also @ TechSpot: 'Supercapacitor' could fully charge your phone in less than 30 seconds

TechSpot

TechSpot News Products Downloads Forums

About
Sign in

Welcome to TechSpot

Why should I register?

Sign up for a new account or log in here:

Forgot your password?

Couldn't sign you in, please try again.

Unknown virus/malware - black screen w/ cursor after startup

Discussion in 'Virus and Malware Removal' started by KenBrown2, Nov 6, 2011.

Post New Reply

Page 1 of 2

KenBrown2 Newcomer, in training Posts: 59

Hello,

I am having issues with my wife's laptop. The past couple of days she would get error messages that "rundll32.exe" has stopped working, and various other processes. I went into the task manager, and it seemed as if there were multiple of the same processes running. It was late, and I figured I would contact you guys today...however, when I tried to get onto the computer and run the usual items you guys ask to run before posting, I was unable to get into windows. Now, directly after the load screen (windows symbol, with boot options and bios), the screen is completely black with a cursor in the top left.

Thank you so much for all you guys do! You have helped me in the past so much, and I know you will help again!!

Ken

KenBrown2, Nov 6, 2011

#1
Broni Malware Annihilator Posts: 39,324 +175

Safe issue in Safe Mode?

Any particular reason you abandoned this topic: http://www.techspot.com/vb/topic166682.html in the middle of cleaning process?

Broni, Nov 6, 2011

#2
KenBrown2 Newcomer, in training Posts: 59

Hi Broni,

No, there was no reason for leaving that prematurely. I thought the process was over and, by mistake, I did not revisit the site after my last post. I apologize for ending that thread before everything had been solved. I assure you that I will make sure the issue is resolved when you say it is resolved, and not when I think it is!

I'm not sure what you mean by: "Safe issue in Safe Mode." I press the power-on button, and I see the gateway symbol along with the options: F2-BIOs Settings F10-BOOT Menu. I am unable to enter safe mode, via pressing F8 repeatedly or pressing and holding F8....so I am at a loss.

As stated previously, her machine has vista installed and unfortunately I do not have an install/boot/recovery disk for it.

Thank you for your help in advance!

Ken

KenBrown2, Nov 6, 2011

#3
Broni Malware Annihilator Posts: 39,324 +175
I'm not sure what you mean by: "Safe issue in Safe Mode."

LOL...my bad typo.

Let's see, if we can look at your computer booting from an external source.

Please download OTLPE (filesize 120,9 MB)

When downloaded double click on OTLPENet.exe and make sure there is a blank CD in your CD drive. This will automatically create a bootable CD.

Reboot your system using the boot CD you just created.

Note : If you do not know how to set your computer to boot from CD follow the steps HERE

Your system should now display a REATOGO-X-PE desktop.

Depending on your type of internet connection, you should be able to get online as well so you can access this topic more easily.

Double-click on the OTLPE icon.

When asked Do you wish to load the remote registry, select Yes

When asked Do you wish to load remote user profile(s) for scanning, select Yes

Ensure the box Automatically Load All Remaining Users" is checked and press OK

OTL should now start.

Press Run Scan to start the scan.

When finished, the file will be saved in drive C:\OTL.txt

Copy this file to your USB drive if you do not have internet connection on this system

Please post the contents of the OTL.txt file in your reply.
Broni, Nov 6, 2011

#4
KenBrown2 Newcomer, in training Posts: 59

Broni,

Below are the contents of the OTL.txt file. However, after the scan was done running, a message popped up with the .txt that stated this:

Title: Untitiled - Notepad: notepad.exe - Bad Image

Error: The application or DLL C:\Windows\system32\shell32.dll is not a valid Windows image. Please check this against your installation diskette.

OTL.txt

OTL logfile created on: 11/6/2011 9:07:16 PM - Run
OTLPE by OldTimer - Version 3.1.43.0 Folder = X:\Programs\OTLPE
64bit-Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 144.04 Gb Total Space | 63.58 Gb Free Space | 44.14% Space Free | Partition Type: NTFS
Drive D: | 144.04 Gb Total Space | 143.74 Gb Free Space | 99.79% Space Free | Partition Type: NTFS
Drive X: | 434.99 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/02/22 08:53:27 | 001,149,440 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV:64bit: - [2009/04/11 02:11:13 | 000,053,760 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\System32\bthserv.dll -- (BthServ)
SRV:64bit: - [2008/06/11 13:18:30 | 000,024,576 | ---- | M] () [Disabled] -- C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe -- (ETService)
SRV:64bit: - [2008/01/20 21:52:15 | 001,216,000 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV:64bit: - [2007/10/17 10:37:22 | 000,412,672 | ---- | M] (Conexant Systems, Inc.) [Disabled] -- C:\Windows\System32\drivers\XAudio64.exe -- (XAudioService)
SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Disabled] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/09/17 20:14:22 | 000,460,144 | ---- | M] () [Disabled] -- C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe -- (FlipShare Service)
SRV - [2010/03/18 13:27:14 | 001,020,768 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/30 00:40:16 | 001,043,584 | ---- | M] (Hewlett-Packard Co.) [Auto] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009/04/07 14:34:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) [Disabled] -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2009/03/29 23:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/29 23:39:54 | 000,089,920 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2009/03/06 11:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) [Disabled] -- C:\Windows\SysWOW64\atashost.exe -- (atashost)
SRV - [2009/02/18 13:40:04 | 000,042,840 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2009/02/18 13:39:11 | 000,857,432 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008/11/04 02:41:00 | 000,437,248 | ---- | M] (Conexant Systems, Inc.) [Auto] -- C:\Windows\SysWOW64\XAudio64.dll -- (HsfXAudioService)
SRV - [2008/11/04 01:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/07/20 19:45:06 | 000,354,840 | ---- | M] (Intel Corporation) [Disabled] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008/05/05 17:25:46 | 000,165,416 | ---- | M] (WildTangent, Inc.) [Disabled] -- C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2007/02/12 03:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Disabled] -- C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe -- (o2flash)
SRV - [2006/10/26 16:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)

========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV:64bit: - File not found [Kernel | On_Demand] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV:64bit: - File not found [Kernel | On_Demand] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV:64bit: - File not found [Kernel | On_Demand] -- C:\Windows\System32\DRIVERS\btwrchid.sys -- (btwrchid)
DRV:64bit: - File not found [Kernel | On_Demand] -- C:\Windows\System32\DRIVERS\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - File not found [Kernel | On_Demand] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - File not found [Kernel | On_Demand] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010/10/25 23:28:39 | 000,834,544 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/10/18 04:15:18 | 007,959,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETwNv64.sys -- (NETwNv64) ___ Intel(R)
DRV:64bit: - [2010/09/28 15:44:52 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/09/30 19:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\WpdUsb.sys -- (WpdUsb)
DRV:64bit: - [2009/04/07 14:33:08 | 000,033,072 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto] -- C:\Windows\System32\drivers\purendis.sys -- (purendis)
DRV:64bit: - [2009/04/07 14:33:06 | 000,031,536 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto] -- C:\Windows\System32\drivers\pnarp.sys -- (pnarp)
DRV:64bit: - [2008/11/17 15:50:30 | 004,751,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETw5v64.sys -- (NETw5v64) Intel(R)
DRV:64bit: - [2008/11/04 02:40:46 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto] -- C:\Windows\System32\drivers\XAudio64.sys -- (XAudio)
DRV:64bit: - [2008/10/15 07:57:50 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CAX_DPV.sys -- (HSF_DPV)
DRV:64bit: - [2008/10/15 07:53:44 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CAXHWAZL.sys -- (CAXHWAZL)
DRV:64bit: - [2008/10/15 07:52:24 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2008/07/28 22:44:20 | 000,314,880 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2008/07/20 19:44:54 | 000,402,456 | ---- | M] (Intel Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2008/07/15 03:39:24 | 000,062,296 | ---- | M] (O2Micro ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\o2mdx64.sys -- (O2MDRDR)
DRV:64bit: - [2008/07/10 21:29:08 | 007,912,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2008/07/10 04:52:38 | 000,325,680 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2008/06/29 16:52:44 | 000,126,976 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV:64bit: - [2008/06/26 18:24:20 | 000,020,520 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV:64bit: - [2008/06/11 20:29:30 | 000,051,800 | ---- | M] (O2Micro ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\o2sdx64.sys -- (O2SDRDR)
DRV:64bit: - [2008/04/29 03:00:00 | 000,392,192 | ---- | M] (Marvell) [Kernel | On_Demand] -- C:\Windows\System32\drivers\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2008/04/28 21:10:55 | 000,276,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\bthport.sys -- (BTHPORT)
DRV:64bit: - [2008/04/28 21:10:51 | 000,034,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\BTHUSB.SYS -- (BTHUSB)
DRV:64bit: - [2008/01/20 21:47:27 | 000,185,912 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV:64bit: - [2008/01/20 21:47:27 | 000,168,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbvideo.sys -- (usbvideo)
DRV:64bit: - [2008/01/20 21:47:26 | 000,078,392 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV:64bit: - [2008/01/20 21:47:25 | 000,149,048 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV:64bit: - [2008/01/20 21:47:25 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2008/01/20 21:47:03 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\bthenum.sys -- (BthEnum)
DRV:64bit: - [2008/01/20 21:47:02 | 000,115,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\bthpan.sys -- (BthPan) Bluetooth Device (Personal Area Network)
DRV:64bit: - [2008/01/20 21:47:01 | 000,113,720 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV:64bit: - [2008/01/20 21:47:00 | 000,091,192 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV:64bit: - [2008/01/20 21:46:59 | 000,397,368 | ---- | M] (Emulex) [Kernel | Disabled] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV:64bit: - [2008/01/20 21:46:59 | 000,290,872 | ---- | M] (Intel Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV:64bit: - [2008/01/20 21:46:59 | 000,047,672 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV:64bit: - [2008/01/20 21:46:59 | 000,035,896 | ---- | M] (LSI Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV:64bit: - [2008/01/20 21:46:57 | 000,286,720 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\VSTAZL6.SYS -- (HSFHWAZL)
DRV:64bit: - [2008/01/20 21:46:56 | 000,438,328 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV:64bit: - [2008/01/20 21:46:56 | 000,284,728 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV:64bit: - [2008/01/20 21:46:56 | 000,146,176 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\E1G6032E.sys -- (E1G60) Intel(R)
DRV:64bit: - [2008/01/20 21:46:56 | 000,105,016 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV:64bit: - [2008/01/20 21:46:55 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\System32\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2008/01/20 21:46:54 | 000,342,584 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV:64bit: - [2008/01/20 21:46:54 | 000,128,056 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV:64bit: - [2008/01/20 21:46:54 | 000,126,520 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV:64bit: - [2008/01/20 21:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV:64bit: - [2008/01/20 21:46:53 | 000,486,456 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV:64bit: - [2008/01/20 21:46:52 | 001,221,176 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV:64bit: - [2008/01/20 21:46:52 | 000,174,696 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV:64bit: - [2008/01/20 21:46:52 | 000,090,680 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV:64bit: - [2008/01/20 21:46:52 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\rfcomm.sys -- (RFCOMM) Bluetooth Device (RFCOMM Protocol TDI)
DRV:64bit: - [2008/01/20 21:46:51 | 000,113,720 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV:64bit: - [2008/01/20 21:46:51 | 000,017,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CmBatt.sys -- (CmBatt)
DRV:64bit: - [2008/01/20 21:46:50 | 000,018,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV:64bit: - [2008/01/20 21:46:50 | 000,018,024 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV:64bit: - [2008/01/20 21:46:50 | 000,015,976 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV:64bit: - [2007/07/26 05:00:00 | 000,053,488 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- C:\Windows\System32\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2006/11/02 07:03:03 | 000,051,816 | ---- | M] (IBM Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV:64bit: - [2006/11/02 07:02:52 | 000,049,256 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV:64bit: - [2006/11/02 07:02:47 | 000,048,232 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV:64bit: - [2006/11/02 07:02:39 | 000,044,648 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV:64bit: - [2006/11/02 07:02:37 | 000,044,648 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV:64bit: - [2006/11/02 07:02:24 | 000,039,016 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV:64bit: - [2006/11/02 07:02:09 | 000,037,480 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV:64bit: - [2006/11/02 07:02:09 | 000,037,480 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV:64bit: - [2006/11/02 06:50:54 | 000,148,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV:64bit: - [2006/11/02 06:50:27 | 000,124,008 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV:64bit: - [2006/11/02 06:50:06 | 000,088,168 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV:64bit: - [2006/11/02 03:43:25 | 000,086,528 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV:64bit: - [2006/11/02 00:28:10 | 000,273,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\HdAudio.sys -- (HdAudAddService)
DRV:64bit: - [2006/09/19 06:42:33 | 000,014,720 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV:64bit: - [2006/09/18 16:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- C:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2006/09/18 16:30:18 | 000,047,104 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV:64bit: - [2006/09/18 16:30:18 | 000,014,976 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV:64bit: - [2006/09/18 16:30:15 | 000,018,432 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV:64bit: - [2006/09/18 16:30:15 | 000,008,704 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2008/06/11 13:13:24 | 000,017,952 | ---- | M] (Acer, Inc.) [Kernel | Auto] -- C:\Windows\SysWOW64\drivers\int15_64.sys -- (int15)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=2&o=vp64&d=1008&m=mc7801u

IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = ED 4E 79 01 33 D3 49 45 BC E6 1F 22 01 79 39 64 [binary data]
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\LocalService_ON_C\Software\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = ED 4E 79 01 33 D3 49 45 BC E6 1F 22 01 79 39 64 [binary data]

IE - HKU\NetworkService_ON_C\Software\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = ED 4E 79 01 33 D3 49 45 BC E6 1F 22 01 79 39 64 [binary data]

IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.livingston.org/
IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.livingston.org/livingstonps/site/default.asp
IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = ED 4E 79 01 33 D3 49 45 BC E6 1F 22 01 79 39 64 [binary data]
IE - HKU\Owner_ON_C\..\URLSearchHook: {37153479-1976-43c3-a1ee-557513977b64} - Reg Error: Key error. File not found
IE - HKU\Owner_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\Owner_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\Owner_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:56364

[2011/05/13 20:07:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/10/24 18:42:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/07/01 22:02:49 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol400.dll
[2011/03/18 12:33:21 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
[2010/10/24 18:42:12 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2011/03/18 12:33:22 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll

O1 HOSTS File: ([2011/06/18 17:07:46 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg64.dll (Google Inc.)
O2 - BHO: (no name) - {01794EED-D333-4549-BCE6-1F2201793964} - C:\Users\Owner\AppData\Local\TCPIPSys32.dll (Windows (R) 2000 DDK provider)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Coupons.com Toolbar) - {37153479-1976-43c3-a1ee-557513977b64} - C:\Program Files (x86)\Coupons.com\prxtbCou2.dll (Conduit Ltd.)
O2 - BHO: (ooVoo Toolbar) - {59c6f12b-f004-43e5-9997-08f2123119b6} - C:\Program Files (x86)\oovootoolbar\oovootoolbarX.dll ()
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Coupons.com Toolbar) - {37153479-1976-43c3-a1ee-557513977b64} - C:\Program Files (x86)\Coupons.com\prxtbCou2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ooVoo Toolbar) - {59c6f12b-f004-43e5-9997-08f2123119b6} - C:\Program Files (x86)\oovootoolbar\oovootoolbarX.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3:64bit: - HKU\Owner_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\Owner_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\Owner_ON_C\..\Toolbar\WebBrowser: (Coupons.com Toolbar) - {37153479-1976-43C3-A1EE-557513977B64} - C:\Program Files (x86)\Coupons.com\prxtbCou2.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [0B8.exe] C:\Program Files (x86)\LP\3D92\0B8.exe ()
O4 - HKLM..\Run: [Trigger New Acer AlaunchX] C:\ACER\Preload\Command\AlaunchX\AppInRun.exe (Acer Inc.)
O4 - HKU\Owner_ON_C..\Run: [GooglePolicyPolicy] C:\ProgramData\GooglePolicyPolicy.DLL (Microsoft Corporation)
O4 - HKU\Owner_ON_C..\Run: [SmileboxTray] C:\Users\Owner\AppData\Roaming\Smilebox\SmileboxTray.exe (Smilebox, Inc.)
O4 - HKU\Owner_ON_C..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\Owner_ON_C..\Run: [WinRAR Update] C:\Users\Owner\AppData\Local\Conduit\ConduitUpdate\Conduitup.DLL (Windows (R) 2000 DDK provider)
O4 - HKU\Owner_ON_C..\Run: [YahooPartnerToolbar Update] C:\Users\Owner\AppData\Local\Apple\AppleUpdate\Appleupdt32.DLL (Microsoft Corporation)
O4 - HKLM..\RunOnce: [New Acer AlaunchX] C:\ACER\Preload\Command\AlaunchX\LaunchAlaunchX.exe (Acer Inc.)
O4 - Startup: Error locating startup folders.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos-beta/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.16.0.cab (SysInfo Class)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.245.130 167.206.245.129
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKU\Owner_ON_C Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKU\Owner_ON_C Winlogon: Shell - (C:\Users\Owner\AppData\Roaming\20D84\FD93D.exe) - C:\Users\Owner\AppData\Roaming\20D84\FD93D.exe ()
O20:64bit: - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O36 - AppCertDlls: dvdppubw - (C:\Windows\system32\igxpgman64.dll) - C:\Windows\SysWow64\igxpgman64.dll File not found
O36 - AppCertDlls: Fireeown - (C:\Windows\system32\igxpgman.dll) - C:\Windows\SysWOW64\igxpgman.dll ()
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/11/05 14:16:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\84716
[2011/11/05 14:16:02 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\20D84
[2011/11/04 02:29:19 | 001,126,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll
[2011/11/04 02:29:19 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll
[2011/11/04 02:29:19 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsproxy.dll
[2011/11/04 02:29:18 | 001,791,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iertutil.dll
[2011/11/04 02:29:18 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/11/04 02:29:18 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2011/11/04 02:29:18 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011/11/04 02:29:18 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2011/11/04 02:29:18 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2011/11/04 02:29:18 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2011/11/04 02:29:17 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2011/11/04 02:29:17 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011/11/04 02:29:17 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/11/04 02:29:17 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll
[2011/11/04 02:29:17 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll
[2011/11/04 02:29:17 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2011/11/04 02:29:16 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011/11/04 02:29:16 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011/11/04 02:29:16 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iedkcs32.dll
[2011/11/04 02:29:16 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/11/04 02:29:16 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2011/11/04 02:29:16 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2011/11/04 02:29:16 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2011/11/04 02:29:16 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011/11/04 02:29:16 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011/11/04 02:29:16 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/11/04 02:29:16 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2011/11/04 02:29:16 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011/11/04 02:29:16 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/11/04 02:29:15 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbscript.dll
[2011/11/04 02:29:14 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.tlb
[2011/11/04 02:29:14 | 001,798,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll
[2011/11/04 02:29:14 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/11/04 02:29:14 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011/11/04 02:29:14 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011/11/04 02:29:14 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2011/11/04 02:29:14 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2011/11/04 02:29:13 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011/11/04 02:29:13 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2011/11/04 02:29:13 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2011/11/04 02:29:13 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/11/04 02:29:13 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\advpack.dll
[2011/11/04 02:29:13 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2011/11/04 02:29:13 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedsbs.dll
[2011/11/04 02:29:13 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll
[2011/11/04 02:29:13 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/11/04 02:29:10 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011/11/04 02:29:09 | 002,143,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
[2011/11/04 02:29:09 | 001,389,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[2011/11/04 02:29:09 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011/11/04 02:29:09 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011/11/04 02:29:09 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011/11/04 02:29:09 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011/11/04 02:29:09 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011/11/04 02:29:09 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/11/04 02:29:09 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshta.exe
[2011/11/04 02:29:08 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011/11/04 02:29:08 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011/11/04 02:29:08 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/11/04 02:29:08 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011/11/04 02:29:08 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/11/04 02:29:08 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\advpack.dll
[2011/11/04 02:29:08 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011/11/04 02:29:08 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011/11/04 02:29:08 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011/11/04 02:29:08 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/11/04 02:29:08 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011/11/04 02:29:08 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011/11/04 02:29:08 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/11/04 02:29:07 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdc.ocx
[2011/11/04 02:29:06 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011/11/04 02:29:06 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011/11/04 02:29:06 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011/11/04 02:29:06 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/11/04 02:29:06 | 000,403,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/11/04 02:29:06 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011/11/04 02:29:06 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/11/04 02:29:06 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/11/04 02:29:06 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/11/04 02:29:06 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardie.dll
[2011/11/04 02:29:06 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/11/04 02:29:05 | 001,492,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/11/04 02:29:05 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/11/04 02:29:05 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011/11/04 02:29:05 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011/11/04 02:29:05 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011/11/04 02:29:05 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011/11/04 02:29:05 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmled.dll
[2011/11/04 02:29:05 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/11/04 02:29:03 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/11/04 02:29:03 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\occache.dll
[2011/11/04 02:29:03 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011/11/03 19:13:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BF43E
[2011/11/03 19:13:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LP
[2011/11/03 19:13:15 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\532BF
[2011/11/01 14:48:29 | 000,510,976 | ---- | C] (Windows (R) 2000 DDK provider) -- C:\Users\Owner\AppData\Local\TCPIPSys32.dll
[2011/10/26 22:08:09 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\svchost.exe
[2011/10/26 18:52:12 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\Users\Owner\AppData\Local\SystemWMP.dll
[2011/10/23 21:10:41 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\FlashDrive_Backup(10-23-11)
[2011/10/15 08:58:13 | 000,735,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2011/10/15 08:58:13 | 000,563,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oleaut32.dll
[2011/10/15 08:58:13 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAutomationCore.dll
[2011/10/15 08:58:13 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleacc.dll
[2011/10/15 08:58:13 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oleacc.dll
[2011/10/15 08:58:12 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll
[2011/10/15 08:58:12 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oleaccrc.dll
[2011/10/15 08:58:12 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2011/10/15 08:58:00 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011/10/15 08:58:00 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2011/10/15 08:58:00 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2011/10/15 08:58:00 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2011/10/15 08:58:00 | 000,100,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2011/10/15 08:58:00 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2011/10/15 08:58:00 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mpeg2Data.ax
[2011/10/15 08:58:00 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDvbNP.ax
[1 C:\Users\Owner\Desktop\*.tmp files -> C:\Users\Owner\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

Continued...

