928 | ---- | C] () -- C:\Windows\SysNative\PresentationNative_v0300.dll
[2011/10/31 04:32:04 | 000,167,432 | ---- | C] () -- C:\Windows\SysNative\infocardapi.dll
[2011/10/31 04:32:03 | 001,383,936 | ---- | C] () -- C:\Windows\SysNative\icardagt.exe
[2011/10/31 04:31:33 | 000,126,520 | ---- | C] () -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2011/10/31 04:31:24 | 000,357,904 | ---- | C] () -- C:\Windows\SysNative\PresentationHost.exe
[2011/10/31 04:13:00 | 000,013,824 | ---- | C] () -- C:\Windows\SysNative\netfxperf.dll
[2011/10/31 04:12:40 | 000,112,120 | ---- | C] () -- C:\Windows\SysNative\dfshim.dll
[2011/10/31 04:12:16 | 000,406,528 | ---- | C] () -- C:\Windows\SysNative\mscoree.dll
[2011/10/31 04:12:01 | 000,158,208 | ---- | C] () -- C:\Windows\SysNative\mscorier.dll
[2011/10/31 04:11:54 | 000,076,288 | ---- | C] () -- C:\Windows\SysNative\mscories.dll
[2011/10/31 03:58:28 | 000,032,768 | ---- | C] () -- C:\Windows\SysNative\nshhttp.dll
[2011/10/31 03:58:23 | 000,610,304 | ---- | C] () -- C:\Windows\SysNative\drivers\http.sys
[2011/10/31 03:58:22 | 000,033,792 | ---- | C] () -- C:\Windows\SysNative\httpapi.dll
[2011/10/31 03:26:45 | 000,101,376 | ---- | C] () -- C:\Windows\SysNative\MSNP.ax
[2011/10/31 03:26:35 | 000,375,808 | ---- | C] () -- C:\Windows\SysNative\psisdecd.dll
[2011/10/31 03:26:33 | 000,289,792 | ---- | C] () -- C:\Windows\SysNative\psisrndr.ax
[2011/10/31 03:22:05 | 000,002,048 | ---- | C] () -- C:\Windows\SysNative\winrsmgr.dll
[2011/10/31 03:22:01 | 000,013,312 | ---- | C] () -- C:\Windows\SysNative\wsmplpxy.dll
[2011/10/31 03:22:01 | 000,013,312 | ---- | C] () -- C:\Windows\SysNative\winrssrv.dll
[2011/10/31 03:21:32 | 000,053,760 | ---- | C] () -- C:\Windows\SysNative\pwrshplugin.dll
[2011/10/31 03:21:31 | 000,051,200 | ---- | C] () -- C:\Windows\SysNative\winrs.exe
[2011/10/31 03:21:31 | 000,024,064 | ---- | C] () -- C:\Windows\SysNative\winrshost.exe
[2011/10/31 03:21:31 | 000,013,824 | ---- | C] () -- C:\Windows\SysNative\wsmprovhost.exe
[2011/10/31 03:21:16 | 000,232,960 | ---- | C] () -- C:\Windows\SysNative\wecsvc.dll
[2011/10/31 03:21:16 | 000,113,152 | ---- | C] () -- C:\Windows\SysNative\wevtfwd.dll
[2011/10/31 03:21:16 | 000,113,152 | ---- | C] () -- C:\Windows\SysNative\wecutil.exe
[2011/10/31 03:21:16 | 000,084,992 | ---- | C] () -- C:\Windows\SysNative\wecapi.dll
[2011/10/31 03:21:16 | 000,054,272 | ---- | C] () -- C:\Windows\SysNative\WsmRes.dll
[2011/10/31 03:21:03 | 000,201,184 | ---- | C] () -- C:\Windows\SysWow64\winrm.vbs
[2011/10/31 03:21:03 | 000,201,184 | ---- | C] () -- C:\Windows\SysNative\winrm.vbs
[2011/10/31 03:21:03 | 000,004,675 | ---- | C] () -- C:\Windows\SysWow64\wsmanconfig_schema.xml
[2011/10/31 03:21:03 | 000,004,675 | ---- | C] () -- C:\Windows\SysNative\wsmanconfig_schema.xml
[2011/10/31 03:21:03 | 000,002,426 | ---- | C] () -- C:\Windows\SysWow64\WsmTxt.xsl
[2011/10/31 03:21:03 | 000,002,426 | ---- | C] () -- C:\Windows\SysNative\WsmTxt.xsl
[2011/10/31 03:20:59 | 000,310,272 | ---- | C] () -- C:\Windows\SysNative\WsmWmiPl.dll
[2011/10/31 03:20:59 | 000,180,736 | ---- | C] () -- C:\Windows\SysNative\WsmAuto.dll
[2011/10/31 03:20:58 | 000,370,688 | ---- | C] () -- C:\Windows\SysNative\winrscmd.dll
[2011/10/31 03:20:58 | 000,348,672 | ---- | C] () -- C:\Windows\SysNative\WSManHTTPConfig.exe
[2011/10/31 03:20:57 | 002,050,048 | ---- | C] () -- C:\Windows\SysNative\WsmSvc.dll
[2011/10/31 03:20:57 | 000,352,768 | ---- | C] () -- C:\Windows\SysNative\WSManMigrationPlugin.dll
[2011/10/30 16:41:51 | 282,950,735 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/10/30 15:16:54 | 000,000,948 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/10/30 15:16:45 | 000,025,416 | ---- | C] () -- C:\Windows\SysNative\drivers\mbam.sys
[2011/10/30 15:00:08 | 000,001,901 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2011/10/30 14:59:49 | 000,130,760 | ---- | C] () -- C:\Windows\SysNative\drivers\avipbb.sys
[2011/10/30 14:59:49 | 000,097,312 | ---- | C] () -- C:\Windows\SysNative\drivers\avgntflt.sys
[2011/10/30 14:59:49 | 000,027,760 | ---- | C] () -- C:\Windows\SysNative\drivers\avkmgr.sys
[2011/10/30 14:55:30 | 000,372,736 | ---- | C] () -- C:\Windows\SysNative\unregmp2.exe
[2011/10/30 14:54:48 | 001,420,176 | ---- | C] () -- C:\Windows\SysNative\drivers\tcpip.sys
[2011/10/30 14:54:45 | 001,923,584 | ---- | C] () -- C:\Windows\SysNative\ole32.dll
[2011/10/30 14:54:42 | 000,461,312 | ---- | C] () -- C:\Windows\SysNative\drivers\srv.sys
[2011/10/30 14:54:31 | 005,702,144 | ---- | C] () -- C:\Windows\SysNative\mshtml.dll
[2011/10/30 14:54:27 | 007,016,960 | ---- | C] () -- C:\Windows\SysNative\ieframe.dll
[2011/10/30 14:54:26 | 002,452,872 | ---- | C] () -- C:\Windows\SysNative\ieapfltr.dat
[2011/10/30 14:54:24 | 001,427,968 | ---- | C] () -- C:\Windows\SysNative\urlmon.dll
[2011/10/30 14:54:24 | 001,032,704 | ---- | C] () -- C:\Windows\SysNative\wininet.dll
[2011/10/30 14:54:23 | 001,129,984 | ---- | C] () -- C:\Windows\SysNative\mstime.dll
[2011/10/30 14:54:22 | 000,759,808 | ---- | C] () -- C:\Windows\SysNative\mshtmled.dll
[2011/10/30 14:54:22 | 000,590,848 | ---- | C] () -- C:\Windows\SysNative\msfeeds.dll
[2011/10/30 14:54:21 | 000,480,256 | ---- | C] () -- C:\Windows\SysNative\iedkcs32.dll
[2011/10/30 14:54:21 | 000,375,296 | ---- | C] () -- C:\Windows\SysNative\iertutil.dll
[2011/10/30 14:54:21 | 000,208,896 | ---- | C] () -- C:\Windows\SysNative\occache.dll
[2011/10/30 14:54:19 | 000,422,400 | ---- | C] () -- C:\Windows\SysNative\ieapfltr.dll
[2011/10/30 14:54:19 | 000,267,776 | ---- | C] () -- C:\Windows\SysNative\ieaksie.dll
[2011/10/30 14:54:19 | 000,249,856 | ---- | C] () -- C:\Windows\SysNative\iepeers.dll
[2011/10/30 14:54:18 | 000,485,376 | ---- | C] () -- C:\Windows\SysNative\html.iec
[2011/10/30 14:54:18 | 000,032,768 | ---- | C] () -- C:\Windows\SysNative\ieUnatt.exe
[2011/10/30 14:54:18 | 000,032,256 | ---- | C] () -- C:\Windows\SysNative\jsproxy.dll
[2011/10/30 14:54:17 | 001,383,424 | ---- | C] () -- C:\Windows\SysNative\mshtml.tlb
[2011/10/30 14:54:17 | 000,086,528 | ---- | C] () -- C:\Windows\SysNative\ieencode.dll
[2011/10/30 14:53:50 | 000,818,688 | ---- | C] () -- C:\Windows\SysNative\WMSPDMOD.DLL
[2011/10/30 14:53:48 | 000,084,480 | ---- | C] () -- C:\Windows\SysNative\asycfilt.dll
[2011/10/30 14:53:44 | 000,189,952 | ---- | C] () -- C:\Windows\SysNative\t2embed.dll
[2011/10/30 14:53:35 | 001,208,832 | ---- | C] () -- C:\Windows\SysNative\kernel32.dll
[2011/10/30 14:53:32 | 002,762,240 | ---- | C] () -- C:\Windows\SysNative\win32k.sys
[2011/10/30 14:53:29 | 000,274,432 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb10.sys
[2011/10/30 14:53:29 | 000,135,168 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb.sys
[2011/10/30 14:53:29 | 000,105,984 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb20.sys
[2011/10/30 14:53:20 | 013,425,152 | ---- | C] () -- C:\Windows\SysNative\wmp.dll
[2011/10/30 14:53:11 | 008,147,968 | ---- | C] () -- C:\Windows\SysNative\wmploc.DLL
[2011/10/30 14:52:46 | 000,087,552 | ---- | C] () -- C:\Windows\SysNative\consent.exe
[2011/10/30 14:52:31 | 000,301,568 | ---- | C] () -- C:\Windows\SysNative\shsvcs.dll
[2011/10/30 14:52:21 | 000,753,152 | ---- | C] () -- C:\Windows\SysNative\jscript.dll