KenBrown2, Nov 6, 2011

#5

KenBrown2 Newcomer, in training Posts: 59

...Continued

[2011/11/05 23:19:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/05 23:01:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/11/05 22:14:01 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/05 22:14:01 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/05 14:14:13 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/11/04 02:47:01 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/11/04 02:37:05 | 000,000,975 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/11/04 02:30:03 | 000,008,798 | ---- | M] () -- C:\Windows\SysWow64\icrav03.rat
[2011/11/04 02:30:03 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2011/11/04 02:30:03 | 000,001,988 | ---- | M] () -- C:\Windows\SysWow64\ticrf.rat
[2011/11/04 02:30:03 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2011/11/04 02:29:19 | 001,126,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll
[2011/11/04 02:29:19 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll
[2011/11/04 02:29:19 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsproxy.dll
[2011/11/04 02:29:18 | 001,791,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iertutil.dll
[2011/11/04 02:29:18 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/11/04 02:29:18 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2011/11/04 02:29:18 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011/11/04 02:29:18 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2011/11/04 02:29:18 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2011/11/04 02:29:18 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2011/11/04 02:29:17 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2011/11/04 02:29:17 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011/11/04 02:29:17 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/11/04 02:29:17 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll
[2011/11/04 02:29:17 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll
[2011/11/04 02:29:17 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2011/11/04 02:29:16 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011/11/04 02:29:16 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011/11/04 02:29:16 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iedkcs32.dll
[2011/11/04 02:29:16 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/11/04 02:29:16 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2011/11/04 02:29:16 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2011/11/04 02:29:16 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2011/11/04 02:29:16 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011/11/04 02:29:16 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011/11/04 02:29:16 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/11/04 02:29:16 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/11/04 02:29:16 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2011/11/04 02:29:16 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011/11/04 02:29:16 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/11/04 02:29:15 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\vbscript.dll
[2011/11/04 02:29:14 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.tlb
[2011/11/04 02:29:14 | 001,798,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll
[2011/11/04 02:29:14 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/11/04 02:29:14 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011/11/04 02:29:14 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011/11/04 02:29:14 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2011/11/04 02:29:14 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2011/11/04 02:29:13 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011/11/04 02:29:13 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2011/11/04 02:29:13 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2011/11/04 02:29:13 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/11/04 02:29:13 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\advpack.dll
[2011/11/04 02:29:13 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2011/11/04 02:29:13 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedsbs.dll
[2011/11/04 02:29:13 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll
[2011/11/04 02:29:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/11/04 02:29:10 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011/11/04 02:29:09 | 002,143,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
[2011/11/04 02:29:09 | 001,389,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[2011/11/04 02:29:09 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011/11/04 02:29:09 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011/11/04 02:29:09 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011/11/04 02:29:09 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011/11/04 02:29:09 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011/11/04 02:29:09 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/11/04 02:29:09 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshta.exe
[2011/11/04 02:29:08 | 002,309,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011/11/04 02:29:08 | 000,818,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011/11/04 02:29:08 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/11/04 02:29:08 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011/11/04 02:29:08 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/11/04 02:29:08 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advpack.dll
[2011/11/04 02:29:08 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011/11/04 02:29:08 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011/11/04 02:29:08 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011/11/04 02:29:08 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/11/04 02:29:08 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011/11/04 02:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011/11/04 02:29:08 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/11/04 02:29:07 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tdc.ocx
[2011/11/04 02:29:06 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011/11/04 02:29:06 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011/11/04 02:29:06 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011/11/04 02:29:06 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/11/04 02:29:06 | 000,403,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/11/04 02:29:06 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011/11/04 02:29:06 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/11/04 02:29:06 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/11/04 02:29:06 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/11/04 02:29:06 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icardie.dll
[2011/11/04 02:29:06 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2011/11/04 02:29:06 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/11/04 02:29:05 | 001,492,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/11/04 02:29:05 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/11/04 02:29:05 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011/11/04 02:29:05 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011/11/04 02:29:05 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011/11/04 02:29:05 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011/11/04 02:29:05 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmled.dll
[2011/11/04 02:29:05 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/11/04 02:29:03 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/11/04 02:29:03 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\occache.dll
[2011/11/04 02:29:03 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011/11/03 20:08:22 | 000,644,118 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/11/03 20:08:22 | 000,117,992 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/11/03 19:57:51 | 000,002,651 | ---- | M] () -- C:\Users\Owner\Desktop\Word.lnk
[2011/11/02 19:50:24 | 000,060,416 | -H-- | M] () -- C:\Windows\System32\igxpgman64.dll
[2011/11/02 19:50:24 | 000,053,248 | -H-- | M] () -- C:\Windows\SysWow64\igxpgman.dll
[2011/11/01 14:48:29 | 000,510,976 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\Users\Owner\AppData\Local\TCPIPSys32.dll
[2011/10/26 22:04:34 | 000,038,400 | ---- | M] () -- C:\Users\Owner\Documents\MKTG 342 Questionnaires.doc
[2011/10/26 18:52:12 | 000,251,904 | ---- | M] (Microsoft Corporation) -- C:\Users\Owner\AppData\Local\SystemWMP.dll
[2011/10/22 12:39:36 | 000,029,184 | ---- | M] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/10/22 11:11:34 | 000,033,739 | ---- | M] () -- C:\Users\Owner\Desktop\Halloween Party.docx
[2011/10/16 11:40:52 | 000,305,984 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[1 C:\Users\Owner\Desktop\*.tmp files -> C:\Users\Owner\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/11/04 02:29:16 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/11/04 02:29:06 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011/11/02 19:50:24 | 000,060,416 | -H-- | C] () -- C:\Windows\System32\igxpgman64.dll
[2011/11/02 19:50:24 | 000,053,248 | -H-- | C] () -- C:\Windows\SysWow64\igxpgman.dll
[2011/10/26 22:04:33 | 000,038,400 | ---- | C] () -- C:\Users\Owner\Documents\MKTG 342 Questionnaires.doc
[2011/10/18 21:50:34 | 000,033,739 | ---- | C] () -- C:\Users\Owner\Desktop\Halloween Party.docx
[2011/06/16 19:50:13 | 000,437,692 | ---- | C] () -- C:\Users\Owner\AppData\Local\dd_vcredistMSI1840.txt
[2011/06/16 19:50:10 | 000,011,694 | ---- | C] () -- C:\Users\Owner\AppData\Local\dd_vcredistUI1840.txt
[2010/10/11 23:21:08 | 000,000,680 | ---- | C] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat
[2010/10/11 22:19:22 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010/05/13 21:36:23 | 000,029,184 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/19 10:53:50 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/09/19 10:52:13 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008/02/19 01:33:34 | 000,446,352 | ---- | C] () -- C:\Windows\SysWow64\OpenQuicktimeLib.dll
[2008/01/20 21:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006/11/02 10:02:31 | 000,197,632 | ---- | C] () -- C:\Windows\SysWow64\ir32_32.dll

========== LOP Check ==========

[2011/11/05 20:05:21 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\20D84
[2011/11/05 20:05:01 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\532BF
[2011/05/15 22:46:36 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Catalina Marketing Corp
[2010/10/25 23:33:39 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DAEMON Tools Lite
[2010/10/18 23:17:35 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ImgBurn
[2011/04/25 21:40:20 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ooVoo Details
[2011/04/09 21:22:14 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Red Kawa
[2011/10/04 21:41:06 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Smilebox
[2009/06/01 21:09:50 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\WildTangent
[2011/11/04 02:47:01 | 000,032,636 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

KenBrown2, Nov 6, 2011

#6

Broni Malware Annihilator Posts: 39,324 +175

Do this on the computer you are posting from:
Copy the text in the codebox below:

Code:

:OTL
IE - HKU\Owner_ON_C\..\URLSearchHook: {37153479-1976-43c3-a1ee-557513977b64} - Reg Error: Key error. File not found
IE - HKU\Owner_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\Owner_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:56364
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O4 - HKLM..\Run: [0B8.exe] C:\Program Files (x86)\LP\3D92\0B8.exe ()
O4 - HKU\Owner_ON_C..\Run: [WinRAR Update] C:\Users\Owner\AppData\Local\Conduit\ConduitUpdate\Conduitup.DLL (Windows (R) 2000 DDK provider)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O20 - HKU\Owner_ON_C Winlogon: Shell - (C:\Users\Owner\AppData\Roaming\20D84\FD93D.exe) - C:\Users\Owner\AppData\Roaming\20D84\FD93D.exe ()
O36 - AppCertDlls: dvdppubw - (C:\Windows\system32\igxpgman64.dll) - C:\Windows\SysWow64\igxpgman64.dll File not found
O36 - AppCertDlls: Fireeown - (C:\Windows\system32\igxpgman.dll) - C:\Windows\SysWOW64\igxpgman.dll ()
[2011/11/05 14:16:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\84716
[2011/11/05 14:16:02 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\20D84
[2011/11/03 19:13:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BF43E
[2011/11/03 19:13:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LP
[2011/11/03 19:13:15 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\532BF
[1 C:\Users\Owner\Desktop\*.tmp files -> C:\Users\Owner\Desktop\*.tmp -> ]
[2011/11/02 19:50:24 | 000,060,416 | -H-- | M] () -- C:\Windows\System32\igxpgman64.dll
[2011/11/02 19:50:24 | 000,053,248 | -H-- | M] () -- C:\Windows\SysWow64\igxpgman.dll


:Services

:Reg

:Files

:Commands
[purity]

Open Notepad and paste it.
Save the document as Fix.txt on to a USB flash drive

On the infected computer the following...

Run OTLPE

Insert USB stick and find the file Fix.txt. Drag the file Fix.txt and drop it under the Custom Scans/Fixes box at the bottom.
- (The content of Fix.txt should appear in the box)
Then click the Run Fix button at the top
Let the program run unhindered, reboot the PC when it is done
Post the log produced (you'll need to transfer it with USB stick)
Attempt to reboot normally into Windows.

Broni, Nov 6, 2011

#7

KenBrown2 Newcomer, in training Posts: 59

Broni,

I did as directed. However after the fix completed, a dialog box popped up stating: "Click Ok to open the log file." But it never opened. I attempted to look for it, but I cannot find anything. So I decided to restart the machine....But it froze after I hit ok to restart....so I manually shut it down. I tried to run the fix again, and it still does not give me a log file. I searched the computer for a .txt, but nothing comes up since the last OTL.txt file I posted previously.

Ken

Also, the computer did not boot normally into windows...and i had to boot via the OTLPENET.exe disk.

KenBrown2, Nov 6, 2011

#8
Broni Malware Annihilator Posts: 39,324 +175

Post new OTL log.

Broni, Nov 6, 2011

#9
KenBrown2 Newcomer, in training Posts: 59

Newest OTL:

OTL logfile created on: 11/6/2011 10:57:41 PM - Run
OTLPE by OldTimer - Version 3.1.43.0 Folder = X:\Programs\OTLPE
64bit-Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 144.04 Gb Total Space | 63.58 Gb Free Space | 44.14% Space Free | Partition Type: NTFS
Drive D: | 1.87 Gb Total Space | 1.80 Gb Free Space | 96.66% Space Free | Partition Type: FAT
Drive E: | 144.04 Gb Total Space | 143.74 Gb Free Space | 99.79% Space Free | Partition Type: NTFS
Drive X: | 434.99 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/02/22 08:53:27 | 001,149,440 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV:64bit: - [2009/04/11 02:11:13 | 000,053,760 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\System32\bthserv.dll -- (BthServ)
SRV:64bit: - [2008/06/11 13:18:30 | 000,024,576 | ---- | M] () [Disabled] -- C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe -- (ETService)
SRV:64bit: - [2008/01/20 21:52:15 | 001,216,000 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV:64bit: - [2007/10/17 10:37:22 | 000,412,672 | ---- | M] (Conexant Systems, Inc.) [Disabled] -- C:\Windows\System32\drivers\XAudio64.exe -- (XAudioService)
SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Disabled] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/09/17 20:14:22 | 000,460,144 | ---- | M] () [Disabled] -- C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe -- (FlipShare Service)
SRV - [2010/03/18 13:27:14 | 001,020,768 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/30 00:40:16 | 001,043,584 | ---- | M] (Hewlett-Packard Co.) [Auto] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009/04/07 14:34:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) [Disabled] -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2009/03/29 23:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/29 23:39:54 | 000,089,920 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2009/03/06 11:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) [Disabled] -- C:\Windows\SysWOW64\atashost.exe -- (atashost)
SRV - [2009/02/18 13:40:04 | 000,042,840 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2009/02/18 13:39:11 | 000,857,432 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008/11/04 02:41:00 | 000,437,248 | ---- | M] (Conexant Systems, Inc.) [Auto] -- C:\Windows\SysWOW64\XAudio64.dll -- (HsfXAudioService)
SRV - [2008/11/04 01:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/07/20 19:45:06 | 000,354,840 | ---- | M] (Intel Corporation) [Disabled] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008/05/05 17:25:46 | 000,165,416 | ---- | M] (WildTangent, Inc.) [Disabled] -- C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2007/02/12 03:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Disabled] -- C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe -- (o2flash)
SRV - [2006/10/26 16:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)