[2011/10/30 14:52:20 | 000,603,648 | ---- | C] () -- C:\Windows\SysNative\vbscript.dll
[2011/10/30 14:52:16 | 000,090,624 | ---- | C] () -- C:\Windows\SysNative\drivers\bowser.sys
[2011/10/30 14:52:14 | 000,560,128 | ---- | C] () -- C:\Windows\SysNative\EncDec.dll
[2011/10/30 14:52:13 | 000,416,768 | ---- | C] () -- C:\Windows\SysNative\sbe.dll
[2011/10/30 14:52:12 | 000,226,816 | ---- | C] () -- C:\Windows\SysNative\mpg2splt.ax
[2011/10/30 14:52:12 | 000,210,944 | ---- | C] () -- C:\Windows\SysNative\sbeio.dll
[2011/10/30 14:52:00 | 000,097,792 | ---- | C] () -- C:\Windows\SysNative\drivers\dfsc.sys
[2011/10/30 14:51:56 | 001,875,456 | ---- | C] () -- C:\Windows\SysNative\msxml3.dll
[2011/10/30 14:51:51 | 001,570,816 | ---- | C] () -- C:\Windows\SysNative\quartz.dll
[2011/10/30 14:51:42 | 000,295,936 | ---- | C] () -- C:\Windows\SysNative\raschap.dll
[2011/10/30 14:51:42 | 000,280,576 | ---- | C] () -- C:\Windows\SysNative\rastls.dll
[2011/10/30 14:51:34 | 001,075,600 | ---- | C] () -- C:\Windows\SysNative\winload.efi
[2011/10/30 14:51:34 | 001,062,800 | ---- | C] () -- C:\Windows\SysNative\winload.exe
[2011/10/30 14:51:34 | 000,990,096 | ---- | C] () -- C:\Windows\SysNative\winresume.efi
[2011/10/30 14:51:34 | 000,979,344 | ---- | C] () -- C:\Windows\SysNative\winresume.exe
[2011/10/30 14:51:33 | 000,020,880 | ---- | C] () -- C:\Windows\SysNative\kdusb.dll
[2011/10/30 14:51:33 | 000,018,832 | ---- | C] () -- C:\Windows\SysNative\kd1394.dll
[2011/10/30 14:51:33 | 000,018,320 | ---- | C] () -- C:\Windows\SysNative\kdcom.dll
[2011/10/30 14:51:22 | 000,032,256 | ---- | C] () -- C:\Windows\SysNative\Apphlpdm.dll
[2011/10/30 14:51:20 | 004,240,384 | ---- | C] () -- C:\Windows\SysNative\GameUXLegacyGDFs.dll
[2011/10/30 14:51:15 | 001,280,512 | ---- | C] () -- C:\Windows\SysNative\rpcrt4.dll
[2011/10/30 14:51:09 | 000,633,856 | ---- | C] () -- C:\Windows\SysNative\comctl32.dll
[2011/10/30 14:51:06 | 000,267,776 | ---- | C] () -- C:\Windows\SysNative\spoolsv.exe
[2011/10/30 14:51:02 | 002,424,320 | ---- | C] () -- C:\Windows\SysNative\mstscax.dll
[2011/10/30 14:51:01 | 000,730,624 | ---- | C] () -- C:\Windows\SysNative\mstsc.exe
[2011/10/30 14:50:58 | 000,082,944 | ---- | C] () -- C:\Windows\SysNative\msasn1.dll
[2011/10/30 14:50:52 | 000,038,400 | ---- | C] () -- C:\Windows\SysNative\msvidc32.dll
[2011/10/30 14:50:51 | 000,108,544 | ---- | C] () -- C:\Windows\SysNative\avifil32.dll
[2011/10/30 14:50:51 | 000,093,184 | ---- | C] () -- C:\Windows\SysNative\mciavi32.dll
[2011/10/30 14:50:51 | 000,076,800 | ---- | C] () -- C:\Windows\SysNative\avicap32.dll
[2011/10/30 14:50:51 | 000,054,272 | ---- | C] () -- C:\Windows\SysNative\iyuv_32.dll
[2011/10/30 14:50:51 | 000,025,600 | ---- | C] () -- C:\Windows\SysNative\msyuv.dll
[2011/10/30 14:50:51 | 000,015,872 | ---- | C] () -- C:\Windows\SysNative\msrle32.dll
[2011/10/30 14:50:51 | 000,013,824 | ---- | C] () -- C:\Windows\SysNative\tsbyuv.dll
[2011/10/30 14:50:50 | 000,143,360 | ---- | C] () -- C:\Windows\SysNative\msvfw32.dll
[2011/10/30 14:50:46 | 000,880,640 | ---- | C] () -- C:\Windows\SysNative\timedate.cpl
[2011/10/30 14:50:41 | 001,030,656 | ---- | C] () -- C:\Windows\SysNative\printfilterpipelinesvc.exe
[2011/10/30 14:50:39 | 000,718,336 | ---- | C] () -- C:\Windows\SysNative\rpcss.dll
[2011/10/30 14:50:37 | 000,036,352 | ---- | C] () -- C:\Windows\SysNative\printfilterpipelineprxy.dll
[2011/10/30 14:50:36 | 000,231,424 | ---- | C] () -- C:\Windows\SysNative\sdohlp.dll
[2011/10/30 14:50:36 | 000,163,840 | ---- | C] () -- C:\Windows\SysNative\iasrecst.dll
[2011/10/30 14:50:36 | 000,075,776 | ---- | C] () -- C:\Windows\SysNative\iasads.dll
[2011/10/30 14:50:36 | 000,061,440 | ---- | C] () -- C:\Windows\SysNative\iasdatastore.dll
[2011/10/30 14:50:36 | 000,024,576 | ---- | C] () -- C:\Windows\SysNative\iashost.exe
[2011/10/30 14:50:18 | 002,900,480 | ---- | C] () -- C:\Windows\SysNative\WMVCORE.DLL
[2011/10/30 14:50:11 | 003,547,136 | ---- | C] () -- C:\Windows\SysNative\mf.dll
[2011/10/30 14:49:48 | 000,407,552 | ---- | C] () -- C:\Windows\SysNative\drivers\afd.sys
[2011/10/30 14:49:46 | 000,050,688 | ---- | C] () -- C:\Windows\SysNative\rtutils.dll
[2011/10/30 14:49:43 | 000,847,872 | ---- | C] () -- C:\Windows\SysNative\oleaut32.dll
[2011/10/30 14:49:39 | 000,439,808 | ---- | C] () -- C:\Windows\SysNative\winhttp.dll
[2011/10/30 14:49:36 | 000,295,424 | ---- | C] () -- C:\Windows\SysNative\MP4SDECD.DLL
[2011/10/30 14:49:33 | 001,692,160 | ---- | C] () -- C:\Windows\SysNative\lsasrv.dll
[2011/10/30 14:49:33 | 000,268,800 | ---- | C] () -- C:\Windows\SysNative\msv1_0.dll
[2011/10/30 14:49:32 | 000,515,656 | ---- | C] () -- C:\Windows\SysNative\drivers\ksecdd.sys
[2011/10/30 14:49:32 | 000,205,312 | ---- | C] () -- C:\Windows\SysNative\wdigest.dll
[2011/10/30 14:49:31 | 000,094,720 | ---- | C] () -- C:\Windows\SysNative\secur32.dll
[2011/10/30 14:49:31 | 000,011,264 | ---- | C] () -- C:\Windows\SysNative\lsass.exe
[2011/10/30 14:49:27 | 000,088,576 | ---- | C] () -- C:\Windows\SysNative\atl.dll
[2011/10/30 14:49:23 | 000,791,552 | ---- | C] () -- C:\Windows\SysNative\localspl.dll
[2011/10/30 14:49:21 | 000,176,128 | ---- | C] () -- C:\Windows\SysNative\drivers\srv2.sys
[2011/10/30 14:49:21 | 000,144,896 | ---- | C] () -- C:\Windows\SysNative\drivers\srvnet.sys
[2011/10/30 14:49:18 | 000,202,752 | ---- | C] () -- C:\Windows\SysNative\wkssvc.dll
[2011/10/30 14:49:12 | 000,462,848 | ---- | C] () -- C:\Windows\SysNative\odbc32.dll
[2011/10/30 14:48:58 | 012,898,304 | ---- | C] () -- C:\Windows\SysNative\shell32.dll
[2011/10/30 14:48:56 | 000,454,144 | ---- | C] () -- C:\Windows\SysNative\shlwapi.dll
[2011/10/30 14:48:41 | 000,141,312 | ---- | C] () -- C:\Windows\SysNative\netiohlp.dll
[2011/10/30 14:48:41 | 000,032,256 | ---- | C] () -- C:\Windows\SysNative\NETSTAT.EXE
[2011/10/30 14:48:40 | 000,023,040 | ---- | C] () -- C:\Windows\SysNative\ARP.EXE
[2011/10/30 14:48:40 | 000,012,800 | ---- | C] () -- C:\Windows\SysNative\MRINFO.EXE
[2011/10/30 14:48:40 | 000,011,264 | ---- | C] () -- C:\Windows\SysNative\finger.exe
[2011/10/30 14:48:40 | 000,010,752 | ---- | C] () -- C:\Windows\SysNative\TCPSVCS.EXE
[2011/10/30 14:48:40 | 000,010,240 | ---- | C] () -- C:\Windows\SysNative\HOSTNAME.EXE
[2011/10/30 14:48:39 | 000,021,504 | ---- | C] () -- C:\Windows\SysNative\ROUTE.EXE
[2011/10/30 14:48:39 | 000,017,920 | ---- | C] () -- C:\Windows\SysNative\netevent.dll
[2011/10/30 14:47:52 | 000,975,360 | ---- | C] () -- C:\Windows\SysNative\inetcomm.dll
[2011/10/30 14:47:46 | 000,656,384 | ---- | C] () -- C:\Windows\SysNative\kerberos.dll
[2011/10/30 14:47:36 | 000,437,248 | ---- | C] () -- C:\Windows\SysNative\WSDApi.dll
[2011/10/30 14:47:24 | 000,025,600 | ---- | C] () -- C:\Windows\SysNative\amxread.dll
[2011/10/30 14:47:24 | 000,015,872 | ---- | C] () -- C:\Windows\SysNative\apilogen.dll
[2011/10/30 14:47:13 | 001,794,560 | ---- | C] () -- C:\Windows\SysNative\msxml6.dll
[2011/10/30 14:47:07 | 000,324,608 | ---- | C] () -- C:\Windows\SysNative\PortableDeviceApi.dll
[2011/10/30 14:47:01 | 000,594,944 | ---- | C] () -- C:\Windows\SysNative\RMActivate_isv.exe
[2011/10/30 14:47:01 | 000,594,432 | ---- | C] () -- C:\Windows\SysNative\RMActivate.exe
[2011/10/30 14:47:00 | 000,413,696 | ---- | C] () -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2011/10/30 14:47:00 | 000,409,600 | ---- | C] () -- C:\Windows\SysNative\RMActivate_ssp.exe
[2011/10/30 14:46:59 | 000,535,040 | ---- | C] () -- C:\Windows\SysNative\secproc.dll
[2011/10/30 14:46:59 | 000,534,016 | ---- | C] () -- C:\Windows\SysNative\secproc_isv.dll
[2011/10/30 14:46:58 | 000,457,216 | ---- | C] () -- C:\Windows\SysNative\msdrm.dll
[2011/10/30 14:46:58 | 000,159,232 | ---- | C] () -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2011/10/30 14:46:58 | 000,158,720 | ---- | C] () -- C:\Windows\SysNative\secproc_ssp.dll
[2011/10/30 14:46:53 | 000,344,576 | ---- | C] () -- C:\Windows\SysNative\schannel.dll
[2011/10/30 14:46:49 | 004,678,032 | ---- | C] () -- C:\Windows\SysNative\ntoskrnl.exe
[2011/10/30 14:46:48 | 001,562,008 | ---- | C] () -- C:\Windows\SysNative\ntdll.dll
[2011/10/30 14:46:44 | 001,251,840 | ---- | C] () -- C:\Windows\SysNative\sdclt.exe
[2011/10/30 14:46:39 | 000,367,616 | ---- | C] () -- C:\Windows\SysNative\atmfd.dll
[2011/10/30 14:46:38 | 000,096,256 | ---- | C] () -- C:\Windows\SysNative\fontsub.dll
[2011/10/30 14:46:37 | 000,048,128 | ---- | C] () -- C:\Windows\SysNative\atmlib.dll
[2011/10/30 14:46:35 | 000,730,112 | ---- | C] () -- C:\Windows\SysNative\msdtcprx.dll
[2011/10/30 14:46:34 | 000,048,640 | ---- | C] () -- C:\Windows\SysNative\xolehlp.dll
[2011/10/30 14:46:27 | 000,002,048 | ---- | C] () -- C:\Windows\SysNative\tzres.dll
[2011/10/30 14:46:07 | 000,072,192 | ---- | C] () -- C:\Windows\SysNative\l3codeca.acm
[2011/10/30 14:46:04 | 000,450,048 | ---- | C] () -- C:\Windows\SysNative\winsrv.dll
[2011/10/30 14:46:03 | 000,085,504 | ---- | C] () -- C:\Windows\SysNative\csrsrv.dll
[2011/10/30 14:46:02 | 000,622,080 | ---- | C] () -- C:\Windows\SysNative\usp10.dll
[2011/10/30 14:45:37 | 000,368,128 | ---- | C] () -- C:\Windows\SysNative\wmpdxm.dll
[2011/10/30 14:45:34 | 000,009,216 | ---- | C] () -- C:\Windows\SysNative\spwmp.dll
[2011/10/30 14:45:34 | 000,005,120 | ---- | C] () -- C:\Windows\SysNative\msdxm.ocx
[2011/10/30 14:45:34 | 000,005,120 | ---- | C] () -- C:\Windows\SysNative\dxmasf.dll
[2011/10/30 14:45:31 | 000,043,520 | ---- | C] () -- C:\Windows\SysNative\msdxm.tlb
[2011/10/30 14:45:30 | 000,018,432 | ---- | C] () -- C:\Windows\SysNative\amcompat.tlb
[2011/10/30 14:45:23 | 001,360,384 | ---- | C] () -- C:\Windows\SysNative\mfc42u.dll
[2011/10/30 14:45:22 | 001,398,784 | ---- | C] () -- C:\Windows\SysNative\mfc42.dll
[2011/10/30 14:45:16 | 000,176,640 | ---- | C] () -- C:\Windows\SysNative\Faultrep.dll
[2011/10/30 14:45:16 | 000,120,832 | ---- | C] () -- C:\Windows\SysNative\wersvc.dll
[2011/10/30 14:45:14 | 001,090,048 | ---- | C] () -- C:\Windows\SysNative\wmpmde.dll
[2011/10/30 14:45:12 | 000,221,184 | ---- | C] () -- C:\Windows\SysNative\dnsapi.dll
[2011/10/30 14:45:11 | 000,117,760 | ---- | C] () -- C:\Windows\SysNative\dnsrslvr.dll
[2011/10/30 14:45:11 | 000,028,672 | ---- | C] () -- C:\Windows\SysNative\dnscacheugc.exe
[2011/10/30 14:45:08 | 002,608,803 | ---- | C] () -- C:\Windows\SysNative\wlan.tmf
[2011/10/30 14:45:07 | 000,376,832 | ---- | C] () -- C:\Windows\SysNative\wlansec.dll
[2011/10/30 14:45:07 | 000,353,280 | ---- | C] () -- C:\Windows\SysNative\wlanmsm.dll
[2011/10/30 14:45:06 | 000,615,936 | ---- | C] () -- C:\Windows\SysNative\wlansvc.dll
[2011/10/30 14:45:06 | 000,157,184 | ---- | C] () -- C:\Windows\SysNative\L2SecHC.dll
[2011/10/30 14:45:06 | 000,097,792 | ---- | C] () -- C:\Windows\SysNative\wlanhlp.dll
[2011/10/30 14:45:06 | 000,086,528 | ---- | C] () -- C:\Windows\SysNative\wlanapi.dll
[2011/10/30 14:21:10 | 000,854,528 | ---- | C] () -- C:\Windows\SysNative\schedsvc.dll
[2011/10/30 14:21:09 | 000,655,872 | ---- | C] () -- C:\Windows\SysNative\taskschd.dll
[2011/10/30 14:21:09 | 000,499,712 | ---- | C] () -- C:\Windows\SysNative\wmicmiplugin.dll
[2011/10/30 14:21:08 | 000,410,112 | ---- | C] () -- C:\Windows\SysNative\taskcomp.dll
[2011/10/30 14:21:08 | 000,267,776 | ---- | C] () -- C:\Windows\SysNative\taskeng.exe
[2011/10/30 14:11:51 | 000,270,720 | ---- | C] () -- C:\Windows\SysNative\MpSigStub.exe
[2011/10/29 17:49:23 | 000,104,960 | ---- | C] () -- C:\Windows\SysNative\cabview.dll
[2011/10/29 17:49:20 | 000,218,112 | ---- | C] () -- C:\Windows\SysNative\wintrust.dll
[2011/10/29 17:39:30 | 000,043,744 | ---- | C] () -- C:\Windows\SysNative\wups2.dll
[2011/10/29 17:39:29 | 002,621,440 | ---- | C] () -- C:\Windows\SysNative\wucltux.dll
[2011/10/29 17:39:29 | 002,424,024 | ---- | C] () -- C:\Windows\SysNative\wuaueng.dll
[2011/10/29 17:39:29 | 000,057,560 | ---- | C] () -- C:\Windows\SysNative\wuauclt.exe
[2011/10/29 17:39:09 | 000,098,816 | ---- | C] () -- C:\Windows\SysNative\wudriver.dll
[2011/10/29 17:39:09 | 000,038,112 | ---- | C] () -- C:\Windows\SysNative\wups.dll
[2011/10/29 17:39:08 | 000,700,640 | ---- | C] () -- C:\Windows\SysNative\wuapi.dll
[2011/10/29 17:38:57 | 000,185,416 | ---- | C] () -- C:\Windows\SysNative\wuwebv.dll
[2011/10/29 17:38:57 | 000,036,864 | ---- | C] () -- C:\Windows\SysNative\wuapp.exe
[2011/10/29 12:09:30 | 000,000,192 | ---- | C] () -- C:\ProgramData\~6DSS92c31Apgjk
[2011/10/29 12:09:30 | 000,000,088 | ---- | C] () -- C:\ProgramData\~6DSS92c31Apgjkr
[2011/10/29 12:09:27 | 000,000,448 | ---- | C] () -- C:\ProgramData\6DSS92c31Apgjk
[2011/10/21 13:29:48 | 000,933,758 | ---- | C] () -- C:\Users\Vianca\Desktop\Scan004.jpg
[2011/10/21 13:26:52 | 005,108,422 | ---- | C] () -- C:\Users\Vianca\Desktop\Scan003.jpg
[2011/10/07 12:04:48 | 000,000,000 | ---- | C] () -- C:\Windows\DVM.INI
[2011/10/07 12:00:08 | 000,000,781 | ---- | C] () -- C:\Users\Vianca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RCA Detective.lnk
[2011/09/10 17:42:42 | 000,186,604 | ---- | C] () -- C:\Windows\hpwins23.dat.temp
[2011/09/10 17:42:42 | 000,001,847 | ---- | C] () -- C:\Windows\hpwmdl23.dat.temp
[2011/08/31 18:58:25 | 000,000,732 | ---- | C] () -- C:\Users\Vianca\AppData\Local\d3d9caps64.dat
[2010/01/27 12:03:37 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/01/01 14:49:01 | 000,006,656 | ---- | C] () -- C:\Users\Vianca\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/25 18:37:54 | 000,228,982 | ---- | C] () -- C:\Windows\hpwins23.dat
[2009/10/25 00:30:45 | 000,007,052 | ---- | C] () -- C:\Users\Vianca\AppData\Local\d3d9caps.dat
[2009/10/23 14:38:05 | 000,002,902 | ---- | C] () -- C:\Users\Vianca\AppData\Roaming\wklnhst.dat
[2009/08/12 20:32:03 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/04/08 03:15:12 | 000,106,605 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/04/08 03:15:12 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2009/04/08 03:04:50 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008/12/10 09:28:16 | 003,107,788 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.dat
[2008/10/25 05:30:45 | 000,002,075 | ---- | C] () -- C:\Windows\hpwmdl23.dat
[2008/01/20 22:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008/01/20 22:49:49 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2006/11/02 11:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 08:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 08:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 05:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