========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV:64bit: - File not found [Kernel | On_Demand] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV:64bit: - File not found [Kernel | On_Demand] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV:64bit: - File not found [Kernel | On_Demand] -- C:\Windows\System32\DRIVERS\btwrchid.sys -- (btwrchid)
DRV:64bit: - File not found [Kernel | On_Demand] -- C:\Windows\System32\DRIVERS\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - File not found [Kernel | On_Demand] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - File not found [Kernel | On_Demand] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010/10/25 23:28:39 | 000,834,544 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/10/18 04:15:18 | 007,959,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETwNv64.sys -- (NETwNv64) ___ Intel(R)
DRV:64bit: - [2010/09/28 15:44:52 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/09/30 19:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\WpdUsb.sys -- (WpdUsb)
DRV:64bit: - [2009/04/07 14:33:08 | 000,033,072 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto] -- C:\Windows\System32\drivers\purendis.sys -- (purendis)
DRV:64bit: - [2009/04/07 14:33:06 | 000,031,536 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto] -- C:\Windows\System32\drivers\pnarp.sys -- (pnarp)
DRV:64bit: - [2008/11/17 15:50:30 | 004,751,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETw5v64.sys -- (NETw5v64) Intel(R)
DRV:64bit: - [2008/11/04 02:40:46 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto] -- C:\Windows\System32\drivers\XAudio64.sys -- (XAudio)
DRV:64bit: - [2008/10/15 07:57:50 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CAX_DPV.sys -- (HSF_DPV)
DRV:64bit: - [2008/10/15 07:53:44 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CAXHWAZL.sys -- (CAXHWAZL)
DRV:64bit: - [2008/10/15 07:52:24 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2008/07/28 22:44:20 | 000,314,880 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2008/07/20 19:44:54 | 000,402,456 | ---- | M] (Intel Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2008/07/15 03:39:24 | 000,062,296 | ---- | M] (O2Micro ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\o2mdx64.sys -- (O2MDRDR)
DRV:64bit: - [2008/07/10 21:29:08 | 007,912,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2008/07/10 04:52:38 | 000,325,680 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2008/06/29 16:52:44 | 000,126,976 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV:64bit: - [2008/06/26 18:24:20 | 000,020,520 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV:64bit: - [2008/06/11 20:29:30 | 000,051,800 | ---- | M] (O2Micro ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\o2sdx64.sys -- (O2SDRDR)
DRV:64bit: - [2008/04/29 03:00:00 | 000,392,192 | ---- | M] (Marvell) [Kernel | On_Demand] -- C:\Windows\System32\drivers\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2008/04/28 21:10:55 | 000,276,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\bthport.sys -- (BTHPORT)
DRV:64bit: - [2008/04/28 21:10:51 | 000,034,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\BTHUSB.SYS -- (BTHUSB)
DRV:64bit: - [2008/01/20 21:47:27 | 000,185,912 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV:64bit: - [2008/01/20 21:47:27 | 000,168,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbvideo.sys -- (usbvideo)
DRV:64bit: - [2008/01/20 21:47:26 | 000,078,392 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV:64bit: - [2008/01/20 21:47:25 | 000,149,048 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV:64bit: - [2008/01/20 21:47:25 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2008/01/20 21:47:03 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\bthenum.sys -- (BthEnum)
DRV:64bit: - [2008/01/20 21:47:02 | 000,115,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\bthpan.sys -- (BthPan) Bluetooth Device (Personal Area Network)
DRV:64bit: - [2008/01/20 21:47:01 | 000,113,720 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV:64bit: - [2008/01/20 21:47:00 | 000,091,192 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV:64bit: - [2008/01/20 21:46:59 | 000,397,368 | ---- | M] (Emulex) [Kernel | Disabled] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV:64bit: - [2008/01/20 21:46:59 | 000,290,872 | ---- | M] (Intel Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV:64bit: - [2008/01/20 21:46:59 | 000,047,672 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV:64bit: - [2008/01/20 21:46:59 | 000,035,896 | ---- | M] (LSI Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV:64bit: - [2008/01/20 21:46:57 | 000,286,720 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\VSTAZL6.SYS -- (HSFHWAZL)
DRV:64bit: - [2008/01/20 21:46:56 | 000,438,328 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV:64bit: - [2008/01/20 21:46:56 | 000,284,728 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV:64bit: - [2008/01/20 21:46:56 | 000,146,176 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\E1G6032E.sys -- (E1G60) Intel(R)
DRV:64bit: - [2008/01/20 21:46:56 | 000,105,016 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV:64bit: - [2008/01/20 21:46:55 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\System32\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2008/01/20 21:46:54 | 000,342,584 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV:64bit: - [2008/01/20 21:46:54 | 000,128,056 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV:64bit: - [2008/01/20 21:46:54 | 000,126,520 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV:64bit: - [2008/01/20 21:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV:64bit: - [2008/01/20 21:46:53 | 000,486,456 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV:64bit: - [2008/01/20 21:46:52 | 001,221,176 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV:64bit: - [2008/01/20 21:46:52 | 000,174,696 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV:64bit: - [2008/01/20 21:46:52 | 000,090,680 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV:64bit: - [2008/01/20 21:46:52 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\rfcomm.sys -- (RFCOMM) Bluetooth Device (RFCOMM Protocol TDI)
DRV:64bit: - [2008/01/20 21:46:51 | 000,113,720 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV:64bit: - [2008/01/20 21:46:51 | 000,017,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CmBatt.sys -- (CmBatt)
DRV:64bit: - [2008/01/20 21:46:50 | 000,018,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV:64bit: - [2008/01/20 21:46:50 | 000,018,024 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV:64bit: - [2008/01/20 21:46:50 | 000,015,976 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV:64bit: - [2007/07/26 05:00:00 | 000,053,488 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- C:\Windows\System32\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2006/11/02 07:03:03 | 000,051,816 | ---- | M] (IBM Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV:64bit: - [2006/11/02 07:02:52 | 000,049,256 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV:64bit: - [2006/11/02 07:02:47 | 000,048,232 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV:64bit: - [2006/11/02 07:02:39 | 000,044,648 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV:64bit: - [2006/11/02 07:02:37 | 000,044,648 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV:64bit: - [2006/11/02 07:02:24 | 000,039,016 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV:64bit: - [2006/11/02 07:02:09 | 000,037,480 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV:64bit: - [2006/11/02 07:02:09 | 000,037,480 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV:64bit: - [2006/11/02 06:50:54 | 000,148,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV:64bit: - [2006/11/02 06:50:27 | 000,124,008 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV:64bit: - [2006/11/02 06:50:06 | 000,088,168 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV:64bit: - [2006/11/02 03:43:25 | 000,086,528 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV:64bit: - [2006/11/02 00:28:10 | 000,273,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\HdAudio.sys -- (HdAudAddService)
DRV:64bit: - [2006/09/19 06:42:33 | 000,014,720 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV:64bit: - [2006/09/18 16:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- C:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2006/09/18 16:30:18 | 000,047,104 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV:64bit: - [2006/09/18 16:30:18 | 000,014,976 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV:64bit: - [2006/09/18 16:30:15 | 000,018,432 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV:64bit: - [2006/09/18 16:30:15 | 000,008,704 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2008/06/11 13:13:24 | 000,017,952 | ---- | M] (Acer, Inc.) [Kernel | Auto] -- C:\Windows\SysWOW64\drivers\int15_64.sys -- (int15)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=2&o=vp64&d=1008&m=mc7801u

IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = ED 4E 79 01 33 D3 49 45 BC E6 1F 22 01 79 39 64 [binary data]
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\LocalService_ON_C\Software\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = ED 4E 79 01 33 D3 49 45 BC E6 1F 22 01 79 39 64 [binary data]

IE - HKU\NetworkService_ON_C\Software\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = ED 4E 79 01 33 D3 49 45 BC E6 1F 22 01 79 39 64 [binary data]

IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.livingston.org/
IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.livingston.org/livingstonps/site/default.asp
IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = ED 4E 79 01 33 D3 49 45 BC E6 1F 22 01 79 39 64 [binary data]
IE - HKU\Owner_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Owner_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\Owner_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =

[2011/05/13 20:07:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/10/24 18:42:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/07/01 22:02:49 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol400.dll
[2011/03/18 12:33:21 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
[2010/10/24 18:42:12 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2011/03/18 12:33:22 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll

O1 HOSTS File: ([2011/06/18 17:07:46 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg64.dll (Google Inc.)
O2 - BHO: (no name) - {01794EED-D333-4549-BCE6-1F2201793964} - C:\Users\Owner\AppData\Local\TCPIPSys32.dll (Windows (R) 2000 DDK provider)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (no name) - {37153479-1976-43c3-a1ee-557513977b64} - No CLSID value found.
O2 - BHO: (ooVoo Toolbar) - {59c6f12b-f004-43e5-9997-08f2123119b6} - C:\Program Files (x86)\oovootoolbar\oovootoolbarX.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {37153479-1976-43c3-a1ee-557513977b64} - No CLSID value found.
O3 - HKLM\..\Toolbar: (ooVoo Toolbar) - {59c6f12b-f004-43e5-9997-08f2123119b6} - C:\Program Files (x86)\oovootoolbar\oovootoolbarX.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3:64bit: - HKU\Owner_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\Owner_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Trigger New Acer AlaunchX] C:\ACER\Preload\Command\AlaunchX\AppInRun.exe (Acer Inc.)
O4 - HKU\Owner_ON_C..\Run: [GooglePolicyPolicy] C:\ProgramData\GooglePolicyPolicy.DLL (Microsoft Corporation)
O4 - HKU\Owner_ON_C..\Run: [SmileboxTray] C:\Users\Owner\AppData\Roaming\Smilebox\SmileboxTray.exe (Smilebox, Inc.)
O4 - HKU\Owner_ON_C..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\Owner_ON_C..\Run: [WinRAR Update] C:\Users\Owner\AppData\Local\Conduit\ConduitUpdate\Conduitup.DLL File not found
O4 - HKU\Owner_ON_C..\Run: [YahooPartnerToolbar Update] C:\Users\Owner\AppData\Local\Apple\AppleUpdate\Appleupdt32.DLL (Microsoft Corporation)
O4 - HKLM..\RunOnce: [New Acer AlaunchX] C:\ACER\Preload\Command\AlaunchX\LaunchAlaunchX.exe (Acer Inc.)
O4 - Startup: Error locating startup folders.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos-beta/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.16.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.245.130 167.206.245.129
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKU\Owner_ON_C Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKU\Owner_ON_C Winlogon: Shell - (C:\Users\Owner\AppData\Roaming\20D84\FD93D.exe) - C:\Users\Owner\AppData\Roaming\20D84\FD93D.exe File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/11/06 22:30:44 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/11/06 22:15:05 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/11/04 02:29:19 | 001,126,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll
[2011/11/04 02:29:19 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll
[2011/11/04 02:29:19 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsproxy.dll
[2011/11/04 02:29:18 | 001,791,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iertutil.dll
[2011/11/04 02:29:18 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/11/04 02:29:18 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2011/11/04 02:29:18 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011/11/04 02:29:18 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2011/11/04 02:29:18 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2011/11/04 02:29:18 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2011/11/04 02:29:17 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2011/11/04 02:29:17 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011/11/04 02:29:17 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/11/04 02:29:17 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll
[2011/11/04 02:29:17 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll
[2011/11/04 02:29:17 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2011/11/04 02:29:16 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011/11/04 02:29:16 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011/11/04 02:29:16 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iedkcs32.dll
[2011/11/04 02:29:16 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/11/04 02:29:16 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2011/11/04 02:29:16 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2011/11/04 02:29:16 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2011/11/04 02:29:16 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011/11/04 02:29:16 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011/11/04 02:29:16 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/11/04 02:29:16 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2011/11/04 02:29:16 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011/11/04 02:29:16 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/11/04 02:29:15 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbscript.dll
[2011/11/04 02:29:14 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.tlb
[2011/11/04 02:29:14 | 001,798,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll
[2011/11/04 02:29:14 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/11/04 02:29:14 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011/11/04 02:29:14 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011/11/04 02:29:14 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2011/11/04 02:29:14 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2011/11/04 02:29:13 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011/11/04 02:29:13 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2011/11/04 02:29:13 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2011/11/04 02:29:13 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/11/04 02:29:13 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\advpack.dll
[2011/11/04 02:29:13 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2011/11/04 02:29:13 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedsbs.dll
[2011/11/04 02:29:13 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll
[2011/11/04 02:29:13 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/11/04 02:29:10 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011/11/04 02:29:09 | 002,143,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
[2011/11/04 02:29:09 | 001,389,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[2011/11/04 02:29:09 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011/11/04 02:29:09 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011/11/04 02:29:09 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011/11/04 02:29:09 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011/11/04 02:29:09 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011/11/04 02:29:09 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/11/04 02:29:09 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshta.exe
[2011/11/04 02:29:08 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011/11/04 02:29:08 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011/11/04 02:29:08 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/11/04 02:29:08 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011/11/04 02:29:08 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/11/04 02:29:08 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\advpack.dll
[2011/11/04 02:29:08 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011/11/04 02:29:08 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011/11/04 02:29:08 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011/11/04 02:29:08 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/11/04 02:29:08 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011/11/04 02:29:08 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011/11/04 02:29:08 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/11/04 02:29:07 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdc.ocx
[2011/11/04 02:29:06 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011/11/04 02:29:06 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011/11/04 02:29:06 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011/11/04 02:29:06 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/11/04 02:29:06 | 000,403,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/11/04 02:29:06 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011/11/04 02:29:06 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/11/04 02:29:06 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/11/04 02:29:06 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/11/04 02:29:06 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardie.dll
[2011/11/04 02:29:06 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/11/04 02:29:05 | 001,492,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/11/04 02:29:05 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/11/04 02:29:05 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011/11/04 02:29:05 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011/11/04 02:29:05 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011/11/04 02:29:05 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011/11/04 02:29:05 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmled.dll
[2011/11/04 02:29:05 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/11/04 02:29:03 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/11/04 02:29:03 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\occache.dll
[2011/11/04 02:29:03 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011/11/01 14:48:29 | 000,510,976 | ---- | C] (Windows (R) 2000 DDK provider) -- C:\Users\Owner\AppData\Local\TCPIPSys32.dll
[2011/10/26 22:08:09 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\svchost.exe
[2011/10/26 18:52:12 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\Users\Owner\AppData\Local\SystemWMP.dll
[2011/10/23 21:10:41 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\FlashDrive_Backup(10-23-11)
[2011/10/15 08:58:13 | 000,735,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2011/10/15 08:58:13 | 000,563,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oleaut32.dll
[2011/10/15 08:58:13 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAutomationCore.dll
[2011/10/15 08:58:13 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleacc.dll
[2011/10/15 08:58:13 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oleacc.dll
[2011/10/15 08:58:12 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll
[2011/10/15 08:58:12 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oleaccrc.dll
[2011/10/15 08:58:12 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2011/10/15 08:58:00 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011/10/15 08:58:00 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2011/10/15 08:58:00 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2011/10/15 08:58:00 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2011/10/15 08:58:00 | 000,100,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2011/10/15 08:58:00 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2011/10/15 08:58:00 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mpeg2Data.ax
[2011/10/15 08:58:00 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDvbNP.ax

Continued...