 

[candygirl]

OTL log (part 3)

========== LOP Check ==========

[2010/01/18 16:04:15 | 000,000,000 | ---D | M] -- C:\Users\Vianca\AppData\Roaming\acccore
[2010/01/03 16:41:40 | 000,000,000 | ---D | M] -- C:\Users\Vianca\AppData\Roaming\CiscoCAA
[2011/04/04 21:47:36 | 000,000,000 | ---D | M] -- C:\Users\Vianca\AppData\Roaming\RDE_RESS
[2009/10/23 14:38:08 | 000,000,000 | ---D | M] -- C:\Users\Vianca\AppData\Roaming\Template
[2010/10/01 20:06:43 | 000,000,000 | ---D | M] -- C:\Users\Vianca\AppData\Roaming\WildTangent
[2011/10/31 21:40:45 | 000,032,636 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2008/01/20 22:50:15 | 000,333,203 | RHS- | M] () -- C:\bootmgr
[2011/10/31 21:56:50 | 000,022,554 | ---- | M] () -- C:\ComboFix.txt
[2011/10/31 21:58:32 | 4024,258,560 | -HS- | M] () -- C:\hiberfil.sys
[2010/01/18 16:04:08 | 000,000,362 | ---- | M] () -- C:\IPH.PH
[2006/12/02 02:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll
[2011/10/31 21:58:30 | 042,876,927 | -HS- | M] () -- C:\pagefile.sys
[2011/10/31 22:40:51 | 000,072,102 | ---- | M] () -- C:\TDSSKiller.2.6.14.0_31.10.2011_22.23.27_log.txt
[2011/09/10 18:42:24 | 000,000,321 | ---- | M] () -- C:\updatedatfix.log

< %systemroot%\Fonts\*.com >
[2006/11/02 11:06:41 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 11:06:41 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 11:06:41 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2006/11/02 11:06:41 | 000,030,808 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2006/09/18 17:35:48 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2008/01/20 23:21:59 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2009/10/24 18:33:40 | 000,000,286 | -HS- | M] () -- C:\Users\Vianca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2011/10/31 17:52:55 | 000,302,592 | ---- | M] () -- C:\Users\Vianca\Desktop\6teqoz3k.exe
[2011/10/30 16:38:07 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Users\Vianca\Desktop\aswMBR.exe
[2011/10/31 21:25:09 | 004,279,921 | R--- | M] (Swearware) -- C:\Users\Vianca\Desktop\ComboFix.exe
[2011/10/30 15:14:38 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Vianca\Desktop\mbam-setup-1.51.2.1300.exe
[2011/10/31 22:40:47 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Vianca\Desktop\OTL.exe
[2011/10/31 22:22:40 | 001,564,464 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Vianca\Desktop\tdsskiller.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2009/10/23 16:01:26 | 000,000,402 | -HS- | M] () -- C:\Users\Vianca\Favorites\desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >
[2011/10/29 12:10:40 | 000,000,448 | ---- | M] () -- C:\ProgramData\6DSS92c31Apgjk
[2009/11/29 17:06:04 | 000,016,733 | ---- | M] () -- C:\ProgramData\HPWALog.txt
[2011/09/30 10:10:19 | 000,003,417 | ---- | M] () -- C:\ProgramData\hpzinstall.log
[2009/08/12 21:10:57 | 000,000,032 | ---- | M] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
[2009/04/08 05:01:09 | 000,000,109 | ---- | M] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
[2009/08/12 21:09:19 | 000,000,032 | ---- | M] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
[2009/04/08 04:51:58 | 000,000,105 | ---- | M] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2009/08/12 21:07:02 | 000,000,032 | ---- | M] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
[2009/08/12 21:10:12 | 000,000,032 | ---- | M] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
[2009/04/08 04:49:31 | 000,000,107 | ---- | M] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[2009/04/08 05:00:24 | 000,000,110 | ---- | M] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
[2009/08/12 21:11:08 | 000,000,105 | ---- | M] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
[2011/10/29 12:09:31 | 000,000,192 | ---- | M] () -- C:\ProgramData\~6DSS92c31Apgjk
[2011/10/29 12:09:30 | 000,000,088 | ---- | M] () -- C:\ProgramData\~6DSS92c31Apgjkr

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


< End of report >

 

[candygirl]

Extras log

OTL Extras logfile created on: 10/31/2011 10:43:19 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Vianca\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 2.62 Gb Available Physical Memory | 69.87% Memory free
7.71 Gb Paging File | 6.27 Gb Available in Paging File | 81.34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.71 Gb Total Space | 325.72 Gb Free Space | 72.11% Space Free | Partition Type: NTFS
Drive D: | 14.05 Gb Total Space | 2.13 Gb Free Space | 15.19% Space Free | Partition Type: NTFS

Computer Name: PIMPONE | User Name: Vianca | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1188132796-2589654712-3005709553-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" ()
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 ()
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
InternetShortcut [print] -- rundll32.exe C:\Windows\system32\mshtml.dll,PrintHTML "%1" ()
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08DAD821-1EBA-4A03-B183-6182E05E4878}" = rport=138 | protocol=17 | dir=out | app=system |
"{0C7FC6FC-29FD-4914-9E3D-3C3B43107FC9}" = rport=137 | protocol=17 | dir=out | app=system |
"{0C966F61-B40A-4F8F-9EBF-7556F096B2A2}" = lport=445 | protocol=6 | dir=in | app=system |
"{0D1B5809-D4DD-444E-97C4-2471CD971277}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{1334881C-195F-4376-8DE9-BDDCB4D82E26}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{48141E18-996E-4FA0-B36C-361A6031DABD}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5F4DD9CD-AA24-4A17-9946-6440BA002D9F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{7C91FCCC-6790-43E1-A9B9-02F7D3AF8E7F}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{80C35320-4DE2-4922-9DF5-0030D922942E}" = lport=138 | protocol=17 | dir=in | app=system |
"{822D36E1-C71F-44A2-B7EA-23C877835986}" = lport=137 | protocol=17 | dir=in | app=system |
"{C81499B4-9356-4775-9823-3994A38F7E4C}" = rport=139 | protocol=6 | dir=out | app=system |
"{ED029647-0753-4575-A245-09B55D7C296A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{F0A9BEA8-42B0-4906-8860-45C50B663FAC}" = lport=139 | protocol=6 | dir=in | app=system |
"{F0D72C1D-631F-497C-9028-285EBBA10F86}" = rport=445 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B775524-1501-4E38-927F-A42B89632B49}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{0CF5A279-9580-4B1D-AD78-FADDA6868FB3}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{0F28D12A-5A2A-410B-962C-C49D50B40F56}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\tv\qp.exe |
"{14BA3A1C-DE83-45B5-A3C5-E78FBBBC304B}" = protocol=17 | dir=in | app=c:\program files (x86)\aim\aim.exe |
"{1825EAC6-ED85-467C-A166-DE2FA4E58BB8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{27B93840-5B5E-4604-9886-C0A9DC5E50C8}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{29A1ABC8-303C-457A-8D32-F083A83EBEA3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{2D7AB251-ED20-4770-9596-4B91646FFA8B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{326A4E40-66E5-46F1-A38E-7FD99B4818B1}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{4067216D-7C9E-495F-B338-EA023DAF4251}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{49BEA2E8-E1BA-4309-BC4E-CFA08460BD98}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{4F7C3129-2A96-4AEC-B1F9-FB6568063FB5}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{5269F77F-EBCB-4E02-8141-A4E1C0797AFD}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe |
"{56222293-F471-4523-BD32-8422A661EFEE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{5C63FBC1-44A6-440A-910F-F8988EE24AE8}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{5F6A21AD-3D9F-47C7-BF3C-4A3A388B3D01}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{60210D7B-C9DA-4BE1-AC86-74E043EDD6A5}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{615DFC89-0A9E-4A34-BF57-41EC0F87A14D}" = dir=in | app=e:\setup\hpznui40.exe |
"{63E2A398-3F84-44F8-822D-4A1EDAA3822A}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\tv\qpservice.exe |
"{6805F3F2-AA2C-4FD0-8269-C79E17A71891}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{6826CEA8-D679-4355-A44C-82FA6B68F9BD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{7406A02F-2E31-43A1-9DD3-929B11684C40}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{76E6F4B5-2A14-41DC-94C2-526CB118468A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{789A4E18-367D-4081-A7CB-5032FDC27340}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{8641BC1B-8E11-4CC5-B870-38C6C5C0C414}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{90E79E02-5C32-4239-953C-474304CF9E0E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{94AE56A4-886B-492C-B3E8-BB8B75956AAC}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{97E5A4FE-5074-4744-B58A-FF15B39B0ECD}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{9BEF70F7-151A-450D-8B6E-38BFD5A5777C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{9EDFAEA6-3277-422F-A079-B7B033FFB70E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{A3C971E6-3B03-4D85-93B1-57B528E35DDC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{A7D742A3-4D2F-409A-AFDA-2422D9D7BB02}" = protocol=6 | dir=in | app=c:\program files (x86)\aim\aim.exe |
"{A8191484-4D65-4D20-99D0-73C13F0BA1BB}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{AF4D0414-D11E-49CC-8645-99C76A4A880C}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe |
"{B593AB3C-17A5-4C1B-9950-7EA8B9317315}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{B7C28D88-70F6-45AC-A4E7-CDC01FCC68D4}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{BD28C7DA-E449-4E71-8C3D-8F0454D99A61}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{BE94526F-106A-4E7A-B6A2-586448DCC225}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{BECC5E8A-6F2C-4EE7-82F6-208D9997A58E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{BFB30C88-F930-48D3-92E3-26A5F6449140}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{D6CFDCA7-E216-476B-9B47-53DB6D374DE8}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe |
"{E1F0F25D-6B49-4EBF-989D-7E553954CCBA}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{EA330412-A14E-4F31-8A92-19EAAB540C59}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe |
"{ED75927C-9A88-407B-A0ED-D59EA825817E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{EF1C5B62-AFB5-47DA-99B8-0FE591DB02CE}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe |
"{F4F97645-61B2-4168-9324-AD6490DD67EC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{F529D461-4EFF-45C7-9FE6-6C28F1ACF2FA}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{F84B7AE5-577B-4847-B1C8-DCE1E0E69F5D}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe |
"{FEDECED0-0764-4CA5-A4FF-440D77533EBE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{104FB32A-7CE3-4C4B-B2AA-70C613FF9DFA}" = iTunes
"{2F97CE84-9C33-4631-821B-85EA371EA254}" = ProtectSmart Hard Drive Protection
"{33EB1061-ABF1-4470-A540-32E97A610536}" = Apple Mobile Device Support
"{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}" = Bonjour
"{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64
"{4FFA2088-8317-3B14-93CD-4C699DB37843}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{58D79E62-CFC8-4331-8469-3A1B16E1769C}" = HP Officejet 6500 E709 Series
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B87BB2A8-5921-9B18-BBB5-D9A42F9CD3E1}" = ccc-utility64
"{BE930E38-7BB3-45B6-85B2-5251F374F844}" = 64 Bit HP CIO Components Installer
"{C6CFAF5A-12F9-485E-EAD7-7FA1D3E5B943}" = ATI Catalyst Install Manager
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{F1568AA6-5982-4AFB-A871-C68E4328BC3B}" = HP MediaSmart SmartMenu
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"HPOCR" = OCR Software by I.R.I.S. 14.0
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{002471C5-6F62-D6CD-D6E5-A0F20F079B8B}" = Catalyst Control Center Localization Polish
"{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer
"{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"{03819281-0870-65EE-24B0-A7DEDE9F796A}" = Catalyst Control Center Localization Chinese Traditional
"{04010300-6D72-4D54-8686-91D884A27B5C}" = Cisco Clean Access Agent
"{04F66470-CEA7-BF9A-1885-8E1A3474825A}" = CCC Help Danish
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{08062F2F-926A-D7EC-57E9-AB97AA0D7FDA}" = CCC Help Finnish
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{0CAB8CDF-232E-F28F-A017-B388F41FACCB}" = CCC Help Portuguese
"{0E52A52C-E120-461C-AA1B-21B045BEE842}" = bpd_scan
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{149BBCB8-674F-48D2-969C-9D0EA88DA7D6}" = HP User Guides 0129