KenBrown2, Nov 6, 2011

#10
KenBrown2 Newcomer, in training Posts: 59

...Continued

========== Files - Modified Within 30 Days ==========

[2011/11/05 23:19:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/05 23:01:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/11/05 22:14:01 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/05 22:14:01 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/05 14:14:13 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/11/04 02:47:01 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/11/04 02:37:05 | 000,000,975 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/11/04 02:30:03 | 000,008,798 | ---- | M] () -- C:\Windows\SysWow64\icrav03.rat
[2011/11/04 02:30:03 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2011/11/04 02:30:03 | 000,001,988 | ---- | M] () -- C:\Windows\SysWow64\ticrf.rat
[2011/11/04 02:30:03 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2011/11/04 02:29:19 | 001,126,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll
[2011/11/04 02:29:19 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll
[2011/11/04 02:29:19 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsproxy.dll
[2011/11/04 02:29:18 | 001,791,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iertutil.dll
[2011/11/04 02:29:18 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/11/04 02:29:18 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2011/11/04 02:29:18 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011/11/04 02:29:18 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2011/11/04 02:29:18 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2011/11/04 02:29:18 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2011/11/04 02:29:17 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2011/11/04 02:29:17 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011/11/04 02:29:17 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/11/04 02:29:17 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll
[2011/11/04 02:29:17 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll
[2011/11/04 02:29:17 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2011/11/04 02:29:16 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011/11/04 02:29:16 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011/11/04 02:29:16 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iedkcs32.dll
[2011/11/04 02:29:16 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/11/04 02:29:16 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2011/11/04 02:29:16 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2011/11/04 02:29:16 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2011/11/04 02:29:16 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011/11/04 02:29:16 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011/11/04 02:29:16 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/11/04 02:29:16 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/11/04 02:29:16 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2011/11/04 02:29:16 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011/11/04 02:29:16 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/11/04 02:29:15 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\vbscript.dll
[2011/11/04 02:29:14 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.tlb
[2011/11/04 02:29:14 | 001,798,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll
[2011/11/04 02:29:14 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/11/04 02:29:14 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011/11/04 02:29:14 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011/11/04 02:29:14 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2011/11/04 02:29:14 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2011/11/04 02:29:13 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011/11/04 02:29:13 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2011/11/04 02:29:13 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2011/11/04 02:29:13 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/11/04 02:29:13 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\advpack.dll
[2011/11/04 02:29:13 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2011/11/04 02:29:13 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedsbs.dll
[2011/11/04 02:29:13 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll
[2011/11/04 02:29:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/11/04 02:29:10 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011/11/04 02:29:09 | 002,143,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
[2011/11/04 02:29:09 | 001,389,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[2011/11/04 02:29:09 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011/11/04 02:29:09 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011/11/04 02:29:09 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011/11/04 02:29:09 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011/11/04 02:29:09 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011/11/04 02:29:09 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/11/04 02:29:09 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshta.exe
[2011/11/04 02:29:08 | 002,309,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011/11/04 02:29:08 | 000,818,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011/11/04 02:29:08 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/11/04 02:29:08 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011/11/04 02:29:08 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/11/04 02:29:08 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advpack.dll
[2011/11/04 02:29:08 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011/11/04 02:29:08 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011/11/04 02:29:08 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011/11/04 02:29:08 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/11/04 02:29:08 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011/11/04 02:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011/11/04 02:29:08 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/11/04 02:29:07 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tdc.ocx
[2011/11/04 02:29:06 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011/11/04 02:29:06 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011/11/04 02:29:06 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011/11/04 02:29:06 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/11/04 02:29:06 | 000,403,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/11/04 02:29:06 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011/11/04 02:29:06 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/11/04 02:29:06 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/11/04 02:29:06 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/11/04 02:29:06 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icardie.dll
[2011/11/04 02:29:06 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2011/11/04 02:29:06 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/11/04 02:29:05 | 001,492,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/11/04 02:29:05 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/11/04 02:29:05 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011/11/04 02:29:05 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011/11/04 02:29:05 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011/11/04 02:29:05 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011/11/04 02:29:05 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmled.dll
[2011/11/04 02:29:05 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/11/04 02:29:03 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/11/04 02:29:03 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\occache.dll
[2011/11/04 02:29:03 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011/11/03 20:08:22 | 000,644,118 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/11/03 20:08:22 | 000,117,992 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/11/03 19:57:51 | 000,002,651 | ---- | M] () -- C:\Users\Owner\Desktop\Word.lnk
[2011/11/02 19:50:24 | 000,060,416 | -H-- | M] () -- C:\Windows\System32\igxpgman64.dll
[2011/11/01 14:48:29 | 000,510,976 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\Users\Owner\AppData\Local\TCPIPSys32.dll
[2011/10/26 22:04:34 | 000,038,400 | ---- | M] () -- C:\Users\Owner\Documents\MKTG 342 Questionnaires.doc
[2011/10/26 18:52:12 | 000,251,904 | ---- | M] (Microsoft Corporation) -- C:\Users\Owner\AppData\Local\SystemWMP.dll
[2011/10/22 12:39:36 | 000,029,184 | ---- | M] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/10/22 11:11:34 | 000,033,739 | ---- | M] () -- C:\Users\Owner\Desktop\Halloween Party.docx
[2011/10/16 11:40:52 | 000,305,984 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2011/11/04 02:29:16 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/11/04 02:29:06 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011/11/02 19:50:24 | 000,060,416 | -H-- | C] () -- C:\Windows\System32\igxpgman64.dll
[2011/10/26 22:04:33 | 000,038,400 | ---- | C] () -- C:\Users\Owner\Documents\MKTG 342 Questionnaires.doc
[2011/10/18 21:50:34 | 000,033,739 | ---- | C] () -- C:\Users\Owner\Desktop\Halloween Party.docx
[2011/06/16 19:50:13 | 000,437,692 | ---- | C] () -- C:\Users\Owner\AppData\Local\dd_vcredistMSI1840.txt
[2011/06/16 19:50:10 | 000,011,694 | ---- | C] () -- C:\Users\Owner\AppData\Local\dd_vcredistUI1840.txt
[2010/10/11 23:21:08 | 000,000,680 | ---- | C] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat
[2010/10/11 22:19:22 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010/05/13 21:36:23 | 000,029,184 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/19 10:53:50 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/09/19 10:52:13 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008/02/19 01:33:34 | 000,446,352 | ---- | C] () -- C:\Windows\SysWow64\OpenQuicktimeLib.dll
[2008/01/20 21:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006/11/02 10:02:31 | 000,197,632 | ---- | C] () -- C:\Windows\SysWow64\ir32_32.dll

========== LOP Check ==========

[2011/05/15 22:46:36 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Catalina Marketing Corp
[2010/10/25 23:33:39 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DAEMON Tools Lite
[2010/10/18 23:17:35 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ImgBurn
[2011/04/25 21:40:20 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ooVoo Details
[2011/04/09 21:22:14 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Red Kawa
[2011/10/04 21:41:06 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Smilebox
[2009/06/01 21:09:50 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\WildTangent
[2011/11/04 02:47:01 | 000,032,636 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

KenBrown2, Nov 6, 2011

#11

Broni Malware Annihilator Posts: 39,324 +175

Some entries have been successfully removed, but some are still there.

Re-run OTL with this custom script:

Code:

:OTL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O4 - HKU\Owner_ON_C..\Run: [WinRAR Update] C:\Users\Owner\AppData\Local\Conduit\ConduitUpdate\Conduitup.DLL File not found
O20 - HKU\Owner_ON_C Winlogon: Shell - (C:\Users\Owner\AppData\Roaming\20D84\FD93D.exe) - C:\Users\Owner\AppData\Roaming\20D84\FD93D.exe ()
[2011/11/02 19:50:24 | 000,060,416 | -H-- | M] () -- C:\Windows\System32\igxpgman64.dll


:Services

:Reg

:Files

:Commands
[purity]

Broni, Nov 6, 2011

#12

KenBrown2 Newcomer, in training Posts: 59

Broni,

Below is the new OTL scan log... not sure if it is relevant, but I have received the same error message every time I run the scan (as described in my first OTL log post)

OTL

OTL logfile created on: 11/7/2011 12:23:07 AM - Run
OTLPE by OldTimer - Version 3.1.43.0 Folder = X:\Programs\OTLPE
64bit-Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 88.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 144.04 Gb Total Space | 63.58 Gb Free Space | 44.14% Space Free | Partition Type: NTFS
Drive D: | 1.87 Gb Total Space | 1.80 Gb Free Space | 96.65% Space Free | Partition Type: FAT
Drive E: | 144.04 Gb Total Space | 143.74 Gb Free Space | 99.79% Space Free | Partition Type: NTFS
Drive X: | 434.99 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/02/22 08:53:27 | 001,149,440 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV:64bit: - [2009/04/11 02:11:13 | 000,053,760 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\System32\bthserv.dll -- (BthServ)
SRV:64bit: - [2008/06/11 13:18:30 | 000,024,576 | ---- | M] () [Disabled] -- C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe -- (ETService)
SRV:64bit: - [2008/01/20 21:52:15 | 001,216,000 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV:64bit: - [2007/10/17 10:37:22 | 000,412,672 | ---- | M] (Conexant Systems, Inc.) [Disabled] -- C:\Windows\System32\drivers\XAudio64.exe -- (XAudioService)
SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Disabled] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/09/17 20:14:22 | 000,460,144 | ---- | M] () [Disabled] -- C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe -- (FlipShare Service)
SRV - [2010/03/18 13:27:14 | 001,020,768 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/30 00:40:16 | 001,043,584 | ---- | M] (Hewlett-Packard Co.) [Auto] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009/04/07 14:34:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) [Disabled] -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2009/03/29 23:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/29 23:39:54 | 000,089,920 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2009/03/06 11:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) [Disabled] -- C:\Windows\SysWOW64\atashost.exe -- (atashost)
SRV - [2009/02/18 13:40:04 | 000,042,840 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2009/02/18 13:39:11 | 000,857,432 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008/11/04 02:41:00 | 000,437,248 | ---- | M] (Conexant Systems, Inc.) [Auto] -- C:\Windows\SysWOW64\XAudio64.dll -- (HsfXAudioService)
SRV - [2008/11/04 01:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/07/20 19:45:06 | 000,354,840 | ---- | M] (Intel Corporation) [Disabled] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008/05/05 17:25:46 | 000,165,416 | ---- | M] (WildTangent, Inc.) [Disabled] -- C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2007/02/12 03:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Disabled] -- C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe -- (o2flash)
SRV - [2006/10/26 16:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)