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{150FE68F-EE0C-4867-150A-D74FECBB8448}" = Catalyst Control Center Graphics Light
"{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}" = HP Total Care Advisor
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{187817E2-6407-461C-B59B-56CE73363D34}" = Catalyst Control Center - Branding
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{2680244D-0FBA-4856-EBE3-9D67E61EB46F}" = Catalyst Control Center Localization Spanish
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2BDFE775-48C0-3E1C-895C-DACC33CC52F0}" = Catalyst Control Center Localization Greek
"{2DAD2930-DFC1-AD0F-E63D-B3E95451CD68}" = CCC Help Greek
"{2F59397E-50B1-3CA6-2F8C-03773D40BE3B}" = Catalyst Control Center Graphics Full New
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 L1
"{352310C3-E46B-42D3-8F32-54721FDD72D9}" = NetZero Preloader
"{35CC44E6-5916-89DC-16B6-7ADE609211CE}" = Catalyst Control Center Localization Finnish
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista
"{3A9C19FE-D61C-50DA-6FAF-7FB941B538A0}" = Catalyst Control Center Localization French
"{3BAB23A6-5272-F52D-1AF0-29419F1362B4}" = Catalyst Control Center Localization Italian
"{3BE02281-FCCF-44BB-8413-AC4A633059EB}" = BPDSoftware
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{445F6483-40DC-61B5-849D-35274D96DBA3}" = Catalyst Control Center Localization Czech
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{45A136EC-88BF-4B95-99F5-C45D3930E1CC}" = HP MULTIPLE MODEM INSTALLER for VISTA
"{4A239818-F5F7-7AE8-9FD3-08F435ED88D0}" = Skins
"{4C17CE6E-4838-819F-01BE-7EEE6181914A}" = Catalyst Control Center Localization Norwegian
"{4C4EA31F-AE29-2517-5E92-3EFB1FD7B896}" = CCC Help Hungarian
"{527CF1CA-D98B-504D-833B-69DA9A8A5AD6}" = CCC Help Czech
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{57A5AEC1-97FC-474D-92C4-908FCC2253D4}" = HP Customer Experience Enhancements
"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
"{5B99A0A7-0B21-2CD6-474D-8D67177BD4D6}" = Catalyst Control Center Localization Dutch
"{5CFE0191-1ECE-7BD5-8AEF-069ED59A01BB}" = Catalyst Control Center Localization Korean
"{6244BAF3-F26D-A695-1EF6-D9A3C0A6DAA1}" = Catalyst Control Center Graphics Previews Common
"{6423EF83-6E1D-4D22-A36F-689CD19FD4D2}" = Juno Preloader
"{6570A194-A52D-9F23-EA48-90D7C6F20BE9}" = Catalyst Control Center Localization Swedish
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{666F0B45-78DA-FAA3-AB14-43CAEEA3D475}" = Catalyst Control Center Localization Russian
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{66B6555E-07BF-3FCB-191F-BCD75650F1F2}" = CCC Help Italian
"{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart TV
"{67F6A6BA-E225-4BF5-8E7C-BB4AE25EDCBC}" = Catalyst Control Center InstallProxy
"{68654483-9629-4CF5-88FF-9FB70B3BECDE}" = ProductContext
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69E1907C-E9EA-7A5A-79ED-47FF2B5BFDFB}" = Catalyst Control Center Localization Danish
"{6A370610-3778-44AF-9AAC-69B2FD1A3356}" = Microsoft Live Search Toolbar
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{732A3F80-008B-4350-BD58-EC5AE98707B8}" = HP Common Access Service Library
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{75D0438A-55FB-DD38-0745-5D370179CAC7}" = CCC Help French
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{793C0C7E-7977-C9B5-B427-FDF95F2D1636}" = Catalyst Control Center Localization Hungarian
"{7B798B31-2F33-4DC8-BDA4-D36488E86636}" = Slingbox - Watch Your TV Anywhere
"{7CA1269D-86E6-91A8-DD66-9CF6838821BF}" = Catalyst Control Center Localization Portuguese
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{812C53D9-39EC-0511-04E4-5430A4747FB5}" = CCC Help German
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9294F169-72EE-4D74-AE92-CA25F64B4FF8}" = Fax
"{92A51949-EE4C-466D-AAF0-99E74A49A63F}" = DocMgr
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95A747E0-DF19-46CB-A622-20A0107201BD}" = HP Total Care Setup
"{99F67894-9486-413F-94E1-8B12B1606EAB}" = BPDSoftware_Ini
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9ED8D610-516F-490D-B61C-AC21FDACF478}" = Real Estate Success Software
"{A1940302-F0F9-132F-C521-A5D0E24FAC1D}" = CCC Help Thai
"{A2315CF8-E14F-FA46-B1F1-20E0E5483ADB}" = Catalyst Control Center Localization Thai
"{A3AB35FA-943E-4799-99DC-46EFD59E998F}" = AMD USB Audio Driver Filter
"{A8411EDB-6A00-8D1A-584B-7A932F44A0C9}" = CCC Help Japanese
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA787E05-E835-4812-AA3D-4048C8A46587}" = 6500_E709_eDocs
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC5CD4CF-3802-623E-AD97-D188785EF411}" = CCC Help Polish
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B9275904-9237-94A3-2144-E3D6A62B57E9}" = CCC Help Turkish
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BB558CDC-C7BE-44D0-9260-B810D66702C4}" = 6500_E709n
"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C48EB957-0CCB-D590-AB3F-B3F8A14ECC2F}" = Catalyst Control Center Graphics Full Existing
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CBA7FD59-19A7-5724-5646-CF307326CC18}" = Catalyst Control Center Core Implementation
"{CC7A4274-E6F2-2351-DA6A-07AB73896609}" = CCC Help Norwegian
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CD7D2C01-F3C8-4127-325D-49853FCCDB62}" = Catalyst Control Center Localization German
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D1E7EA15-5F96-728C-AF32-E1CFF8F9CE44}" = CCC Help Swedish
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D47419B2-62BD-6B53-A96F-7E2F6F3D50C0}" = Catalyst Control Center Localization Turkish
"{D62C79B5-44E0-DEC0-AF01-6A1404E093E9}" = CCC Help Spanish
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{E12F2B78-CF64-2438-391F-3D3411A6E193}" = CCC Help English
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E5C3A144-0F9B-8F3E-F1A3-2BB7B26014A6}" = ccc-core-static
"{E5E29403-3D25-40C6-892B-F9FEE2A95585}" = HP Wireless Assistant
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E8020EC7-5DD8-80C9-7237-7B2E9BDA8CC6}" = muvee Reveal
"{E8B11A27-5CA6-748E-0F68-159CCF789DF3}" = CCC Help Dutch
"{ECEE0279-785F-4CB3-9F28-E69813234BF8}" = SPORE Creature Creator Trial Edition
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{ED65A382-3F80-D5A8-CCE0-DAB59D85CA91}" = CCC Help Russian
"{EDBB71B2-3C17-4EA5-ED91-E2EA5C2305CF}" = CCC Help Korean
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F250EA7A-F117-2CCE-03E7-BB62C2BF476C}" = Catalyst Control Center Graphics Previews Vista
"{F38CC586-4703-CE3C-F466-D7821E87926A}" = Catalyst Control Center Localization Chinese Standard
"{F53B432E-BD19-4400-BFA0-2BBD16410F8F}" = 6500_E709_Help
"{F62F62BD-E5C5-56E3-6CF6-00407B743E32}" = CCC Help Chinese Traditional
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FAF7448B-7AB8-8C58-745E-1551CB481C3D}" = CCC Help Chinese Standard
"{FDE3DBB7-AA79-AA91-ABE9-3696883FAB20}" = Catalyst Control Center Localization Japanese
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AIM Toolbar" = AIM Toolbar
"AIM_7" = AIM 7
"Avira AntiVir Desktop" = Avira Free Antivirus
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"ENTERPRISE" = Microsoft Office Enterprise 2007
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP.MediaSmartSlingPlayer_is1" = HP MediaSmart SlingPlayer
"InstallShield_{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart TV
"InstallShield_{9ED8D610-516F-490D-B61C-AC21FDACF478}" = Real Estate Success Software
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Mozilla Firefox 7.0.1 (x86 en-US)" = Mozilla Firefox 7.0.1 (x86 en-US)
"RCA Detective™_is1" = RCA Detective™ 3.0.1.1
"RCA Digital Voice Manager_is1" = RCA Digital Voice Manager 5.3.3.0
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"WildTangent hp Master Uninstall" = My HP Games
"WinLiveSuite_Wave3" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1188132796-2589654712-3005709553-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/31/2011 6:48:05 AM | Computer Name = PimpOne | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 33311627

Error - 10/31/2011 6:48:05 AM | Computer Name = PimpOne | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 33311627

Error - 10/31/2011 6:48:06 AM | Computer Name = PimpOne | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 10/31/2011 6:48:06 AM | Computer Name = PimpOne | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 33312672

Error - 10/31/2011 6:48:06 AM | Computer Name = PimpOne | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 33312672

Error - 10/31/2011 6:48:07 AM | Computer Name = PimpOne | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 10/31/2011 6:48:07 AM | Computer Name = PimpOne | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 33313702

Error - 10/31/2011 6:48:07 AM | Computer Name = PimpOne | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 33313702

Error - 10/31/2011 6:48:08 AM | Computer Name = PimpOne | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 10/31/2011 6:48:08 AM | Computer Name = PimpOne | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 33314747

[ System Events ]
Error - 6/12/2011 5:01:14 PM | Computer Name = PimpOne | Source = PlugPlayManager | ID = 12
Description = The device 'JMB38X SD Host Controller' (PCI\VEN_197B&DEV_2381&SUBSYS_30FC103C&REV_00\4&3b4983b4&0&0228)
disappeared from the system without first being prepared for removal.

Error - 6/12/2011 5:01:14 PM | Computer Name = PimpOne | Source = PlugPlayManager | ID = 12
Description = The device 'JMB38X MS Host Controller' (PCI\VEN_197B&DEV_2383&SUBSYS_30FC103C&REV_00\4&3b4983b4&0&0328)
disappeared from the system without first being prepared for removal.

Error - 6/12/2011 5:01:14 PM | Computer Name = PimpOne | Source = PlugPlayManager | ID = 12
Description = The device 'JMB38X xD Host Controller' (PCI\VEN_197B&DEV_2384&SUBSYS_30FC103C&REV_00\4&3b4983b4&0&0428)
disappeared from the system without first being prepared for removal.

Error - 6/13/2011 7:43:12 PM | Computer Name = PimpOne | Source = HTTP | ID = 15016
Description =

Error - 6/13/2011 7:47:32 PM | Computer Name = PimpOne | Source = PlugPlayManager | ID = 12
Description = The device 'JMB38X SD/MMC Host Controller' (PCI\VEN_197B&DEV_2382&SUBSYS_30FC103C&REV_00\4&3b4983b4&0&0028)
disappeared from the system without first being prepared for removal.

Error - 6/13/2011 7:47:33 PM | Computer Name = PimpOne | Source = PlugPlayManager | ID = 12
Description = The device 'JMB38X SD Host Controller' (PCI\VEN_197B&DEV_2381&SUBSYS_30FC103C&REV_00\4&3b4983b4&0&0228)
disappeared from the system without first being prepared for removal.