========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV:64bit: - File not found [Kernel | On_Demand] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV:64bit: - File not found [Kernel | On_Demand] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV:64bit: - File not found [Kernel | On_Demand] -- C:\Windows\System32\DRIVERS\btwrchid.sys -- (btwrchid)
DRV:64bit: - File not found [Kernel | On_Demand] -- C:\Windows\System32\DRIVERS\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - File not found [Kernel | On_Demand] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - File not found [Kernel | On_Demand] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010/10/25 23:28:39 | 000,834,544 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/10/18 04:15:18 | 007,959,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETwNv64.sys -- (NETwNv64) ___ Intel(R)
DRV:64bit: - [2010/09/28 15:44:52 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/09/30 19:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\WpdUsb.sys -- (WpdUsb)
DRV:64bit: - [2009/04/07 14:33:08 | 000,033,072 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto] -- C:\Windows\System32\drivers\purendis.sys -- (purendis)
DRV:64bit: - [2009/04/07 14:33:06 | 000,031,536 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto] -- C:\Windows\System32\drivers\pnarp.sys -- (pnarp)
DRV:64bit: - [2008/11/17 15:50:30 | 004,751,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETw5v64.sys -- (NETw5v64) Intel(R)
DRV:64bit: - [2008/11/04 02:40:46 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto] -- C:\Windows\System32\drivers\XAudio64.sys -- (XAudio)
DRV:64bit: - [2008/10/15 07:57:50 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CAX_DPV.sys -- (HSF_DPV)
DRV:64bit: - [2008/10/15 07:53:44 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CAXHWAZL.sys -- (CAXHWAZL)
DRV:64bit: - [2008/10/15 07:52:24 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2008/07/28 22:44:20 | 000,314,880 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2008/07/20 19:44:54 | 000,402,456 | ---- | M] (Intel Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2008/07/15 03:39:24 | 000,062,296 | ---- | M] (O2Micro ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\o2mdx64.sys -- (O2MDRDR)
DRV:64bit: - [2008/07/10 21:29:08 | 007,912,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2008/07/10 04:52:38 | 000,325,680 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2008/06/29 16:52:44 | 000,126,976 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV:64bit: - [2008/06/26 18:24:20 | 000,020,520 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV:64bit: - [2008/06/11 20:29:30 | 000,051,800 | ---- | M] (O2Micro ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\o2sdx64.sys -- (O2SDRDR)
DRV:64bit: - [2008/04/29 03:00:00 | 000,392,192 | ---- | M] (Marvell) [Kernel | On_Demand] -- C:\Windows\System32\drivers\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2008/04/28 21:10:55 | 000,276,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\bthport.sys -- (BTHPORT)
DRV:64bit: - [2008/04/28 21:10:51 | 000,034,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\BTHUSB.SYS -- (BTHUSB)
DRV:64bit: - [2008/01/20 21:47:27 | 000,185,912 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV:64bit: - [2008/01/20 21:47:27 | 000,168,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbvideo.sys -- (usbvideo)
DRV:64bit: - [2008/01/20 21:47:26 | 000,078,392 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV:64bit: - [2008/01/20 21:47:25 | 000,149,048 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV:64bit: - [2008/01/20 21:47:25 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2008/01/20 21:47:03 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\bthenum.sys -- (BthEnum)
DRV:64bit: - [2008/01/20 21:47:02 | 000,115,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\bthpan.sys -- (BthPan) Bluetooth Device (Personal Area Network)
DRV:64bit: - [2008/01/20 21:47:01 | 000,113,720 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV:64bit: - [2008/01/20 21:47:00 | 000,091,192 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV:64bit: - [2008/01/20 21:46:59 | 000,397,368 | ---- | M] (Emulex) [Kernel | Disabled] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV:64bit: - [2008/01/20 21:46:59 | 000,290,872 | ---- | M] (Intel Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV:64bit: - [2008/01/20 21:46:59 | 000,047,672 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV:64bit: - [2008/01/20 21:46:59 | 000,035,896 | ---- | M] (LSI Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV:64bit: - [2008/01/20 21:46:57 | 000,286,720 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\VSTAZL6.SYS -- (HSFHWAZL)
DRV:64bit: - [2008/01/20 21:46:56 | 000,438,328 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV:64bit: - [2008/01/20 21:46:56 | 000,284,728 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV:64bit: - [2008/01/20 21:46:56 | 000,146,176 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\E1G6032E.sys -- (E1G60) Intel(R)
DRV:64bit: - [2008/01/20 21:46:56 | 000,105,016 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV:64bit: - [2008/01/20 21:46:55 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\System32\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2008/01/20 21:46:54 | 000,342,584 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV:64bit: - [2008/01/20 21:46:54 | 000,128,056 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV:64bit: - [2008/01/20 21:46:54 | 000,126,520 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV:64bit: - [2008/01/20 21:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV:64bit: - [2008/01/20 21:46:53 | 000,486,456 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV:64bit: - [2008/01/20 21:46:52 | 001,221,176 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV:64bit: - [2008/01/20 21:46:52 | 000,174,696 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV:64bit: - [2008/01/20 21:46:52 | 000,090,680 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV:64bit: - [2008/01/20 21:46:52 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\rfcomm.sys -- (RFCOMM) Bluetooth Device (RFCOMM Protocol TDI)
DRV:64bit: - [2008/01/20 21:46:51 | 000,113,720 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV:64bit: - [2008/01/20 21:46:51 | 000,017,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CmBatt.sys -- (CmBatt)
DRV:64bit: - [2008/01/20 21:46:50 | 000,018,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV:64bit: - [2008/01/20 21:46:50 | 000,018,024 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV:64bit: - [2008/01/20 21:46:50 | 000,015,976 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV:64bit: - [2007/07/26 05:00:00 | 000,053,488 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- C:\Windows\System32\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2006/11/02 07:03:03 | 000,051,816 | ---- | M] (IBM Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV:64bit: - [2006/11/02 07:02:52 | 000,049,256 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV:64bit: - [2006/11/02 07:02:47 | 000,048,232 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV:64bit: - [2006/11/02 07:02:39 | 000,044,648 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV:64bit: - [2006/11/02 07:02:37 | 000,044,648 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV:64bit: - [2006/11/02 07:02:24 | 000,039,016 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV:64bit: - [2006/11/02 07:02:09 | 000,037,480 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV:64bit: - [2006/11/02 07:02:09 | 000,037,480 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV:64bit: - [2006/11/02 06:50:54 | 000,148,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV:64bit: - [2006/11/02 06:50:27 | 000,124,008 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV:64bit: - [2006/11/02 06:50:06 | 000,088,168 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV:64bit: - [2006/11/02 03:43:25 | 000,086,528 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV:64bit: - [2006/11/02 00:28:10 | 000,273,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\HdAudio.sys -- (HdAudAddService)
DRV:64bit: - [2006/09/19 06:42:33 | 000,014,720 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV:64bit: - [2006/09/18 16:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- C:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2006/09/18 16:30:18 | 000,047,104 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV:64bit: - [2006/09/18 16:30:18 | 000,014,976 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV:64bit: - [2006/09/18 16:30:15 | 000,018,432 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV:64bit: - [2006/09/18 16:30:15 | 000,008,704 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2008/06/11 13:13:24 | 000,017,952 | ---- | M] (Acer, Inc.) [Kernel | Auto] -- C:\Windows\SysWOW64\drivers\int15_64.sys -- (int15)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=2&o=vp64&d=1008&m=mc7801u

IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = ED 4E 79 01 33 D3 49 45 BC E6 1F 22 01 79 39 64 [binary data]
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\LocalService_ON_C\Software\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = ED 4E 79 01 33 D3 49 45 BC E6 1F 22 01 79 39 64 [binary data]

IE - HKU\NetworkService_ON_C\Software\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = ED 4E 79 01 33 D3 49 45 BC E6 1F 22 01 79 39 64 [binary data]

IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.livingston.org/
IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.livingston.org/livingstonps/site/default.asp
IE - HKU\Owner_ON_C\Software\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = ED 4E 79 01 33 D3 49 45 BC E6 1F 22 01 79 39 64 [binary data]
IE - HKU\Owner_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Owner_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\Owner_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =

[2011/05/13 20:07:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/10/24 18:42:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/07/01 22:02:49 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol400.dll
[2011/03/18 12:33:21 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
[2010/10/24 18:42:12 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2011/03/18 12:33:22 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll

O1 HOSTS File: ([2011/06/18 17:07:46 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg64.dll (Google Inc.)
O2 - BHO: (no name) - {01794EED-D333-4549-BCE6-1F2201793964} - C:\Users\Owner\AppData\Local\TCPIPSys32.dll (Windows (R) 2000 DDK provider)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (no name) - {37153479-1976-43c3-a1ee-557513977b64} - No CLSID value found.
O2 - BHO: (ooVoo Toolbar) - {59c6f12b-f004-43e5-9997-08f2123119b6} - C:\Program Files (x86)\oovootoolbar\oovootoolbarX.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {37153479-1976-43c3-a1ee-557513977b64} - No CLSID value found.
O3 - HKLM\..\Toolbar: (ooVoo Toolbar) - {59c6f12b-f004-43e5-9997-08f2123119b6} - C:\Program Files (x86)\oovootoolbar\oovootoolbarX.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3:64bit: - HKU\Owner_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\Owner_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Trigger New Acer AlaunchX] C:\ACER\Preload\Command\AlaunchX\AppInRun.exe (Acer Inc.)
O4 - HKU\Owner_ON_C..\Run: [GooglePolicyPolicy] C:\ProgramData\GooglePolicyPolicy.DLL (Microsoft Corporation)
O4 - HKU\Owner_ON_C..\Run: [SmileboxTray] C:\Users\Owner\AppData\Roaming\Smilebox\SmileboxTray.exe (Smilebox, Inc.)
O4 - HKU\Owner_ON_C..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\Owner_ON_C..\Run: [WinRAR Update] C:\Users\Owner\AppData\Local\Conduit\ConduitUpdate\Conduitup.DLL File not found
O4 - HKU\Owner_ON_C..\Run: [YahooPartnerToolbar Update] C:\Users\Owner\AppData\Local\Apple\AppleUpdate\Appleupdt32.DLL (Microsoft Corporation)
O4 - HKLM..\RunOnce: [New Acer AlaunchX] C:\ACER\Preload\Command\AlaunchX\LaunchAlaunchX.exe (Acer Inc.)
O4 - Startup: Error locating startup folders.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\Owner_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos-beta/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.16.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.245.130 167.206.245.129
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKU\Owner_ON_C Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKU\Owner_ON_C Winlogon: Shell - (C:\Users\Owner\AppData\Roaming\20D84\FD93D.exe) - C:\Users\Owner\AppData\Roaming\20D84\FD93D.exe File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

Continued...

KenBrown2, Nov 6, 2011

#13
KenBrown2 Newcomer, in training Posts: 59

...Continued

========== Files/Folders - Created Within 30 Days ==========

[2011/11/06 22:30:44 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/11/06 22:15:05 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/11/04 02:29:19 | 001,126,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll
[2011/11/04 02:29:19 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll
[2011/11/04 02:29:19 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsproxy.dll
[2011/11/04 02:29:18 | 001,791,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iertutil.dll
[2011/11/04 02:29:18 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/11/04 02:29:18 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2011/11/04 02:29:18 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011/11/04 02:29:18 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2011/11/04 02:29:18 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2011/11/04 02:29:18 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2011/11/04 02:29:17 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2011/11/04 02:29:17 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011/11/04 02:29:17 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/11/04 02:29:17 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll
[2011/11/04 02:29:17 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll
[2011/11/04 02:29:17 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2011/11/04 02:29:16 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011/11/04 02:29:16 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011/11/04 02:29:16 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iedkcs32.dll
[2011/11/04 02:29:16 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/11/04 02:29:16 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2011/11/04 02:29:16 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2011/11/04 02:29:16 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2011/11/04 02:29:16 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011/11/04 02:29:16 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011/11/04 02:29:16 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/11/04 02:29:16 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2011/11/04 02:29:16 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011/11/04 02:29:16 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/11/04 02:29:15 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbscript.dll
[2011/11/04 02:29:14 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.tlb
[2011/11/04 02:29:14 | 001,798,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll
[2011/11/04 02:29:14 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/11/04 02:29:14 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011/11/04 02:29:14 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011/11/04 02:29:14 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2011/11/04 02:29:14 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2011/11/04 02:29:13 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011/11/04 02:29:13 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2011/11/04 02:29:13 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2011/11/04 02:29:13 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/11/04 02:29:13 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\advpack.dll
[2011/11/04 02:29:13 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2011/11/04 02:29:13 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedsbs.dll
[2011/11/04 02:29:13 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll
[2011/11/04 02:29:13 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/11/04 02:29:10 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011/11/04 02:29:09 | 002,143,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
[2011/11/04 02:29:09 | 001,389,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[2011/11/04 02:29:09 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011/11/04 02:29:09 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011/11/04 02:29:09 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011/11/04 02:29:09 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011/11/04 02:29:09 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011/11/04 02:29:09 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/11/04 02:29:09 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshta.exe
[2011/11/04 02:29:08 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011/11/04 02:29:08 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011/11/04 02:29:08 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/11/04 02:29:08 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011/11/04 02:29:08 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/11/04 02:29:08 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\advpack.dll
[2011/11/04 02:29:08 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011/11/04 02:29:08 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011/11/04 02:29:08 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011/11/04 02:29:08 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/11/04 02:29:08 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011/11/04 02:29:08 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011/11/04 02:29:08 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/11/04 02:29:07 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdc.ocx
[2011/11/04 02:29:06 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011/11/04 02:29:06 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011/11/04 02:29:06 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011/11/04 02:29:06 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/11/04 02:29:06 | 000,403,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/11/04 02:29:06 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011/11/04 02:29:06 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/11/04 02:29:06 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/11/04 02:29:06 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/11/04 02:29:06 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardie.dll
[2011/11/04 02:29:06 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/11/04 02:29:05 | 001,492,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/11/04 02:29:05 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/11/04 02:29:05 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011/11/04 02:29:05 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011/11/04 02:29:05 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011/11/04 02:29:05 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011/11/04 02:29:05 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmled.dll
[2011/11/04 02:29:05 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/11/04 02:29:03 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/11/04 02:29:03 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\occache.dll
[2011/11/04 02:29:03 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011/11/01 14:48:29 | 000,510,976 | ---- | C] (Windows (R) 2000 DDK provider) -- C:\Users\Owner\AppData\Local\TCPIPSys32.dll
[2011/10/26 22:08:09 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\svchost.exe
[2011/10/26 18:52:12 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\Users\Owner\AppData\Local\SystemWMP.dll
[2011/10/23 21:10:41 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\FlashDrive_Backup(10-23-11)
[2011/10/15 08:58:13 | 000,735,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2011/10/15 08:58:13 | 000,563,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oleaut32.dll
[2011/10/15 08:58:13 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAutomationCore.dll
[2011/10/15 08:58:13 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleacc.dll
[2011/10/15 08:58:13 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oleacc.dll
[2011/10/15 08:58:12 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll
[2011/10/15 08:58:12 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oleaccrc.dll
[2011/10/15 08:58:12 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2011/10/15 08:58:00 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011/10/15 08:58:00 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2011/10/15 08:58:00 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2011/10/15 08:58:00 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2011/10/15 08:58:00 | 000,100,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2011/10/15 08:58:00 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2011/10/15 08:58:00 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mpeg2Data.ax
[2011/10/15 08:58:00 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDvbNP.ax

========== Files - Modified Within 30 Days ==========

[2011/11/05 23:19:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/05 23:01:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/11/05 22:14:01 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/05 22:14:01 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/05 14:14:13 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/11/04 02:47:01 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/11/04 02:37:05 | 000,000,975 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/11/04 02:30:03 | 000,008,798 | ---- | M] () -- C:\Windows\SysWow64\icrav03.rat
[2011/11/04 02:30:03 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2011/11/04 02:30:03 | 000,001,988 | ---- | M] () -- C:\Windows\SysWow64\ticrf.rat
[2011/11/04 02:30:03 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2011/11/04 02:29:19 | 001,126,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll
[2011/11/04 02:29:19 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll
[2011/11/04 02:29:19 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsproxy.dll
[2011/11/04 02:29:18 | 001,791,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iertutil.dll
[2011/11/04 02:29:18 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/11/04 02:29:18 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2011/11/04 02:29:18 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011/11/04 02:29:18 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2011/11/04 02:29:18 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2011/11/04 02:29:18 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2011/11/04 02:29:17 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2011/11/04 02:29:17 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011/11/04 02:29:17 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/11/04 02:29:17 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll
[2011/11/04 02:29:17 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll
[2011/11/04 02:29:17 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2011/11/04 02:29:16 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011/11/04 02:29:16 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011/11/04 02:29:16 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iedkcs32.dll
[2011/11/04 02:29:16 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/11/04 02:29:16 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2011/11/04 02:29:16 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2011/11/04 02:29:16 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2011/11/04 02:29:16 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011/11/04 02:29:16 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011/11/04 02:29:16 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/11/04 02:29:16 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/11/04 02:29:16 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2011/11/04 02:29:16 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011/11/04 02:29:16 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/11/04 02:29:15 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\vbscript.dll
[2011/11/04 02:29:14 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.tlb
[2011/11/04 02:29:14 | 001,798,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll
[2011/11/04 02:29:14 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/11/04 02:29:14 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011/11/04 02:29:14 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011/11/04 02:29:14 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2011/11/04 02:29:14 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2011/11/04 02:29:13 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011/11/04 02:29:13 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2011/11/04 02:29:13 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2011/11/04 02:29:13 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/11/04 02:29:13 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\advpack.dll
[2011/11/04 02:29:13 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2011/11/04 02:29:13 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedsbs.dll
[2011/11/04 02:29:13 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll
[2011/11/04 02:29:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/11/04 02:29:10 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011/11/04 02:29:09 | 002,143,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
[2011/11/04 02:29:09 | 001,389,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[2011/11/04 02:29:09 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011/11/04 02:29:09 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011/11/04 02:29:09 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011/11/04 02:29:09 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011/11/04 02:29:09 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011/11/04 02:29:09 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/11/04 02:29:09 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshta.exe
[2011/11/04 02:29:08 | 002,309,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011/11/04 02:29:08 | 000,818,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011/11/04 02:29:08 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/11/04 02:29:08 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011/11/04 02:29:08 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/11/04 02:29:08 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advpack.dll
[2011/11/04 02:29:08 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011/11/04 02:29:08 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011/11/04 02:29:08 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011/11/04 02:29:08 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/11/04 02:29:08 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011/11/04 02:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011/11/04 02:29:08 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/11/04 02:29:07 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tdc.ocx
[2011/11/04 02:29:06 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011/11/04 02:29:06 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011/11/04 02:29:06 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011/11/04 02:29:06 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/11/04 02:29:06 | 000,403,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/11/04 02:29:06 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011/11/04 02:29:06 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/11/04 02:29:06 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/11/04 02:29:06 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/11/04 02:29:06 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icardie.dll
[2011/11/04 02:29:06 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2011/11/04 02:29:06 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/11/04 02:29:05 | 001,492,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/11/04 02:29:05 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/11/04 02:29:05 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011/11/04 02:29:05 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011/11/04 02:29:05 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011/11/04 02:29:05 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011/11/04 02:29:05 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmled.dll
[2011/11/04 02:29:05 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/11/04 02:29:03 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/11/04 02:29:03 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\occache.dll
[2011/11/04 02:29:03 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011/11/03 20:08:22 | 000,644,118 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/11/03 20:08:22 | 000,117,992 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/11/03 19:57:51 | 000,002,651 | ---- | M] () -- C:\Users\Owner\Desktop\Word.lnk
[2011/11/02 19:50:24 | 000,060,416 | -H-- | M] () -- C:\Windows\System32\igxpgman64.dll
[2011/11/01 14:48:29 | 000,510,976 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\Users\Owner\AppData\Local\TCPIPSys32.dll
[2011/10/26 22:04:34 | 000,038,400 | ---- | M] () -- C:\Users\Owner\Documents\MKTG 342 Questionnaires.doc
[2011/10/26 18:52:12 | 000,251,904 | ---- | M] (Microsoft Corporation) -- C:\Users\Owner\AppData\Local\SystemWMP.dll
[2011/10/22 12:39:36 | 000,029,184 | ---- | M] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/10/22 11:11:34 | 000,033,739 | ---- | M] () -- C:\Users\Owner\Desktop\Halloween Party.docx
[2011/10/16 11:40:52 | 000,305,984 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2011/11/04 02:29:16 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/11/04 02:29:06 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011/11/02 19:50:24 | 000,060,416 | -H-- | C] () -- C:\Windows\System32\igxpgman64.dll
[2011/10/26 22:04:33 | 000,038,400 | ---- | C] () -- C:\Users\Owner\Documents\MKTG 342 Questionnaires.doc
[2011/10/18 21:50:34 | 000,033,739 | ---- | C] () -- C:\Users\Owner\Desktop\Halloween Party.docx
[2011/06/16 19:50:13 | 000,437,692 | ---- | C] () -- C:\Users\Owner\AppData\Local\dd_vcredistMSI1840.txt
[2011/06/16 19:50:10 | 000,011,694 | ---- | C] () -- C:\Users\Owner\AppData\Local\dd_vcredistUI1840.txt
[2010/10/11 23:21:08 | 000,000,680 | ---- | C] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat
[2010/10/11 22:19:22 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010/05/13 21:36:23 | 000,029,184 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/19 10:53:50 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/09/19 10:52:13 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008/02/19 01:33:34 | 000,446,352 | ---- | C] () -- C:\Windows\SysWow64\OpenQuicktimeLib.dll
[2008/01/20 21:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006/11/02 10:02:31 | 000,197,632 | ---- | C] () -- C:\Windows\SysWow64\ir32_32.dll

========== LOP Check ==========

[2011/05/15 22:46:36 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Catalina Marketing Corp
[2010/10/25 23:33:39 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DAEMON Tools Lite
[2010/10/18 23:17:35 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ImgBurn
[2011/04/25 21:40:20 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ooVoo Details
[2011/04/09 21:22:14 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Red Kawa
[2011/10/04 21:41:06 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Smilebox
[2009/06/01 21:09:50 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\WildTangent
[2011/11/04 02:47:01 | 000,032,636 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

KenBrown2, Nov 6, 2011

#14
Broni Malware Annihilator Posts: 39,324 +175

Did you actually run the fix?

Broni, Nov 7, 2011

#15
KenBrown2 Newcomer, in training Posts: 59

Yes. I ran the fix and found no log....so I ran a scan again and posted it. Then I rebooted the computer (no luck starting into windows). so I booted with the disk again... Do I need to reboot before looking for the log file? (or running the scan again?)

KenBrown2, Nov 7, 2011

#16
Broni Malware Annihilator Posts: 39,324 +175

If you have Vista/7 DVD...

start with step 2

If you don't have Vista/7 DVD...

1. Create Vista/7 Recovery Disc.

Option 1 :
Vista: http://www.vistax64.com/tutorials/141820-create-recovery-disc.html (Option Two)
Windows 7: http://www.guidingtech.com/3816/system-repair-recovery-disc-windows-7/

Option 2:
Download Vista Recovery Disc iso image: http://digiex.net/downloads/downloa...6-windows-vista-32-bit-x86-recovery-disc.html
Download Windows 7 Recovery Disc iso image: http://digiex.net/downloads/downloa.../2659-windows-7-32-bit-x86-recovery-disc.html
Burn it to DVD: http://neosmart.net/wiki/display/G/Burning ISO Images to a CD or DVD

2. Boot from created disk. You may need to set the CD-Rom as first boot device if it isn't already (if you don't know how to do it, see HERE)

Vista users. At first screen click on Repair your computer:

Windows 7 users. At first screen click on Install now:

Select your language and click next:

Click the button for "Use recovery tools":

The following applies to both, Vista and Windows 7 users.

This will bring you to a new screen where the repair process will look for all Windows Vista/7 installations on your computer. When done you will be presented with the System Recovery Options dialog box:

After this, it will present you with a list of options including startup repair, system restore and command prompt:

Select Command Prompt

Type in:
bootrec /fixmbr (<--- there is a "space" after "bootrec")
and then press Enter

Once completed then type Exit, press Enter and restart computer.

See if you can boot normally now.

Broni, Nov 7, 2011

#17
KenBrown2 Newcomer, in training Posts: 59

Yes! I am able to get into windows normally. Although an error came up when my desktop came up

Title: "RunDLL"
Message: "Error Loading C:\Users\Owner\AppData\Local\Conduit\ConduitUpdate\Conduitup.dll

The specified module could not be found."

---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Update 1:
Also, I went away from my computer for about 50 minutes and I came back and a File Download had popped up. It states:

"Name: weirdvideos-173268-08-16-2009.mp4
Type: MPEG-4 Movie
From: media.podshow.com"

My options are to open, save, or cancel.
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Finally, there is a pop-up at the bottom of my screen stating this:

"Check you computer security
There are multiple security problems with your computer"

This hasn't popped up in the past, but we hadn't changed any security settings to cause it to pop up. Not sure if this is a real warning or a fake one.

Thanks again for all of your help. I will wait until you give direction before I do anything.

Ken
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Update 2:

Now the first message has disappeared, but I have two different messages.

1 - Windows host process (Rundll32) has stopped working
2 - What appears to be an email to craigslist.org about a single family house in bridgewater, nj

-Ken

KenBrown2, Nov 7, 2011

#18
Broni Malware Annihilator Posts: 39,324 +175

The most important thing is you can boot.
Now we'll try to sort things out....

Please, complete all steps listed here: http://www.techspot.com/vb/topic58138.html
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

Broni, Nov 7, 2011

#19
KenBrown2 Newcomer, in training Posts: 59

Malwarebytes

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8111

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

11/7/2011 10:43:35 PM
mbam-log-2011-11-07 (22-43-35).txt

Scan type: Quick scan
Objects scanned: 187260
Time elapsed: 8 minute(s), 21 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 4
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 6

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell.Gen) -> Value: Shell -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\GooglePolicyPolicy (Trojan.SHarpro.PGen) -> Value: GooglePolicyPolicy -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\YahooPartnerToolbar Update (Trojan.SHarpro.PGen) -> Value: YahooPartnerToolbar Update -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\WinRAR Update (Trojan.SHarpro.PGen) -> Value: WinRAR Update -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Windows\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Owner\AppData\Local\temp\thpm2538701745674011528.tmp (Exploit.Drop.3) -> Quarantined and deleted successfully.
c:\Users\Owner\AppData\Local\temp\thpm2833137803045707695.tmp (Exploit.Drop.3) -> Quarantined and deleted successfully.
c:\Users\Owner\AppData\Local\temp\thpm3698677889801561757.tmp (Exploit.Drop.3) -> Quarantined and deleted successfully.
c:\Users\Owner\AppData\Local\temp\thpm3778840307662886181.tmp (Exploit.Drop.3) -> Quarantined and deleted successfully.
c:\Users\Owner\AppData\Local\temp\thpm6598688767644920225.tmp (Exploit.Drop.3) -> Quarantined and deleted successfully.

GMER

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-11-07 23:50:30
Windows 6.0.6002 Service Pack 2
Running: x16w8n6q.exe

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001fe2f66c76
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x1F 0x91 0x01 0xD2 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x79 0x58 0xD9 0xA8 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x3C 0x31 0x1F 0x15 ...
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\001fe2f66c76 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x1F 0x91 0x01 0xD2 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x79 0x58 0xD9 0xA8 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x3C 0x31 0x1F 0x15 ...

---- EOF - GMER 1.0.15 ----

DDS

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_22
Run by Owner at 23:50:42 on 2011-11-07
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3960.2644 [GMT -5:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Acer\Preload\Command\AlaunchX\AlaunchX.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\ehome\ehtray.exe
C:\Users\Owner\AppData\Roaming\Smilebox\SmileboxTray.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\system32\svchost.exe -k HsfXAudioService
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.livingston.org/
mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=2&o=vp64&d=1008&m=mc7801u
uInternet Settings,ProxyOverride = *.local
mURLSearchHooks: H - No File
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {37153479-1976-43c3-a1ee-557513977b64} - No File
BHO: ooVoo Toolbar: {59c6f12b-f004-43e5-9997-08f2123119b6} - C:\Program Files (x86)\oovootoolbar\oovootoolbarX.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
TB: ooVoo Toolbar: {59c6f12b-f004-43e5-9997-08f2123119b6} - C:\Program Files (x86)\oovootoolbar\oovootoolbarX.dll
TB: {37153479-1976-43c3-a1ee-557513977b64} - No File
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
{7febefe3-6b19-4349-98d2-ffb09d4b49ca}
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
uRun: [SmileboxTray] "C:\Users\Owner\AppData\Roaming\Smilebox\SmileboxTray.exe"
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Trigger New Acer AlaunchX] c:\Acer\Preload\Command\AlaunchX\AppInRun.exe
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
mRunOnce: [New Acer AlaunchX] c:\Acer\Preload\Command\AlaunchX\LaunchAlaunchX.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos-beta/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.16.0.cab
TCP: DhcpNameServer = 167.206.245.130 167.206.245.129
TCP: Interfaces\{7C7D86A6-5962-483F-89BB-ED5F19941C31} : DhcpNameServer = 167.206.245.130 167.206.245.129
TCP: Interfaces\{9AC1704F-5238-42FA-AC76-6A1EF6B6BD72} : DhcpNameServer = 167.206.245.130 167.206.245.129
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll
BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO-X64: 0x1 - No File
BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO-X64: HP Print Enhancer - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: {37153479-1976-43c3-a1ee-557513977b64} - No File
BHO-X64: Coupons.com - No File
BHO-X64: ooVoo Toolbar: {59c6f12b-f004-43e5-9997-08f2123119b6} - C:\Program Files (x86)\oovootoolbar\oovootoolbarX.dll
BHO-X64: ooVoo Toolbar - No File
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
BHO-X64: HP Smart BHO Class - No File
TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
TB-X64: ooVoo Toolbar: {59c6f12b-f004-43e5-9997-08f2123119b6} - C:\Program Files (x86)\oovootoolbar\oovootoolbarX.dll
TB-X64: {37153479-1976-43c3-a1ee-557513977b64} - No File
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [Trigger New Acer AlaunchX] c:\Acer\Preload\Command\AlaunchX\AppInRun.exe
mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
mRunOnce-x64: [New Acer AlaunchX] c:\Acer\Preload\Command\AlaunchX\LaunchAlaunchX.exe
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\c8nzy25t.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://www.oovoostart.com/s/?src=FF-Address&site=Bing&cfg=2-201-0-0&engine_id=1&provider_id=1&product_id=201&country=US&q=
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 56364
FF - prefs.js: network.proxy.type - 1
FF - component: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\c8nzy25t.default\extensions\{59c6f12b-f004-43e5-9997-08f2123119b6}\components\dtTransparency.dll
FF - component: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\c8nzy25t.default\extensions\{59c6f12b-f004-43e5-9997-08f2123119b6}\components\dtTransparency3.5.dll
FF - component: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\c8nzy25t.default\extensions\{59c6f12b-f004-43e5-9997-08f2123119b6}\components\dtTransparency3.6.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol400.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol500.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - Ext: ooVooToolbar: {59c6f12b-f004-43e5-9997-08f2123119b6} - %profile%\extensions\{59c6f12b-f004-43e5-9997-08f2123119b6}
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-11-7 44768]
R2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 HsfXAudioService;HsfXAudioService;C:\Windows\system32\svchost.exe -k HsfXAudioService [2008-1-20 21504]
R3 CAXHWAZL;CAXHWAZL;C:\Windows\system32\DRIVERS\CAXHWAZL.sys --> C:\Windows\system32\DRIVERS\CAXHWAZL.sys [?]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;C:\Windows\system32\drivers\IntcHdmi.sys --> C:\Windows\system32\drivers\IntcHdmi.sys [?]
R3 NETwNv64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\NETwNv64.sys --> C:\Windows\system32\DRIVERS\NETwNv64.sys [?]
R3 O2MDRDR;O2MDRDR;C:\Windows\system32\DRIVERS\o2mdx64.sys --> C:\Windows\system32\DRIVERS\o2mdx64.sys [?]
R3 O2SDRDR;O2SDRDR;C:\Windows\system32\DRIVERS\o2sdx64.sys --> C:\Windows\system32\DRIVERS\o2sdx64.sys [?]
R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x64.sys --> C:\Windows\system32\DRIVERS\yk60x64.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-2-4 135664]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-2-4 135664]
S3 NETw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\NETw5v64.sys --> C:\Windows\system32\DRIVERS\NETw5v64.sys [?]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
S4 atashost;WebEx Service Host for Support Center;C:\Windows\SysWOW64\atashost.exe [2010-7-29 20376]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-9-19 89920]
S4 ETService;Empowering Technology Service;C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe [2008-10-4 24576]
.
=============== File Associations ===============
.
JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
2011-11-08 01:11:46 601944 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2011-11-08 01:07:02 65368 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2011-11-08 01:06:44 41184 ----a-w- C:\Windows\avastSS.scr
2011-11-07 03:15:05 -------- d-----w- C:\_OTL
2011-11-01 14:11:58 8570192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B7788402-BA3B-41B8-958A-358F0A2B4869}\mpengine.dll
2011-10-26 01:59:57 6144 ----a-w- C:\Program Files\Internet Explorer\iecompat.dll
2011-10-26 01:59:57 6144 ----a-w- C:\Program Files (x86)\Internet Explorer\iecompat.dll
.
==================== Find3M ====================
.
2011-09-06 13:56:50 2764288 ----a-w- C:\Windows\System32\win32k.sys
2011-08-31 22:00:50 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-08-25 16:20:38 735744 ----a-w- C:\Windows\System32\UIAutomationCore.dll
2011-08-25 16:19:32 847360 ----a-w- C:\Windows\System32\oleaut32.dll
2011-08-25 16:19:32 332288 ----a-w- C:\Windows\System32\oleacc.dll
2011-08-25 16:15:04 555520 ----a-w- C:\Windows\SysWow64\UIAutomationCore.dll
2011-08-25 16:14:01 563712 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2011-08-25 16:14:01 238080 ----a-w- C:\Windows\SysWow64\oleacc.dll
2011-08-25 13:54:14 4096 ----a-w- C:\Windows\System32\oleaccrc.dll
2011-08-25 13:31:01 4096 ----a-w- C:\Windows\SysWow64\oleaccrc.dll
.
============= FINISH: 23:51:59.70 ===============

Attach

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 10/4/2008 4:20:18 AM
System Uptime: 11/7/2011 10:45:35 PM (1 hours ago)
.
Motherboard: Gateway | |
Processor: Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz | uFCPGA2 | 800/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 144 GiB total, 63.11 GiB free.
D: is FIXED (NTFS) - 144 GiB total, 143.735 GiB free.
E: is CDROM (UDF)
F: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: HP Photosmart C6300
Device ID: ROOT\IMAGE\0000
Manufacturer: Hewlett-Packard
Name: HP Photosmart C6300
PNP Device ID: ROOT\IMAGE\0000
Service: StillCam
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: Deskjet F4500 series
Device ID: ROOT\IMAGE\0001
Manufacturer: HP
Name: Deskjet F4500 series
PNP Device ID: ROOT\IMAGE\0001
Service: StillCam
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Photosmart C6300 series
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Photosmart C6300 series
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Deskjet F4500 series
Device ID: ROOT\MULTIFUNCTION\0001
Manufacturer: HP
Name: Deskjet F4500 series
PNP Device ID: ROOT\MULTIFUNCTION\0001
Service:
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
3ivx MPEG-4 5.0.3 (remove only)
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.6
Apple Application Support
Apple Software Update
avast! Free Antivirus
AviSynth 2.5
BufferChm
C6300
C6300_Help
Camera Assistant Software for Gateway
Cards_Calendar_OrderGift_DoMorePlugout
Cisco Network Magic
Compatibility Pack for the 2007 Office system
Copy
Coupon Printer for Windows
Coupons.com Toolbar
CustomerResearchQFolder
CyberLink LabelPrint
CyberLink Power2Go
Destinations
DeviceDiscovery
DeviceManagementQFolder
DJ_AIO_06_F4500_SW_MIN
DocProc
DocProcQFolder
DriverBoost
ESET Online Scanner v3
eSupportQFolder
F4500
FlipShare
Free Convert to DIVX AVI WMV MP4 MPEG Converter 5.8
Gateway Games
Gateway Recovery Management
GearDrvs
Google Toolbar for Internet Explorer
Google Update Helper
GPBaseService
GPBaseService2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Photo Creations
HP Photosmart Essential 2.5
HP Update
HPPhotoGadget
HPPhotoSmartPhotobookWebPack1
HPProductAssistant
HPSSupply
ImgBurn
Java Auto Updater
Java(TM) 6 Update 22
Java(TM) 6 Update 5
Java(TM) 6 Update 7
K-Lite Codec Pack 6.4.0 (Basic)
Malwarebytes' Anti-Malware version 1.51.2.1300
MarketResearch
Marvell Miniport Driver
Microsoft Money Essentials
Microsoft Money Shared Libraries
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Mozilla Firefox (3.6.8)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Napster
Napster Burn Engine
Network Magic
ooVoo
ooVoo Toolbar
PanoStandAlone
PS_AIO_04_C6300_ProductContext
PS_AIO_04_C6300_Software
PS_AIO_04_C6300_Software_Min
PSSWCORE
Pure Networks Platform
QuickTime
Scan
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553074)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft Office Excel 2007 (KB2553073)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
SmartWebPrinting
Smilebox
SolutionCenter
Status
System Requirements Lab for Intel
Toolbox
TrayApp
UnloadSupport
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VideoToolkit01
VLC media player 0.9.2
WebEx Support Manager for Internet Explorer
WebReg
Wii Video 9 6
Windows Live Messenger
WinRAR archiver
WinZip 14.5
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
11/7/2011 2:17:17 AM, Error: EventLog [6008] - The previous system shutdown at 12:19:30 AM on 11/6/2011 was unexpected.
11/7/2011 10:47:23 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Beep
11/5/2011 3:20:29 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
11/5/2011 3:20:29 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/5/2011 3:20:29 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
11/4/2011 2:01:20 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.
11/4/2011 2:01:20 AM, Error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/4/2011 2:01:19 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
11/3/2011 8:14:11 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.108 for the Network Card with network address 00215D40C41C has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
11/3/2011 12:03:24 AM, Error: Service Control Manager [7034] - The HP Network Devices Support service terminated unexpectedly. It has done this 1 time(s).
11/2/2011 12:54:42 PM, Error: EventLog [6008] - The previous system shutdown at 12:48:22 PM on 11/2/2011 was unexpected.
11/2/2011 10:36:53 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer KEN-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{9AC1704F-5238-42FA-AC76-6A1EF6B6BD72}. The master browser is stopping or an election is being forced.
11/2/2011 10:36:50 PM, Error: netbt [4319] - A duplicate name has been detected on the TCP network. The IP address of the computer that sent the message is in the data. Use nbtstat -n in a command window to see which name is in the Conflict state.
11/1/2011 8:01:47 PM, Error: EventLog [6008] - The previous system shutdown at 3:50:28 PM on 11/1/2011 was unexpected.
11/1/2011 10:03:37 AM, Error: EventLog [6008] - The previous system shutdown at 6:57:02 AM on 10/27/2011 was unexpected.
.
==== End Of File ===========================

KenBrown2, Nov 8, 2011

#20

Page 1 of 2

Add New Comment

	Social Login & Guest Posting			TechSpot Members Login here or sign up for free, it takes about a minute.
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.