Error - 6/13/2011 7:47:33 PM | Computer Name = PimpOne | Source = PlugPlayManager | ID = 12
Description = The device 'JMB38X MS Host Controller' (PCI\VEN_197B&DEV_2383&SUBSYS_30FC103C&REV_00\4&3b4983b4&0&0328)
disappeared from the system without first being prepared for removal.

Error - 6/13/2011 7:47:33 PM | Computer Name = PimpOne | Source = PlugPlayManager | ID = 12
Description = The device 'JMB38X xD Host Controller' (PCI\VEN_197B&DEV_2384&SUBSYS_30FC103C&REV_00\4&3b4983b4&0&0428)
disappeared from the system without first being prepared for removal.

Error - 6/13/2011 10:37:59 PM | Computer Name = PimpOne | Source = EventLog | ID = 6008
Description = The previous system shutdown at 10:34:58 PM on 6/13/2011 was unexpected.

Error - 6/13/2011 10:38:07 PM | Computer Name = PimpOne | Source = HTTP | ID = 15016
Description =


< End of report >

 

[Broni]

1. Update your Java version here: http://www.java.com/en/download/installed.jsp

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

2. Now, we need to remove old Java version and its remnants...

Download JavaRa to your desktop and unzip it to its own folder

• Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
• Accept any prompts.

===================================================================

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  

  :OTL
  O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
  O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet)
  O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet)
  O15 - HKU\S-1-5-21-1188132796-2589654712-3005709553-1000\..Trusted Ranges: Range1 ([http] in Local intranet)
  [1 C:\Users\Vianca\AppData\Local\*.tmp files -> C:\Users\Vianca\AppData\Local\*.tmp -> ]
  
  :Commands
  [purity]
  [emptytemp]
  [emptyflash]
  [Reboot]

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot the PC when it is done
• You will get a log that shows the results of the fix. Please post it.

=====================================================================

Last scans....

1. Download Security Check from HERE, and save it to your Desktop.

• Double-click SecurityCheck.exe
• Follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.
  
  NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.

2. Download Temp File Cleaner (TFC)

• Double click on TFC.exe to run the program.
• Click on Start button to begin cleaning process.
• TFC will close all running programs, and it may ask you to restart computer.

3. Please run a free online scan with the ESET Online Scanner

• Disable your antivirus program
• Tick the box next to YES, I accept the Terms of Use
• Click Start
• Accept any security warnings from your browser.
• Check Scan archives
• Click Start
• ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
• When the scan completes, click on List of found threats
• Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
• NOTE. If Eset won't find any threats, it won't produce any log.

 

[candygirl]

JavaRa

With regards to this step:

Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
Accept any prompts.

When I right-click on JavaRa.exe "Run as admin" is not an option. The options are:
Open
Cut
Copy
Properties

Open anyway?

 

[Broni]

Yes...........

 

[candygirl]

Just finished OTL, but...

upon rebooting Avira popped up an alert:

Malware found
Type: Detection
Virus or unwanted program 'TR/Dropper.Gen [trojan]'
detected in file 'C:\Program Files (x86)\Cisco Systems\Clean Access Agent\CCAAgent.exe.
Action performed: Deny access

 

[Broni]

Possibly false positive.
It looks like a legit program to me.

We'll double check when you run Eset scan.

 

[candygirl]

Accessing log for latest OTL scan

Is the log created by OTL automatically saved? If so, where might I find it? I accidentally closed the window before posting the log here.

 

[Broni]

Re-run the fix.

 

[candygirl]

OTL log

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1\\http not found.
Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1\\http not found.
Registry value HKEY_USERS\S-1-5-21-1188132796-2589654712-3005709553-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1\\http not found.
File/Folder C:\Users\Vianca\AppData\Local\*.tmp not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: Vianca
->Temp folder emptied: 32203 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 12971688 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 628 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3740 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 12.00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: Vianca
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.31.0 log created on 11012011_000407

Files\Folders moved on Reboot...
C:\Users\Vianca\AppData\Local\Temp\ehmsas.txt moved successfully.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NR8TCJ66\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LEGQZSCR\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHT21D56\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BQSEORSK\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini scheduled to be moved on reboot.

Registry entries deleted on Reboot...

 

[candygirl]

Security Check log

Results of screen317's Security Check version 0.99.24
Windows Vista x64 (UAC is enabled)
Out of date service pack!!
Internet Explorer 7 Out of date!
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Disabled!
Avira Free Antivirus
[size=1]WMI entry may not exist for antivirus; attempting automatic update.[/size]
Avira successfully updated!
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
Java(TM) 6 Update 29
Java(TM) 6 Update 7
Out of date Java installed!
Adobe Flash Player ( 10.0.32.18) Flash Player Out of Date!
Mozilla Firefox (x86 en-US..)
````````````````````````````````
Process Check:
objlist.exe by Laurent
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
``````````End of Log````````````

 

[candygirl]

Disabling anti-vir before TFC

Since I am still having trouble disabling my anti-virus, should I perform the TFC scan in safe mode?

 

[Broni]

No. You don't have to disable your AV program to run TFC.

Also....

Uninstall Java(TM) 6 Update 7 .

 

[candygirl]

How long should ESET take?

I know you stated to be patient because it can take some time, but on the three occasions I have attempted the scan, I have fallen asleep resulting in my computer going into hibernation. How long should this step take? The last scan ran for almost 2.5 hours at (showed 99% complete starting at about 40 minutes).

Thank you for all the help you have provided and for having so much patience with me!

 

[Broni]

Which scan are you referring to. TFC, or Eset?

 

[candygirl]

Eset

 

[Broni]

Please, run F-Secure Online Scanner

• Disable your Antivirus program.
• Checkmark I have read and accepted the license terms.
• Click on Run Check button.
• Quick scan (recommended) option will come pre-checked. Don't change it.
• Click on Start button.
• When scan is done, in Step 3: Clean the files, leave all settings as they're.
• Click Next button.
• Click Full report... button.
• Copy report's content and paste it into your next reply.

 

[Broni]

Still with me?

 

[candygirl]

Unfortunately, my computer was physically damaged by a visitor to my home and I just got it back from being repaired. Because I was away from the topic for more than 5 days, the thread was made inactive.

So, here I am trying to finish what was put on pause. The last step you had asked me to perform was an F-secure On-line scan. This is the full report:

Scanning Report
Wednesday, November 16, 2011 11:45:09 - 11:55:06

Computer name: PIMPONE
Scanning type: Quick scan
Target: System
14 malware found
TrackingCookie.Questionmarket (spyware)

System (Disinfected)

TrackingCookie.2o7 (spyware)

System (Disinfected)

TrackingCookie.Advertising (spyware)

System (Disinfected)

TrackingCookie.Atdmt (spyware)

System (Disinfected)

TrackingCookie.Adtech (spyware)

System (Disinfected)

TrackingCookie.Doubleclick (spyware)

System (Disinfected)

TrackingCookie.Revsci (spyware)

System (Disinfected)

TrackingCookie.WebTrendsLive (spyware)

System (Disinfected)

TrackingCookie.Fastclick (spyware)

System (Disinfected)

TrackingCookie.Adbrite (spyware)

System (Disinfected)

TrackingCookie.Mediaplex (spyware)

System (Disinfected)

TrackingCookie.Liveperson (spyware)

System (Disinfected)

TrackingCookie.Atwola (spyware)

System (Disinfected)

TrackingCookie.Yieldmanager (spyware)

System (Disinfected)

Statistics
Scanned:

Files: 5309
System: 5309
Not scanned: 0

Actions:

Disinfected: 14
Renamed: 0
Deleted: 0
Not cleaned: 0
Submitted: 0

Options
Scanning engines: