Solved Avg detected adware.generic and system restore doesn't get rid of it
- Thread starter dhreed82
- Start date
The log after everything was done off cd
MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: (build 7600), 64-bit
Base Board Manufacturer: Hewlett-Packard
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: HP Pavilion dv7 Notebook PC
Logical Drives Mask: 0x0000001c
Kernel Drivers (total 198):
0x02A4E000 \SystemRoot\system32\ntoskrnl.exe
0x02A05000 \SystemRoot\system32\hal.dll
0x00BAF000 \SystemRoot\system32\kdcom.dll
0x00CAB000 \SystemRoot\system32\mcupdate_AuthenticAMD.dll
0x00CB8000 \SystemRoot\system32\PSHED.dll
0x00CCC000 \SystemRoot\system32\CLFS.SYS
0x00D2A000 \SystemRoot\system32\CI.dll
0x00C00000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00DEA000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00E23000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x00E7A000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x00E83000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x00E8D000 \SystemRoot\system32\DRIVERS\pci.sys
0x00EC0000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x00ECD000 \SystemRoot\System32\drivers\partmgr.sys
0x00EE2000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00EEB000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00EF7000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x00F0C000 \SystemRoot\System32\drivers\volmgrx.sys
0x00F68000 \SystemRoot\System32\drivers\mountmgr.sys
0x00F82000 \SystemRoot\system32\DRIVERS\atapi.sys
0x00F8B000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x00FB5000 \SystemRoot\system32\DRIVERS\msahci.sys
0x00FC0000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x00FD0000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x010F7000 \SystemRoot\system32\drivers\fltmgr.sys
0x01143000 \SystemRoot\system32\drivers\fileinfo.sys
0x01211000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01157000 \SystemRoot\System32\Drivers\msrpc.sys
0x013B3000 \SystemRoot\System32\Drivers\ksecdd.sys
0x01000000 \SystemRoot\System32\Drivers\cng.sys
0x013CD000 \SystemRoot\System32\drivers\pcw.sys
0x013DE000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x0141C000 \SystemRoot\system32\drivers\ndis.sys
0x0150E000 \SystemRoot\system32\drivers\NETIO.SYS
0x0156E000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x01600000 \SystemRoot\System32\drivers\tcpip.sys
0x01599000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x01073000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x015E3000 \SystemRoot\System32\Drivers\spldr.sys
0x011B5000 \SystemRoot\System32\drivers\rdyboost.sys
0x015EB000 \SystemRoot\System32\Drivers\mup.sys
0x01400000 \SystemRoot\system32\DRIVERS\klbg.sys
0x0140E000 \SystemRoot\System32\drivers\hwpolicy.sys
0x013E8000 \SystemRoot\system32\DRIVERS\hpdskflt.sys
0x018E1000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x0191B000 \SystemRoot\system32\DRIVERS\disk.sys
0x01931000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x01961000 \SystemRoot\system32\DRIVERS\AtiPcie.sys
0x019A1000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x01800000 \SystemRoot\system32\DRIVERS\klif.sys
0x0185D000 \SystemRoot\System32\Drivers\Null.SYS
0x01866000 \SystemRoot\System32\Drivers\Beep.SYS
0x0186D000 \SystemRoot\System32\drivers\vga.sys
0x0187B000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x018A0000 \SystemRoot\System32\drivers\watchdog.sys
0x018B0000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x018B9000 \SystemRoot\system32\drivers\rdpencdd.sys
0x018C2000 \SystemRoot\system32\drivers\rdprefmp.sys
0x018CB000 \SystemRoot\System32\Drivers\Msfs.SYS
0x019CB000 \SystemRoot\System32\Drivers\Npfs.SYS
0x019DC000 \SystemRoot\system32\DRIVERS\tdx.sys
0x013F2000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x03E2E000 \SystemRoot\system32\DRIVERS\kl1.sys
0x04357000 \SystemRoot\System32\DRIVERS\netbt.sys
0x02C5F000 \SystemRoot\system32\drivers\afd.sys
0x02CE9000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x02CF2000 \SystemRoot\system32\DRIVERS\pacer.sys
0x02D18000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x02D2E000 \SystemRoot\system32\DRIVERS\klim6.sys
0x02D38000 \SystemRoot\system32\DRIVERS\netbios.sys
0x02D47000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x02D62000 \SystemRoot\system32\DRIVERS\termdd.sys
0x02D76000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x02DC7000 \SystemRoot\system32\drivers\nsiproxy.sys
0x02DD3000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x02DDE000 \SystemRoot\System32\drivers\discache.sys
0x02C00000 \SystemRoot\System32\Drivers\dfsc.sys
0x02C1E000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x02C2F000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x0439C000 \SystemRoot\system32\DRIVERS\amdppm.sys
0x043B1000 \SystemRoot\system32\DRIVERS\atikmpag.sys
0x048C7000 \SystemRoot\system32\DRIVERS\atipmdag.sys
0x0369D000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x03791000 \SystemRoot\System32\drivers\dxgmms1.sys
0x037D7000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x05043000 \SystemRoot\system32\DRIVERS\athrx.sys
0x0528D000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x052E6000 \SystemRoot\system32\DRIVERS\usbohci.sys
0x052F1000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x05347000 \SystemRoot\system32\DRIVERS\usbfilter.sys
0x05354000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x05365000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x05383000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x05392000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x053E5000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x053E7000 \SystemRoot\system32\DRIVERS\klmouflt.sys
0x053F1000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x05000000 \SystemRoot\system32\DRIVERS\Accelerometer.sys
0x0500C000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x05011000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x0501A000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x0502A000 \SystemRoot\system32\DRIVERS\clwvd.sys
0x03600000 \SystemRoot\system32\DRIVERS\ks.sys
0x05031000 \SystemRoot\system32\drivers\ksthunk.sys
0x03643000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x03659000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x05037000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x04F36000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x0367D000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x04F65000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x04F86000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x03698000 \SystemRoot\system32\DRIVERS\swenum.sys
0x04FA0000 \SystemRoot\system32\DRIVERS\circlass.sys
0x04FB2000 \SystemRoot\system32\DRIVERS\umbus.sys
0x04800000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x0485A000 \SystemRoot\System32\Drivers\fastfat.SYS
0x04890000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x04FC4000 \SystemRoot\system32\drivers\AtiHdmi.sys
0x064B4000 \SystemRoot\system32\drivers\portcls.sys
0x064F1000 \SystemRoot\system32\drivers\drmk.sys
0x06513000 \SystemRoot\system32\DRIVERS\stwrt64.sys
0x00060000 \SystemRoot\System32\win32k.sys
0x06595000 \SystemRoot\System32\drivers\Dxapi.sys
0x065A1000 \SystemRoot\system32\DRIVERS\WinUSB.sys
0x065B2000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x065CF000 \SystemRoot\System32\Drivers\usbvideo.sys
0x06400000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x0640E000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x06427000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x06430000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x0643D000 \SystemRoot\system32\DRIVERS\monitor.sys
0x0644B000 \SystemRoot\System32\Drivers\crashdmp.sys
0x06459000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x06465000 \SystemRoot\System32\Drivers\dump_msahci.sys
0x06470000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x00470000 \SystemRoot\System32\TSDDD.dll
0x00730000 \SystemRoot\System32\cdd.dll
0x00960000 \SystemRoot\System32\ATMFD.DLL
0x06483000 \SystemRoot\system32\drivers\luafv.sys
0x0529A000 \SystemRoot\system32\drivers\WudfPf.sys
0x052BB000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x028EA000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x0293D000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x02950000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x02800000 \SystemRoot\system32\drivers\HTTP.sys
0x028C8000 \SystemRoot\system32\DRIVERS\bowser.sys
0x02968000 \SystemRoot\System32\drivers\mpsdrv.sys
0x02980000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x029AD000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x03E00000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x0543A000 \??\C:\Windows\system32\Drivers\rikvm_C6F09094.sys
0x070C4000 \SystemRoot\system32\drivers\peauth.sys
0x0716A000 \SystemRoot\System32\Drivers\secdrv.SYS
0x07175000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x071A2000 \SystemRoot\System32\drivers\tcpipreg.sys
0x07000000 \SystemRoot\System32\DRIVERS\srv2.sys
0x074E9000 \SystemRoot\System32\DRIVERS\srv.sys
0x774F0000 \Windows\System32\ntdll.dll
0x482F0000 \Windows\System32\smss.exe
0xFF810000 \Windows\System32\apisetschema.dll
0xFF890000 \Windows\System32\autochk.exe
0xFF7D0000 \Windows\System32\imm32.dll
0xFF6A0000 \Windows\System32\wininet.dll
0xFF600000 \Windows\System32\msvcrt.dll
0xFE870000 \Windows\System32\shell32.dll
0xFE820000 \Windows\System32\ws2_32.dll
0xFE800000 \Windows\System32\sechost.dll
0xFE5A0000 \Windows\System32\iertutil.dll
0xFE490000 \Windows\System32\msctf.dll
0xFE480000 \Windows\System32\lpk.dll
0xFE460000 \Windows\System32\imagehlp.dll
0xFE410000 \Windows\System32\Wldap32.dll
0xFE290000 \Windows\System32\urlmon.dll
0xFE1F0000 \Windows\System32\clbcatq.dll
0xFE120000 \Windows\System32\usp10.dll
0x776C0000 \Windows\System32\normaliz.dll
0xFDF40000 \Windows\System32\setupapi.dll
0x773F0000 \Windows\System32\user32.dll
0xFDE60000 \Windows\System32\advapi32.dll
0xFDDE0000 \Windows\System32\difxapi.dll
0xFDBD0000 \Windows\System32\ole32.dll
0xFDB60000 \Windows\System32\gdi32.dll
0xFDA30000 \Windows\System32\rpcrt4.dll
0xFD9B0000 \Windows\System32\shlwapi.dll
0xFD910000 \Windows\System32\comdlg32.dll
0xFD900000 \Windows\System32\nsi.dll
0x772D0000 \Windows\System32\kernel32.dll
0x776B0000 \Windows\System32\psapi.dll
0xFD820000 \Windows\System32\oleaut32.dll
0xFD7B0000 \Windows\System32\KernelBase.dll
0xFD710000 \Windows\System32\comctl32.dll
0xFD6D0000 \Windows\System32\wintrust.dll
0xFD560000 \Windows\System32\crypt32.dll
0xFD540000 \Windows\System32\devobj.dll
0xFD500000 \Windows\System32\cfgmgr32.dll
0xFD4F0000 \Windows\System32\msasn1.dll
0x776A0000 \Windows\SysWOW64\normaliz.dll
Processes (total 69):
0 System Idle Process
4 System
332 C:\Windows\System32\smss.exe
432 csrss.exe
500 C:\Windows\System32\wininit.exe
532 csrss.exe
564 C:\Windows\System32\services.exe
580 C:\Windows\System32\lsass.exe
588 C:\Windows\System32\lsm.exe
664 C:\Windows\System32\winlogon.exe
740 C:\Windows\System32\svchost.exe
820 C:\Windows\System32\svchost.exe
884 C:\Windows\System32\atiesrxx.exe
944 C:\Windows\System32\svchost.exe
980 C:\Windows\System32\svchost.exe
1008 C:\Windows\System32\svchost.exe
360 C:\Program Files\IDT\WDM\stacsv64.exe
400 C:\Windows\System32\audiodg.exe
1108 C:\Windows\System32\svchost.exe
1160 C:\Windows\System32\hpservice.exe
1204 C:\Windows\System32\vcsFPService.exe
1268 C:\Windows\System32\svchost.exe
1360 C:\Windows\System32\wlanext.exe
1368 C:\Windows\System32\conhost.exe
1456 C:\Windows\System32\spoolsv.exe
1484 C:\Program Files\DigitalPersona\Bin\DpHostW.exe
1624 C:\Windows\System32\atieclxx.exe
1688 C:\Windows\System32\svchost.exe
1824 C:\Windows\System32\svchost.exe
1900 C:\Program Files\IDT\WDM\AESTSr64.exe
1928 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
1964 C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
1252 C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
1800 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
1096 C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
2116 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
2192 C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
2236 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
2440 C:\Windows\System32\taskhost.exe
2524 C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
2532 C:\Windows\System32\taskeng.exe
2556 C:\Windows\System32\dwm.exe
2608 C:\Windows\explorer.exe
2844 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
2856 C:\Program Files\IDT\WDM\sttray64.exe
2864 C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2916 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe
2960 C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
1548 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
2808 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
2392 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
2484 WmiPrvSE.exe
3068 C:\Program Files\DigitalPersona\Bin\DpAgent.exe
2776 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
3088 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
3712 C:\Windows\System32\taskeng.exe
3740 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
3820 C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
4016 C:\Windows\System32\SearchIndexer.exe
3316 C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
3336 C:\Windows\System32\svchost.exe
196 C:\Windows\System32\svchost.exe
1064 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
1580 C:\Program Files\Windows Media Player\wmpnetwk.exe
4344 C:\Windows\System32\SearchProtocolHost.exe
4392 C:\Windows\System32\SearchFilterHost.exe
4752 C:\Users\Dusty\Downloads\MBRCheck.exe
4760 C:\Windows\System32\conhost.exe
4824 C:\Windows\System32\dllhost.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`0c800000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x0000008f`f1c00000 (NTFS)
PhysicalDrive0 Model Number: ST9640320AS, Rev: 0001HPM1
Size Device Name MBR Status
--------------------------------------------
596 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79
Done!
MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: (build 7600), 64-bit
Base Board Manufacturer: Hewlett-Packard
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: HP Pavilion dv7 Notebook PC
Logical Drives Mask: 0x0000001c
Kernel Drivers (total 198):
0x02A4E000 \SystemRoot\system32\ntoskrnl.exe
0x02A05000 \SystemRoot\system32\hal.dll
0x00BAF000 \SystemRoot\system32\kdcom.dll
0x00CAB000 \SystemRoot\system32\mcupdate_AuthenticAMD.dll
0x00CB8000 \SystemRoot\system32\PSHED.dll
0x00CCC000 \SystemRoot\system32\CLFS.SYS
0x00D2A000 \SystemRoot\system32\CI.dll
0x00C00000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00DEA000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00E23000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x00E7A000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x00E83000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x00E8D000 \SystemRoot\system32\DRIVERS\pci.sys
0x00EC0000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x00ECD000 \SystemRoot\System32\drivers\partmgr.sys
0x00EE2000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00EEB000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00EF7000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x00F0C000 \SystemRoot\System32\drivers\volmgrx.sys
0x00F68000 \SystemRoot\System32\drivers\mountmgr.sys
0x00F82000 \SystemRoot\system32\DRIVERS\atapi.sys
0x00F8B000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x00FB5000 \SystemRoot\system32\DRIVERS\msahci.sys
0x00FC0000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x00FD0000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x010F7000 \SystemRoot\system32\drivers\fltmgr.sys
0x01143000 \SystemRoot\system32\drivers\fileinfo.sys
0x01211000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01157000 \SystemRoot\System32\Drivers\msrpc.sys
0x013B3000 \SystemRoot\System32\Drivers\ksecdd.sys
0x01000000 \SystemRoot\System32\Drivers\cng.sys
0x013CD000 \SystemRoot\System32\drivers\pcw.sys
0x013DE000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x0141C000 \SystemRoot\system32\drivers\ndis.sys
0x0150E000 \SystemRoot\system32\drivers\NETIO.SYS
0x0156E000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x01600000 \SystemRoot\System32\drivers\tcpip.sys
0x01599000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x01073000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x015E3000 \SystemRoot\System32\Drivers\spldr.sys
0x011B5000 \SystemRoot\System32\drivers\rdyboost.sys
0x015EB000 \SystemRoot\System32\Drivers\mup.sys
0x01400000 \SystemRoot\system32\DRIVERS\klbg.sys
0x0140E000 \SystemRoot\System32\drivers\hwpolicy.sys
0x013E8000 \SystemRoot\system32\DRIVERS\hpdskflt.sys
0x018E1000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x0191B000 \SystemRoot\system32\DRIVERS\disk.sys
0x01931000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x01961000 \SystemRoot\system32\DRIVERS\AtiPcie.sys
0x019A1000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x01800000 \SystemRoot\system32\DRIVERS\klif.sys
0x0185D000 \SystemRoot\System32\Drivers\Null.SYS
0x01866000 \SystemRoot\System32\Drivers\Beep.SYS
0x0186D000 \SystemRoot\System32\drivers\vga.sys
0x0187B000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x018A0000 \SystemRoot\System32\drivers\watchdog.sys
0x018B0000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x018B9000 \SystemRoot\system32\drivers\rdpencdd.sys
0x018C2000 \SystemRoot\system32\drivers\rdprefmp.sys
0x018CB000 \SystemRoot\System32\Drivers\Msfs.SYS
0x019CB000 \SystemRoot\System32\Drivers\Npfs.SYS
0x019DC000 \SystemRoot\system32\DRIVERS\tdx.sys
0x013F2000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x03E2E000 \SystemRoot\system32\DRIVERS\kl1.sys
0x04357000 \SystemRoot\System32\DRIVERS\netbt.sys
0x02C5F000 \SystemRoot\system32\drivers\afd.sys
0x02CE9000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x02CF2000 \SystemRoot\system32\DRIVERS\pacer.sys
0x02D18000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x02D2E000 \SystemRoot\system32\DRIVERS\klim6.sys
0x02D38000 \SystemRoot\system32\DRIVERS\netbios.sys
0x02D47000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x02D62000 \SystemRoot\system32\DRIVERS\termdd.sys
0x02D76000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x02DC7000 \SystemRoot\system32\drivers\nsiproxy.sys
0x02DD3000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x02DDE000 \SystemRoot\System32\drivers\discache.sys
0x02C00000 \SystemRoot\System32\Drivers\dfsc.sys
0x02C1E000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x02C2F000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x0439C000 \SystemRoot\system32\DRIVERS\amdppm.sys
0x043B1000 \SystemRoot\system32\DRIVERS\atikmpag.sys
0x048C7000 \SystemRoot\system32\DRIVERS\atipmdag.sys
0x0369D000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x03791000 \SystemRoot\System32\drivers\dxgmms1.sys
0x037D7000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x05043000 \SystemRoot\system32\DRIVERS\athrx.sys
0x0528D000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x052E6000 \SystemRoot\system32\DRIVERS\usbohci.sys
0x052F1000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x05347000 \SystemRoot\system32\DRIVERS\usbfilter.sys
0x05354000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x05365000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x05383000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x05392000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x053E5000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x053E7000 \SystemRoot\system32\DRIVERS\klmouflt.sys
0x053F1000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x05000000 \SystemRoot\system32\DRIVERS\Accelerometer.sys
0x0500C000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x05011000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x0501A000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x0502A000 \SystemRoot\system32\DRIVERS\clwvd.sys
0x03600000 \SystemRoot\system32\DRIVERS\ks.sys
0x05031000 \SystemRoot\system32\drivers\ksthunk.sys
0x03643000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x03659000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x05037000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x04F36000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x0367D000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x04F65000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x04F86000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x03698000 \SystemRoot\system32\DRIVERS\swenum.sys
0x04FA0000 \SystemRoot\system32\DRIVERS\circlass.sys
0x04FB2000 \SystemRoot\system32\DRIVERS\umbus.sys
0x04800000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x0485A000 \SystemRoot\System32\Drivers\fastfat.SYS
0x04890000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x04FC4000 \SystemRoot\system32\drivers\AtiHdmi.sys
0x064B4000 \SystemRoot\system32\drivers\portcls.sys
0x064F1000 \SystemRoot\system32\drivers\drmk.sys
0x06513000 \SystemRoot\system32\DRIVERS\stwrt64.sys
0x00060000 \SystemRoot\System32\win32k.sys
0x06595000 \SystemRoot\System32\drivers\Dxapi.sys
0x065A1000 \SystemRoot\system32\DRIVERS\WinUSB.sys
0x065B2000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x065CF000 \SystemRoot\System32\Drivers\usbvideo.sys
0x06400000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x0640E000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x06427000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x06430000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x0643D000 \SystemRoot\system32\DRIVERS\monitor.sys
0x0644B000 \SystemRoot\System32\Drivers\crashdmp.sys
0x06459000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x06465000 \SystemRoot\System32\Drivers\dump_msahci.sys
0x06470000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x00470000 \SystemRoot\System32\TSDDD.dll
0x00730000 \SystemRoot\System32\cdd.dll
0x00960000 \SystemRoot\System32\ATMFD.DLL
0x06483000 \SystemRoot\system32\drivers\luafv.sys
0x0529A000 \SystemRoot\system32\drivers\WudfPf.sys
0x052BB000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x028EA000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x0293D000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x02950000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x02800000 \SystemRoot\system32\drivers\HTTP.sys
0x028C8000 \SystemRoot\system32\DRIVERS\bowser.sys
0x02968000 \SystemRoot\System32\drivers\mpsdrv.sys
0x02980000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x029AD000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x03E00000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x0543A000 \??\C:\Windows\system32\Drivers\rikvm_C6F09094.sys
0x070C4000 \SystemRoot\system32\drivers\peauth.sys
0x0716A000 \SystemRoot\System32\Drivers\secdrv.SYS
0x07175000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x071A2000 \SystemRoot\System32\drivers\tcpipreg.sys
0x07000000 \SystemRoot\System32\DRIVERS\srv2.sys
0x074E9000 \SystemRoot\System32\DRIVERS\srv.sys
0x774F0000 \Windows\System32\ntdll.dll
0x482F0000 \Windows\System32\smss.exe
0xFF810000 \Windows\System32\apisetschema.dll
0xFF890000 \Windows\System32\autochk.exe
0xFF7D0000 \Windows\System32\imm32.dll
0xFF6A0000 \Windows\System32\wininet.dll
0xFF600000 \Windows\System32\msvcrt.dll
0xFE870000 \Windows\System32\shell32.dll
0xFE820000 \Windows\System32\ws2_32.dll
0xFE800000 \Windows\System32\sechost.dll
0xFE5A0000 \Windows\System32\iertutil.dll
0xFE490000 \Windows\System32\msctf.dll
0xFE480000 \Windows\System32\lpk.dll
0xFE460000 \Windows\System32\imagehlp.dll
0xFE410000 \Windows\System32\Wldap32.dll
0xFE290000 \Windows\System32\urlmon.dll
0xFE1F0000 \Windows\System32\clbcatq.dll
0xFE120000 \Windows\System32\usp10.dll
0x776C0000 \Windows\System32\normaliz.dll
0xFDF40000 \Windows\System32\setupapi.dll
0x773F0000 \Windows\System32\user32.dll
0xFDE60000 \Windows\System32\advapi32.dll
0xFDDE0000 \Windows\System32\difxapi.dll
0xFDBD0000 \Windows\System32\ole32.dll
0xFDB60000 \Windows\System32\gdi32.dll
0xFDA30000 \Windows\System32\rpcrt4.dll
0xFD9B0000 \Windows\System32\shlwapi.dll
0xFD910000 \Windows\System32\comdlg32.dll
0xFD900000 \Windows\System32\nsi.dll
0x772D0000 \Windows\System32\kernel32.dll
0x776B0000 \Windows\System32\psapi.dll
0xFD820000 \Windows\System32\oleaut32.dll
0xFD7B0000 \Windows\System32\KernelBase.dll
0xFD710000 \Windows\System32\comctl32.dll
0xFD6D0000 \Windows\System32\wintrust.dll
0xFD560000 \Windows\System32\crypt32.dll
0xFD540000 \Windows\System32\devobj.dll
0xFD500000 \Windows\System32\cfgmgr32.dll
0xFD4F0000 \Windows\System32\msasn1.dll
0x776A0000 \Windows\SysWOW64\normaliz.dll
Processes (total 69):
0 System Idle Process
4 System
332 C:\Windows\System32\smss.exe
432 csrss.exe
500 C:\Windows\System32\wininit.exe
532 csrss.exe
564 C:\Windows\System32\services.exe
580 C:\Windows\System32\lsass.exe
588 C:\Windows\System32\lsm.exe
664 C:\Windows\System32\winlogon.exe
740 C:\Windows\System32\svchost.exe
820 C:\Windows\System32\svchost.exe
884 C:\Windows\System32\atiesrxx.exe
944 C:\Windows\System32\svchost.exe
980 C:\Windows\System32\svchost.exe
1008 C:\Windows\System32\svchost.exe
360 C:\Program Files\IDT\WDM\stacsv64.exe
400 C:\Windows\System32\audiodg.exe
1108 C:\Windows\System32\svchost.exe
1160 C:\Windows\System32\hpservice.exe
1204 C:\Windows\System32\vcsFPService.exe
1268 C:\Windows\System32\svchost.exe
1360 C:\Windows\System32\wlanext.exe
1368 C:\Windows\System32\conhost.exe
1456 C:\Windows\System32\spoolsv.exe
1484 C:\Program Files\DigitalPersona\Bin\DpHostW.exe
1624 C:\Windows\System32\atieclxx.exe
1688 C:\Windows\System32\svchost.exe
1824 C:\Windows\System32\svchost.exe
1900 C:\Program Files\IDT\WDM\AESTSr64.exe
1928 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
1964 C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
1252 C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
1800 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
1096 C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
2116 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
2192 C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
2236 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
2440 C:\Windows\System32\taskhost.exe
2524 C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
2532 C:\Windows\System32\taskeng.exe
2556 C:\Windows\System32\dwm.exe
2608 C:\Windows\explorer.exe
2844 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
2856 C:\Program Files\IDT\WDM\sttray64.exe
2864 C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2916 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe
2960 C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
1548 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
2808 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
2392 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
2484 WmiPrvSE.exe
3068 C:\Program Files\DigitalPersona\Bin\DpAgent.exe
2776 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
3088 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
3712 C:\Windows\System32\taskeng.exe
3740 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
3820 C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
4016 C:\Windows\System32\SearchIndexer.exe
3316 C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
3336 C:\Windows\System32\svchost.exe
196 C:\Windows\System32\svchost.exe
1064 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
1580 C:\Program Files\Windows Media Player\wmpnetwk.exe
4344 C:\Windows\System32\SearchProtocolHost.exe
4392 C:\Windows\System32\SearchFilterHost.exe
4752 C:\Users\Dusty\Downloads\MBRCheck.exe
4760 C:\Windows\System32\conhost.exe
4824 C:\Windows\System32\dllhost.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`0c800000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x0000008f`f1c00000 (NTFS)
PhysicalDrive0 Model Number: ST9640320AS, Rev: 0001HPM1
Size Device Name MBR Status
--------------------------------------------
596 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79
Done!
Broni
Posts: 56,041 +517
Good job 
Download OTL to your Desktop.
netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /i " " /c
dir /b "%systemroot%\*.exe" | find /i " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
/md5stop
Download OTL to your Desktop.
- Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
- Under the Custom Scan box paste this in:
netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /i " " /c
dir /b "%systemroot%\*.exe" | find /i " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
/md5stop
- Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
OTL logfile created on: 12/7/2010 11:44:53 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Dusty\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 65.00% Memory free
7.00 Gb Paging File | 6.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 575.58 Gb Total Space | 514.25 Gb Free Space | 89.34% Space Free | Partition Type: NTFS
Drive D: | 20.29 Gb Total Space | 2.95 Gb Free Space | 14.54% Space Free | Partition Type: NTFS
Computer Name: DUSTY-HP | User Name: Dusty | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2010/12/07 23:37:15 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Dusty\Desktop\OTL.exe
PRC - [2010/11/30 17:02:35 | 000,991,800 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2010/10/09 19:12:28 | 000,340,520 | ---- | M] (Kaspersky Lab) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
PRC - [2010/07/23 11:56:02 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/06/29 20:00:08 | 000,027,192 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2010/06/29 19:58:04 | 000,602,168 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2010/06/24 23:32:50 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
PRC - [2010/06/12 19:06:08 | 000,400,368 | ---- | M] (CinemaNow, Inc.) -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
PRC - [2010/04/23 19:42:36 | 000,625,416 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
PRC - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
========== Modules (SafeList) ==========
MOD - [2010/12/07 23:37:15 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Dusty\Desktop\OTL.exe
MOD - [2010/08/20 23:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2010/06/18 17:26:18 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV:64bit: - [2010/06/09 03:06:18 | 000,258,048 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/04/23 19:42:40 | 000,445,192 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe -- (DpHost)
SRV:64bit: - [2010/04/16 08:09:00 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/02/23 08:38:54 | 002,192,176 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)
SRV:64bit: - [2009/07/13 19:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/08 13:49:02 | 000,030,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2009/03/03 04:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2010/10/09 19:12:28 | 000,340,520 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe -- (AVP)
SRV - [2010/07/23 11:56:02 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/06/29 21:51:12 | 000,245,232 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe -- (CLKMSVC10_C6F09094)
SRV - [2010/06/29 20:00:08 | 000,027,192 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2010/06/12 19:06:08 | 000,400,368 | ---- | M] (CinemaNow, Inc.) [Auto | Running] -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe -- (CinemaNow Service)
SRV - [2010/04/03 17:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/23 08:19:02 | 001,799,472 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2010/10/09 19:12:28 | 000,353,296 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2010/09/26 20:15:22 | 002,374,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/09/02 22:59:42 | 000,107,912 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/09/02 22:59:42 | 000,027,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/06/24 23:32:52 | 000,032,880 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/06/09 03:06:18 | 000,515,584 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/05/27 17:32:56 | 000,320,560 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/05/06 07:21:00 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/04/16 08:19:34 | 006,403,584 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/04/16 07:11:18 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/02/08 23:57:22 | 000,239,136 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/12/22 03:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009/11/27 19:45:06 | 000,295,424 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/10/14 22:18:38 | 000,040,464 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\klbg.sys -- (KLBG)
DRV:64bit: - [2009/10/02 20:39:32 | 000,021,008 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2009/09/14 15:46:42 | 000,027,152 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2009/09/01 16:29:56 | 000,157,712 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
DRV:64bit: - [2009/08/23 19:55:32 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/07/08 13:49:08 | 000,030,008 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2009/07/08 13:48:50 | 000,041,272 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2009/06/10 15:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 15:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 15:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 14:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 14:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 14:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 14:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: otis@digitalpersona.com:5.0.0.4375
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.736
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1167
FF - HKLM\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ [2010/12/04 22:31:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/12/04 22:35:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/12/06 10:12:05 | 000,000,000 | ---D | M]
[2010/11/02 03:05:28 | 000,000,000 | ---D | M] -- C:\Users\Dusty\AppData\Roaming\Mozilla\Extensions
[2010/12/04 16:27:15 | 000,000,000 | ---D | M] -- C:\Users\Dusty\AppData\Roaming\Mozilla\Firefox\Profiles\onq50cen.default\extensions
[2010/12/04 22:35:09 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Dusty\AppData\Roaming\Mozilla\Firefox\Profiles\onq50cen.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/12/04 22:31:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/12/04 22:31:16 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/12/04 22:31:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\x64\ievkbd.dll (Kaspersky Lab)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\x64\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [avp] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra Button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\x64\klwtbbho.dll (Kaspersky Lab)
O9:64bit: - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\x64\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\mzvkbd3.dll (Kaspersky Lab)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe) - C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe (DigitalPersona, Inc.)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\klogon: DllName - Reg Error: Key error. - C:\Windows\SysNative\klogon.dll (Kaspersky Lab)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.dvacm - c:\Program Files (x86)\Common Files\Ulead Systems\VIO\DVACM.acm (Corel TW Corp.)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2010/12/07 23:37:15 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Dusty\Desktop\OTL.exe
[2010/12/07 21:31:42 | 000,000,000 | ---D | C] -- C:\Users\Dusty\Desktop\NTBR_CD
[2010/12/07 16:10:19 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\Diagnostics
[2010/12/07 14:15:58 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/12/07 13:43:49 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Roaming\Malwarebytes
[2010/12/07 13:43:27 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/12/07 13:43:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/12/07 13:43:23 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/12/07 13:43:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/12/07 13:24:21 | 000,000,000 | ---D | C] -- C:\Users\Dusty\Desktop\UPDATED 8-step Viruses Spyware Malware Preliminary Removal Instructions - TechSpot OpenBoards_files
[2010/12/07 05:34:43 | 007,622,112 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Dusty\Desktop\mbam-setup-1.50.0.0.exe
[2010/12/07 00:14:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion
[2010/12/07 00:14:05 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Roaming\Yahoo!
[2010/12/06 22:40:10 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Roaming\AVG
[2010/12/06 21:54:10 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2010/12/06 17:43:47 | 000,439,808 | ---- | C] (Atheros) -- C:\Windows\SysNative\athihvs.dll
[2010/12/06 17:43:47 | 000,000,000 | ---D | C] -- C:\Windows\Options
[2010/12/06 00:14:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2010/12/05 22:09:12 | 000,000,000 | ---D | C] -- C:\Windows\en
[2010/12/05 22:05:07 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2010/12/05 22:05:07 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2010/12/05 22:05:06 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2010/12/05 22:05:06 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2010/12/05 21:53:02 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2010/12/05 21:53:02 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2010/12/05 21:53:01 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2010/12/05 21:53:01 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2010/12/05 21:53:01 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2010/12/05 21:53:00 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2010/12/05 21:53:00 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2010/12/05 21:48:07 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Roaming\AVG10
[2010/12/04 18:02:05 | 000,000,000 | ---D | C] -- C:\ProgramData\STOPzilla!
[2010/12/04 16:26:02 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\Apps
[2010/12/04 03:49:50 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2010/12/04 03:48:12 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10
[2010/12/04 03:46:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2010/12/04 03:35:49 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2010/12/04 02:14:53 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/12/02 15:29:45 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Roaming\Camfrog
[2010/12/02 15:29:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Camfrog
[2010/11/27 15:16:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kalypso
[2010/11/27 11:23:56 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010/11/27 11:20:43 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\Windows Live
[2010/11/23 13:00:53 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\Turbine
[2010/11/23 12:52:19 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\ApplicationHistory
[2010/11/23 12:22:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Turbine
[2010/11/23 08:37:03 | 000,000,000 | ---D | C] -- C:\ProgramData\LightScribe
[2010/11/23 07:55:45 | 000,000,000 | ---D | C] -- C:\Users\Dusty\Desktop\LOTRO Standard Res Install Files
[2010/11/23 07:55:24 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\PMB Files
[2010/11/23 07:55:23 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2010/11/23 07:55:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2010/11/21 22:10:45 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\Yahoo
[2010/11/21 22:09:15 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\Yahoo!
[2010/11/21 22:08:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2010/11/21 22:04:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo!
[2010/11/20 20:49:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Recovery
[2010/11/16 09:55:07 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\Adobe
[2010/11/15 17:33:43 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\HP MediaSmart Video
[2010/11/10 20:36:12 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Roaming\skypePM
[2010/11/10 20:35:02 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\Google
[2010/11/10 20:35:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2010/11/10 20:34:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2010/11/10 20:34:15 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2010/11/10 20:34:14 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Roaming\Skype
[2010/11/10 20:31:45 | 000,955,272 | ---- | C] (Skype Technologies S.A.) -- C:\Users\Dusty\Desktop\SkypeSetup.exe
========== Files - Modified Within 30 Days ==========
[2010/12/07 23:50:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/07 23:37:15 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Dusty\Desktop\OTL.exe
[2010/12/07 23:27:06 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/12/07 23:27:06 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/12/07 23:24:57 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/12/07 23:24:57 | 000,624,178 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/12/07 23:24:57 | 000,106,522 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/12/07 23:19:07 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/07 23:18:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/12/07 23:18:46 | 3015,888,896 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/07 21:28:14 | 002,565,432 | ---- | M] () -- C:\Users\Dusty\Desktop\NTBR_CD.exe
[2010/12/07 19:52:28 | 000,150,083 | ---- | M] () -- C:\Windows\SysNative\drivers\klin.dat
[2010/12/07 19:52:28 | 000,107,075 | ---- | M] () -- C:\Windows\SysNative\drivers\klick.dat
[2010/12/07 13:43:27 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/07 13:24:21 | 000,092,534 | ---- | M] () -- C:\Users\Dusty\Desktop\UPDATED 8-step Viruses Spyware Malware Preliminary Removal Instructions - TechSpot OpenBoards.htm
[2010/12/07 05:35:13 | 007,622,112 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Dusty\Desktop\mbam-setup-1.50.0.0.exe
[2010/12/07 00:13:38 | 000,001,165 | ---- | M] () -- C:\Users\Dusty\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2010/12/07 00:13:38 | 000,001,141 | ---- | M] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2010/12/06 22:38:33 | 000,001,181 | ---- | M] () -- C:\Users\Dusty\Desktop\AVG PC Tuneup 2011.lnk
[2010/12/06 22:00:22 | 001,236,032 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2010/12/06 21:53:50 | 000,507,360 | ---- | M] () -- C:\Users\Dusty\Desktop\sdsetup.exe
[2010/12/06 10:12:06 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/12/05 23:44:17 | 000,002,211 | ---- | M] () -- C:\Users\Dusty\Application Data\Microsoft\Internet Explorer\Quick Launch\Camfrog Video Chat 5.5.lnk
[2010/12/05 23:44:17 | 000,002,187 | ---- | M] () -- C:\Users\Dusty\Desktop\Camfrog Video Chat 5.5.lnk
[2010/12/05 21:32:11 | 000,002,344 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010/12/02 17:30:58 | 000,004,096 | ---- | M] () -- C:\Users\Public\Documents\000016CD.LCS
[2010/11/29 18:56:52 | 000,012,694 | ---- | M] () -- C:\Users\Dusty\Desktop\albertsons restart code.docx
[2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/11/29 17:42:06 | 000,024,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/11/23 13:00:55 | 000,000,093 | ---- | M] () -- C:\Users\Dusty\AppData\Local\fusioncache.dat
[2010/11/23 06:38:07 | 000,014,273 | ---- | M] () -- C:\Users\Dusty\Desktop\Alone Against the World.docx
[2010/11/16 09:59:39 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForDusty.job
[2010/11/15 22:24:20 | 000,085,575 | ---- | M] () -- C:\Users\Dusty\Desktop\Video call snapshot 3.png
[2010/11/15 19:05:46 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/11/14 22:26:42 | 000,265,645 | ---- | M] () -- C:\Users\Dusty\Desktop\IMG_0120.jpg
[2010/11/14 22:26:37 | 000,264,539 | ---- | M] () -- C:\Users\Dusty\Desktop\IMG_4970.jpg
[2010/11/14 21:50:57 | 000,137,240 | ---- | M] () -- C:\Users\Dusty\Desktop\IMG_7880.jpg
[2010/11/14 21:49:42 | 000,130,875 | ---- | M] () -- C:\Users\Dusty\Desktop\IMG_6911.jpg
[2010/11/10 20:41:59 | 000,002,243 | ---- | M] () -- C:\Users\Dusty\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/11/10 20:36:12 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010/11/10 20:32:00 | 000,955,272 | ---- | M] (Skype Technologies S.A.) -- C:\Users\Dusty\Desktop\SkypeSetup.exe
[2010/11/09 16:06:26 | 000,000,162 | -H-- | M] () -- C:\Users\Dusty\Desktop\~$sume Mar09b.doc
========== Files Created - No Company Name ==========
[2010/12/07 21:27:53 | 002,565,432 | ---- | C] () -- C:\Users\Dusty\Desktop\NTBR_CD.exe
[2010/12/07 13:43:27 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/07 13:24:18 | 000,092,534 | ---- | C] () -- C:\Users\Dusty\Desktop\UPDATED 8-step Viruses Spyware Malware Preliminary Removal Instructions - TechSpot OpenBoards.htm
[2010/12/07 00:13:38 | 000,001,165 | ---- | C] () -- C:\Users\Dusty\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2010/12/07 00:13:38 | 000,001,141 | ---- | C] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2010/12/06 22:38:33 | 000,001,181 | ---- | C] () -- C:\Users\Dusty\Desktop\AVG PC Tuneup 2011.lnk
[2010/12/06 22:00:01 | 001,236,032 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB
[2010/12/06 21:54:10 | 000,507,360 | ---- | C] () -- C:\Users\Dusty\Desktop\sdsetup.exe
[2010/12/05 23:44:17 | 000,002,211 | ---- | C] () -- C:\Users\Dusty\Application Data\Microsoft\Internet Explorer\Quick Launch\Camfrog Video Chat 5.5.lnk
[2010/12/05 23:44:17 | 000,002,187 | ---- | C] () -- C:\Users\Dusty\Desktop\Camfrog Video Chat 5.5.lnk
[2010/11/29 18:18:37 | 000,012,694 | ---- | C] () -- C:\Users\Dusty\Desktop\albertsons restart code.docx
[2010/11/29 18:01:19 | 000,004,096 | ---- | C] () -- C:\Users\Public\Documents\000016CD.LCS
[2010/11/23 13:00:55 | 000,000,093 | ---- | C] () -- C:\Users\Dusty\AppData\Local\fusioncache.dat
[2010/11/17 04:32:43 | 000,014,273 | ---- | C] () -- C:\Users\Dusty\Desktop\Alone Against the World.docx
[2010/11/16 11:26:39 | 000,002,014 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/11/15 22:23:52 | 000,085,575 | ---- | C] () -- C:\Users\Dusty\Desktop\Video call snapshot 3.png
[2010/11/15 18:32:42 | 000,000,332 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForDusty.job
[2010/11/14 20:25:24 | 000,265,645 | ---- | C] () -- C:\Users\Dusty\Desktop\IMG_0120.jpg
[2010/11/14 20:25:22 | 000,264,539 | ---- | C] () -- C:\Users\Dusty\Desktop\IMG_4970.jpg
[2010/11/14 19:38:58 | 000,130,875 | ---- | C] () -- C:\Users\Dusty\Desktop\IMG_6911.jpg
[2010/11/14 19:38:02 | 000,137,240 | ---- | C] () -- C:\Users\Dusty\Desktop\IMG_7880.jpg
[2010/11/10 20:41:59 | 000,002,344 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010/11/10 20:41:59 | 000,002,243 | ---- | C] () -- C:\Users\Dusty\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/11/10 20:36:12 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/11/10 20:35:10 | 000,000,896 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/11/10 20:35:09 | 000,000,892 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/11/10 20:34:16 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/11/09 16:06:26 | 000,000,162 | -H-- | C] () -- C:\Users\Dusty\Desktop\~$sume Mar09b.doc
[2010/09/14 03:25:30 | 000,000,105 | ---- | C] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
[2010/09/14 03:25:23 | 000,000,032 | ---- | C] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
[2010/09/14 03:25:08 | 000,000,032 | ---- | C] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
[2010/09/14 03:24:47 | 000,000,032 | ---- | C] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
[2010/09/14 03:24:05 | 000,000,032 | ---- | C] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
[2010/09/14 02:56:26 | 000,000,299 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini
[2010/09/14 02:56:26 | 000,000,240 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini
[2010/09/03 01:34:57 | 000,000,188 | ---- | C] () -- C:\Windows\SysWow64\HPWA.ini
[2010/09/03 00:34:18 | 000,000,186 | ---- | C] () -- C:\Windows\SysWow64\HP Documentation.ini
[2010/09/03 00:23:26 | 000,000,109 | ---- | C] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
[2010/09/03 00:19:28 | 000,000,110 | ---- | C] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
[2010/09/03 00:18:26 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2010/09/03 00:17:55 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[2010/02/09 19:58:12 | 000,012,800 | ---- | C] () -- C:\Windows\LPRES.DLL
[2009/07/13 17:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 15:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
========== Custom Scans ==========
< >
< * >
[2009/07/13 19:38:58 | 000,383,562 | RHS- | M] () -- \bootmgr
[2010/12/07 23:18:46 | 3015,888,896 | -HS- | M] () --
[2010/12/07 23:18:48 | 4021,186,560 | -HS- | M] () --
[2010/12/06 17:44:18 | 000,000,184 | ---- | M] () -- \setup.log
< %SYSTEMDRIVE%\*.* >
[2009/07/13 19:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2010/12/07 23:18:46 | 3015,888,896 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/07 23:18:48 | 4021,186,560 | -HS- | M] () -- C:\pagefile.sys
[2010/12/06 17:44:18 | 000,000,184 | ---- | M] () -- C:\setup.log
< %systemroot%\Fonts\*.com >
[2009/07/13 23:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/13 23:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/13 23:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/13 23:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2009/06/10 14:49:50 | 000,000,065 | -H-- | M] () -- C:\Windows\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
[2010/09/23 00:32:56 | 000,301,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
< %PROGRAMFILES%\*.* >
[2009/07/13 22:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< %systemroot%\System32\config\*.sav >
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2010/11/01 19:04:29 | 000,000,221 | -HS- | M] () -- C:\Users\Dusty\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
< %USERPROFILE%\Desktop\*.exe >
[2010/11/02 03:04:45 | 008,567,280 | ---- | M] (Mozilla) -- C:\Users\Dusty\Desktop\Firefox Setup 3.6.12.exe
[2010/12/07 05:35:13 | 007,622,112 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Dusty\Desktop\mbam-setup-1.50.0.0.exe
[2010/12/07 21:28:14 | 002,565,432 | ---- | M] () -- C:\Users\Dusty\Desktop\NTBR_CD.exe
[2010/12/07 23:37:15 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Dusty\Desktop\OTL.exe
[2010/12/06 21:53:50 | 000,507,360 | ---- | M] () -- C:\Users\Dusty\Desktop\sdsetup.exe
[2010/11/10 20:32:00 | 000,955,272 | ---- | M] (Skype Technologies S.A.) -- C:\Users\Dusty\Desktop\SkypeSetup.exe
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< %systemroot%\AppPatch\Custom\*.* >
< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >
< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >
< %PROGRAMFILES%\Internet Explorer\*.tmp >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %USERPROFILE%\My Documents\*.exe >
< %USERPROFILE%\*.exe >
< %systemroot%\ADDINS\*.* >
[2009/06/10 15:20:04 | 000,000,802 | ---- | M] () -- C:\Windows\addins\FXSEXT.ecf
< %systemroot%\assembly\*.bak2 >
< %systemroot%\Config\*.* >
< %systemroot%\REPAIR\*.bak2 >
< %systemroot%\SECURITY\Database\*.sdb /x >
< %systemroot%\SYSTEM\*.bak2 >
< %systemroot%\Web\*.bak2 >
< %systemroot%\Driver Cache\*.* >
< %PROGRAMFILES%\Mozilla Firefox\0*.exe >
< %ProgramFiles%\Microsoft Common\*.* >
< %ProgramFiles%\TinyProxy. >
< %USERPROFILE%\Favorites\*.url /x >
[2010/11/01 18:14:53 | 000,000,402 | -HS- | M] () -- C:\Users\Dusty\Favorites\desktop.ini
< %systemroot%\system32\*.bk >
< %systemroot%\*.te >
< %systemroot%\system32\system32\*.* >
< %ALLUSERSPROFILE%\*.dat /x >
[2010/09/14 03:25:23 | 000,000,032 | ---- | M] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
[2010/09/03 00:23:46 | 000,000,109 | ---- | M] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
[2010/09/14 03:24:47 | 000,000,032 | ---- | M] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
[2010/09/03 00:19:20 | 000,000,105 | ---- | M] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2010/09/14 03:24:05 | 000,000,032 | ---- | M] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
[2010/09/14 03:25:08 | 000,000,032 | ---- | M] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
[2010/09/03 00:18:19 | 000,000,107 | ---- | M] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[2010/09/03 00:23:20 | 000,000,110 | ---- | M] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
[2010/09/14 03:25:40 | 000,000,105 | ---- | M] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
< %systemroot%\system32\drivers\*.rmv >
< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >
< dir /b "%systemroot%\*.exe" | find /i " " /c >
< %PROGRAMFILES%\Microsoft\*.* >
< %systemroot%\System32\Wbem\proquota.exe >
< %PROGRAMFILES%\Mozilla Firefox\*.dat >
< %USERPROFILE%\Cookies\*.txt /x >
< %SystemRoot%\system32\fonts\*.* >
< %systemroot%\system32\winlog\*.* >
< %systemroot%\system32\Language\*.* >
< %systemroot%\system32\Settings\*.* >
< %systemroot%\system32\*.quo >
< %SYSTEMROOT%\AppPatch\*.exe >
< %SYSTEMROOT%\inf\*.exe >
< %SYSTEMROOT%\Installer\*.exe >
< %systemroot%\system32\config\*.bak2 >
< %systemroot%\system32\Computers\*.* >
< %SystemRoot%\system32\Sound\*.* >
< %SystemRoot%\system32\SpecialImg\*.* >
< %SystemRoot%\system32\code\*.* >
< %SystemRoot%\system32\draft\*.* >
< %SystemRoot%\system32\MSSSys\*.* >
< %ProgramFiles%\Javascript\*.* >
< %systemroot%\pchealth\helpctr\System\*.exe /s >
< %systemroot%\Web\*.exe >
< %systemroot%\system32\msn\*.* >
< %systemroot%\system32\*.tro >
< %AppData%\Microsoft\Installer\msupdates\*.* >
< %ProgramFiles%\Messenger\*.* >
< %systemroot%\system32\systhem32\*.* >
< %systemroot%\system\*.exe >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
< * >
[2009/07/13 19:38:58 | 000,383,562 | RHS- | M] () -- \bootmgr
[2010/12/07 23:18:46 | 3015,888,896 | -HS- | M] () --
[2010/12/07 23:18:48 | 4021,186,560 | -HS- | M] () --
[2010/12/06 17:44:18 | 000,000,184 | ---- | M] () -- \setup.log
========== Alternate Data Streams ==========
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:0B4227B4
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TempFC5A2B2
< End of report >
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Dusty\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 65.00% Memory free
7.00 Gb Paging File | 6.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 575.58 Gb Total Space | 514.25 Gb Free Space | 89.34% Space Free | Partition Type: NTFS
Drive D: | 20.29 Gb Total Space | 2.95 Gb Free Space | 14.54% Space Free | Partition Type: NTFS
Computer Name: DUSTY-HP | User Name: Dusty | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2010/12/07 23:37:15 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Dusty\Desktop\OTL.exe
PRC - [2010/11/30 17:02:35 | 000,991,800 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2010/10/09 19:12:28 | 000,340,520 | ---- | M] (Kaspersky Lab) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
PRC - [2010/07/23 11:56:02 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/06/29 20:00:08 | 000,027,192 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2010/06/29 19:58:04 | 000,602,168 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2010/06/24 23:32:50 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
PRC - [2010/06/12 19:06:08 | 000,400,368 | ---- | M] (CinemaNow, Inc.) -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
PRC - [2010/04/23 19:42:36 | 000,625,416 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
PRC - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
========== Modules (SafeList) ==========
MOD - [2010/12/07 23:37:15 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Dusty\Desktop\OTL.exe
MOD - [2010/08/20 23:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2010/06/18 17:26:18 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV:64bit: - [2010/06/09 03:06:18 | 000,258,048 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/04/23 19:42:40 | 000,445,192 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe -- (DpHost)
SRV:64bit: - [2010/04/16 08:09:00 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/02/23 08:38:54 | 002,192,176 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)
SRV:64bit: - [2009/07/13 19:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/08 13:49:02 | 000,030,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2009/03/03 04:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2010/10/09 19:12:28 | 000,340,520 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe -- (AVP)
SRV - [2010/07/23 11:56:02 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/06/29 21:51:12 | 000,245,232 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe -- (CLKMSVC10_C6F09094)
SRV - [2010/06/29 20:00:08 | 000,027,192 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2010/06/12 19:06:08 | 000,400,368 | ---- | M] (CinemaNow, Inc.) [Auto | Running] -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe -- (CinemaNow Service)
SRV - [2010/04/03 17:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/23 08:19:02 | 001,799,472 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2010/10/09 19:12:28 | 000,353,296 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2010/09/26 20:15:22 | 002,374,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/09/02 22:59:42 | 000,107,912 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/09/02 22:59:42 | 000,027,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/06/24 23:32:52 | 000,032,880 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/06/09 03:06:18 | 000,515,584 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/05/27 17:32:56 | 000,320,560 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/05/06 07:21:00 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/04/16 08:19:34 | 006,403,584 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/04/16 07:11:18 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/02/08 23:57:22 | 000,239,136 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/12/22 03:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009/11/27 19:45:06 | 000,295,424 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/10/14 22:18:38 | 000,040,464 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\klbg.sys -- (KLBG)
DRV:64bit: - [2009/10/02 20:39:32 | 000,021,008 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2009/09/14 15:46:42 | 000,027,152 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2009/09/01 16:29:56 | 000,157,712 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
DRV:64bit: - [2009/08/23 19:55:32 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/07/08 13:49:08 | 000,030,008 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2009/07/08 13:48:50 | 000,041,272 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2009/06/10 15:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 15:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 15:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 14:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 14:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 14:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 14:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: otis@digitalpersona.com:5.0.0.4375
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.736
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1167
FF - HKLM\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ [2010/12/04 22:31:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/12/04 22:35:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/12/06 10:12:05 | 000,000,000 | ---D | M]
[2010/11/02 03:05:28 | 000,000,000 | ---D | M] -- C:\Users\Dusty\AppData\Roaming\Mozilla\Extensions
[2010/12/04 16:27:15 | 000,000,000 | ---D | M] -- C:\Users\Dusty\AppData\Roaming\Mozilla\Firefox\Profiles\onq50cen.default\extensions
[2010/12/04 22:35:09 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Dusty\AppData\Roaming\Mozilla\Firefox\Profiles\onq50cen.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/12/04 22:31:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/12/04 22:31:16 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/12/04 22:31:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\x64\ievkbd.dll (Kaspersky Lab)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\x64\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [avp] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra Button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\x64\klwtbbho.dll (Kaspersky Lab)
O9:64bit: - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\x64\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\mzvkbd3.dll (Kaspersky Lab)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe) - C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe (DigitalPersona, Inc.)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\klogon: DllName - Reg Error: Key error. - C:\Windows\SysNative\klogon.dll (Kaspersky Lab)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.dvacm - c:\Program Files (x86)\Common Files\Ulead Systems\VIO\DVACM.acm (Corel TW Corp.)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2010/12/07 23:37:15 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Dusty\Desktop\OTL.exe
[2010/12/07 21:31:42 | 000,000,000 | ---D | C] -- C:\Users\Dusty\Desktop\NTBR_CD
[2010/12/07 16:10:19 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\Diagnostics
[2010/12/07 14:15:58 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/12/07 13:43:49 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Roaming\Malwarebytes
[2010/12/07 13:43:27 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/12/07 13:43:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/12/07 13:43:23 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/12/07 13:43:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/12/07 13:24:21 | 000,000,000 | ---D | C] -- C:\Users\Dusty\Desktop\UPDATED 8-step Viruses Spyware Malware Preliminary Removal Instructions - TechSpot OpenBoards_files
[2010/12/07 05:34:43 | 007,622,112 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Dusty\Desktop\mbam-setup-1.50.0.0.exe
[2010/12/07 00:14:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion
[2010/12/07 00:14:05 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Roaming\Yahoo!
[2010/12/06 22:40:10 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Roaming\AVG
[2010/12/06 21:54:10 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2010/12/06 17:43:47 | 000,439,808 | ---- | C] (Atheros) -- C:\Windows\SysNative\athihvs.dll
[2010/12/06 17:43:47 | 000,000,000 | ---D | C] -- C:\Windows\Options
[2010/12/06 00:14:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2010/12/05 22:09:12 | 000,000,000 | ---D | C] -- C:\Windows\en
[2010/12/05 22:05:07 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2010/12/05 22:05:07 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2010/12/05 22:05:06 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2010/12/05 22:05:06 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2010/12/05 21:53:02 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2010/12/05 21:53:02 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2010/12/05 21:53:01 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2010/12/05 21:53:01 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2010/12/05 21:53:01 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2010/12/05 21:53:00 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2010/12/05 21:53:00 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2010/12/05 21:48:07 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Roaming\AVG10
[2010/12/04 18:02:05 | 000,000,000 | ---D | C] -- C:\ProgramData\STOPzilla!
[2010/12/04 16:26:02 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\Apps
[2010/12/04 03:49:50 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2010/12/04 03:48:12 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10
[2010/12/04 03:46:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2010/12/04 03:35:49 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2010/12/04 02:14:53 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/12/02 15:29:45 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Roaming\Camfrog
[2010/12/02 15:29:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Camfrog
[2010/11/27 15:16:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kalypso
[2010/11/27 11:23:56 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010/11/27 11:20:43 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\Windows Live
[2010/11/23 13:00:53 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\Turbine
[2010/11/23 12:52:19 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\ApplicationHistory
[2010/11/23 12:22:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Turbine
[2010/11/23 08:37:03 | 000,000,000 | ---D | C] -- C:\ProgramData\LightScribe
[2010/11/23 07:55:45 | 000,000,000 | ---D | C] -- C:\Users\Dusty\Desktop\LOTRO Standard Res Install Files
[2010/11/23 07:55:24 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\PMB Files
[2010/11/23 07:55:23 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2010/11/23 07:55:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2010/11/21 22:10:45 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\Yahoo
[2010/11/21 22:09:15 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\Yahoo!
[2010/11/21 22:08:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2010/11/21 22:04:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo!
[2010/11/20 20:49:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Recovery
[2010/11/16 09:55:07 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\Adobe
[2010/11/15 17:33:43 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\HP MediaSmart Video
[2010/11/10 20:36:12 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Roaming\skypePM
[2010/11/10 20:35:02 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\Google
[2010/11/10 20:35:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2010/11/10 20:34:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2010/11/10 20:34:15 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2010/11/10 20:34:14 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Roaming\Skype
[2010/11/10 20:31:45 | 000,955,272 | ---- | C] (Skype Technologies S.A.) -- C:\Users\Dusty\Desktop\SkypeSetup.exe
========== Files - Modified Within 30 Days ==========
[2010/12/07 23:50:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/07 23:37:15 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Dusty\Desktop\OTL.exe
[2010/12/07 23:27:06 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/12/07 23:27:06 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/12/07 23:24:57 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/12/07 23:24:57 | 000,624,178 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/12/07 23:24:57 | 000,106,522 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/12/07 23:19:07 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/07 23:18:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/12/07 23:18:46 | 3015,888,896 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/07 21:28:14 | 002,565,432 | ---- | M] () -- C:\Users\Dusty\Desktop\NTBR_CD.exe
[2010/12/07 19:52:28 | 000,150,083 | ---- | M] () -- C:\Windows\SysNative\drivers\klin.dat
[2010/12/07 19:52:28 | 000,107,075 | ---- | M] () -- C:\Windows\SysNative\drivers\klick.dat
[2010/12/07 13:43:27 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/07 13:24:21 | 000,092,534 | ---- | M] () -- C:\Users\Dusty\Desktop\UPDATED 8-step Viruses Spyware Malware Preliminary Removal Instructions - TechSpot OpenBoards.htm
[2010/12/07 05:35:13 | 007,622,112 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Dusty\Desktop\mbam-setup-1.50.0.0.exe
[2010/12/07 00:13:38 | 000,001,165 | ---- | M] () -- C:\Users\Dusty\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2010/12/07 00:13:38 | 000,001,141 | ---- | M] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2010/12/06 22:38:33 | 000,001,181 | ---- | M] () -- C:\Users\Dusty\Desktop\AVG PC Tuneup 2011.lnk
[2010/12/06 22:00:22 | 001,236,032 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2010/12/06 21:53:50 | 000,507,360 | ---- | M] () -- C:\Users\Dusty\Desktop\sdsetup.exe
[2010/12/06 10:12:06 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/12/05 23:44:17 | 000,002,211 | ---- | M] () -- C:\Users\Dusty\Application Data\Microsoft\Internet Explorer\Quick Launch\Camfrog Video Chat 5.5.lnk
[2010/12/05 23:44:17 | 000,002,187 | ---- | M] () -- C:\Users\Dusty\Desktop\Camfrog Video Chat 5.5.lnk
[2010/12/05 21:32:11 | 000,002,344 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010/12/02 17:30:58 | 000,004,096 | ---- | M] () -- C:\Users\Public\Documents\000016CD.LCS
[2010/11/29 18:56:52 | 000,012,694 | ---- | M] () -- C:\Users\Dusty\Desktop\albertsons restart code.docx
[2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/11/29 17:42:06 | 000,024,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/11/23 13:00:55 | 000,000,093 | ---- | M] () -- C:\Users\Dusty\AppData\Local\fusioncache.dat
[2010/11/23 06:38:07 | 000,014,273 | ---- | M] () -- C:\Users\Dusty\Desktop\Alone Against the World.docx
[2010/11/16 09:59:39 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForDusty.job
[2010/11/15 22:24:20 | 000,085,575 | ---- | M] () -- C:\Users\Dusty\Desktop\Video call snapshot 3.png
[2010/11/15 19:05:46 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/11/14 22:26:42 | 000,265,645 | ---- | M] () -- C:\Users\Dusty\Desktop\IMG_0120.jpg
[2010/11/14 22:26:37 | 000,264,539 | ---- | M] () -- C:\Users\Dusty\Desktop\IMG_4970.jpg
[2010/11/14 21:50:57 | 000,137,240 | ---- | M] () -- C:\Users\Dusty\Desktop\IMG_7880.jpg
[2010/11/14 21:49:42 | 000,130,875 | ---- | M] () -- C:\Users\Dusty\Desktop\IMG_6911.jpg
[2010/11/10 20:41:59 | 000,002,243 | ---- | M] () -- C:\Users\Dusty\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/11/10 20:36:12 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010/11/10 20:32:00 | 000,955,272 | ---- | M] (Skype Technologies S.A.) -- C:\Users\Dusty\Desktop\SkypeSetup.exe
[2010/11/09 16:06:26 | 000,000,162 | -H-- | M] () -- C:\Users\Dusty\Desktop\~$sume Mar09b.doc
========== Files Created - No Company Name ==========
[2010/12/07 21:27:53 | 002,565,432 | ---- | C] () -- C:\Users\Dusty\Desktop\NTBR_CD.exe
[2010/12/07 13:43:27 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/07 13:24:18 | 000,092,534 | ---- | C] () -- C:\Users\Dusty\Desktop\UPDATED 8-step Viruses Spyware Malware Preliminary Removal Instructions - TechSpot OpenBoards.htm
[2010/12/07 00:13:38 | 000,001,165 | ---- | C] () -- C:\Users\Dusty\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2010/12/07 00:13:38 | 000,001,141 | ---- | C] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2010/12/06 22:38:33 | 000,001,181 | ---- | C] () -- C:\Users\Dusty\Desktop\AVG PC Tuneup 2011.lnk
[2010/12/06 22:00:01 | 001,236,032 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB
[2010/12/06 21:54:10 | 000,507,360 | ---- | C] () -- C:\Users\Dusty\Desktop\sdsetup.exe
[2010/12/05 23:44:17 | 000,002,211 | ---- | C] () -- C:\Users\Dusty\Application Data\Microsoft\Internet Explorer\Quick Launch\Camfrog Video Chat 5.5.lnk
[2010/12/05 23:44:17 | 000,002,187 | ---- | C] () -- C:\Users\Dusty\Desktop\Camfrog Video Chat 5.5.lnk
[2010/11/29 18:18:37 | 000,012,694 | ---- | C] () -- C:\Users\Dusty\Desktop\albertsons restart code.docx
[2010/11/29 18:01:19 | 000,004,096 | ---- | C] () -- C:\Users\Public\Documents\000016CD.LCS
[2010/11/23 13:00:55 | 000,000,093 | ---- | C] () -- C:\Users\Dusty\AppData\Local\fusioncache.dat
[2010/11/17 04:32:43 | 000,014,273 | ---- | C] () -- C:\Users\Dusty\Desktop\Alone Against the World.docx
[2010/11/16 11:26:39 | 000,002,014 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/11/15 22:23:52 | 000,085,575 | ---- | C] () -- C:\Users\Dusty\Desktop\Video call snapshot 3.png
[2010/11/15 18:32:42 | 000,000,332 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForDusty.job
[2010/11/14 20:25:24 | 000,265,645 | ---- | C] () -- C:\Users\Dusty\Desktop\IMG_0120.jpg
[2010/11/14 20:25:22 | 000,264,539 | ---- | C] () -- C:\Users\Dusty\Desktop\IMG_4970.jpg
[2010/11/14 19:38:58 | 000,130,875 | ---- | C] () -- C:\Users\Dusty\Desktop\IMG_6911.jpg
[2010/11/14 19:38:02 | 000,137,240 | ---- | C] () -- C:\Users\Dusty\Desktop\IMG_7880.jpg
[2010/11/10 20:41:59 | 000,002,344 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010/11/10 20:41:59 | 000,002,243 | ---- | C] () -- C:\Users\Dusty\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/11/10 20:36:12 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/11/10 20:35:10 | 000,000,896 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/11/10 20:35:09 | 000,000,892 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/11/10 20:34:16 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/11/09 16:06:26 | 000,000,162 | -H-- | C] () -- C:\Users\Dusty\Desktop\~$sume Mar09b.doc
[2010/09/14 03:25:30 | 000,000,105 | ---- | C] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
[2010/09/14 03:25:23 | 000,000,032 | ---- | C] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
[2010/09/14 03:25:08 | 000,000,032 | ---- | C] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
[2010/09/14 03:24:47 | 000,000,032 | ---- | C] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
[2010/09/14 03:24:05 | 000,000,032 | ---- | C] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
[2010/09/14 02:56:26 | 000,000,299 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini
[2010/09/14 02:56:26 | 000,000,240 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini
[2010/09/03 01:34:57 | 000,000,188 | ---- | C] () -- C:\Windows\SysWow64\HPWA.ini
[2010/09/03 00:34:18 | 000,000,186 | ---- | C] () -- C:\Windows\SysWow64\HP Documentation.ini
[2010/09/03 00:23:26 | 000,000,109 | ---- | C] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
[2010/09/03 00:19:28 | 000,000,110 | ---- | C] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
[2010/09/03 00:18:26 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2010/09/03 00:17:55 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[2010/02/09 19:58:12 | 000,012,800 | ---- | C] () -- C:\Windows\LPRES.DLL
[2009/07/13 17:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 15:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
========== Custom Scans ==========
< >
< * >
[2009/07/13 19:38:58 | 000,383,562 | RHS- | M] () -- \bootmgr
[2010/12/07 23:18:46 | 3015,888,896 | -HS- | M] () --
[2010/12/07 23:18:48 | 4021,186,560 | -HS- | M] () --
[2010/12/06 17:44:18 | 000,000,184 | ---- | M] () -- \setup.log
< %SYSTEMDRIVE%\*.* >
[2009/07/13 19:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2010/12/07 23:18:46 | 3015,888,896 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/07 23:18:48 | 4021,186,560 | -HS- | M] () -- C:\pagefile.sys
[2010/12/06 17:44:18 | 000,000,184 | ---- | M] () -- C:\setup.log
< %systemroot%\Fonts\*.com >
[2009/07/13 23:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/13 23:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/13 23:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/13 23:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2009/06/10 14:49:50 | 000,000,065 | -H-- | M] () -- C:\Windows\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
[2010/09/23 00:32:56 | 000,301,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
< %PROGRAMFILES%\*.* >
[2009/07/13 22:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< %systemroot%\System32\config\*.sav >
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2010/11/01 19:04:29 | 000,000,221 | -HS- | M] () -- C:\Users\Dusty\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
< %USERPROFILE%\Desktop\*.exe >
[2010/11/02 03:04:45 | 008,567,280 | ---- | M] (Mozilla) -- C:\Users\Dusty\Desktop\Firefox Setup 3.6.12.exe
[2010/12/07 05:35:13 | 007,622,112 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Dusty\Desktop\mbam-setup-1.50.0.0.exe
[2010/12/07 21:28:14 | 002,565,432 | ---- | M] () -- C:\Users\Dusty\Desktop\NTBR_CD.exe
[2010/12/07 23:37:15 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Dusty\Desktop\OTL.exe
[2010/12/06 21:53:50 | 000,507,360 | ---- | M] () -- C:\Users\Dusty\Desktop\sdsetup.exe
[2010/11/10 20:32:00 | 000,955,272 | ---- | M] (Skype Technologies S.A.) -- C:\Users\Dusty\Desktop\SkypeSetup.exe
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< %systemroot%\AppPatch\Custom\*.* >
< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >
< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >
< %PROGRAMFILES%\Internet Explorer\*.tmp >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %USERPROFILE%\My Documents\*.exe >
< %USERPROFILE%\*.exe >
< %systemroot%\ADDINS\*.* >
[2009/06/10 15:20:04 | 000,000,802 | ---- | M] () -- C:\Windows\addins\FXSEXT.ecf
< %systemroot%\assembly\*.bak2 >
< %systemroot%\Config\*.* >
< %systemroot%\REPAIR\*.bak2 >
< %systemroot%\SECURITY\Database\*.sdb /x >
< %systemroot%\SYSTEM\*.bak2 >
< %systemroot%\Web\*.bak2 >
< %systemroot%\Driver Cache\*.* >
< %PROGRAMFILES%\Mozilla Firefox\0*.exe >
< %ProgramFiles%\Microsoft Common\*.* >
< %ProgramFiles%\TinyProxy. >
< %USERPROFILE%\Favorites\*.url /x >
[2010/11/01 18:14:53 | 000,000,402 | -HS- | M] () -- C:\Users\Dusty\Favorites\desktop.ini
< %systemroot%\system32\*.bk >
< %systemroot%\*.te >
< %systemroot%\system32\system32\*.* >
< %ALLUSERSPROFILE%\*.dat /x >
[2010/09/14 03:25:23 | 000,000,032 | ---- | M] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
[2010/09/03 00:23:46 | 000,000,109 | ---- | M] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
[2010/09/14 03:24:47 | 000,000,032 | ---- | M] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
[2010/09/03 00:19:20 | 000,000,105 | ---- | M] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2010/09/14 03:24:05 | 000,000,032 | ---- | M] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
[2010/09/14 03:25:08 | 000,000,032 | ---- | M] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
[2010/09/03 00:18:19 | 000,000,107 | ---- | M] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[2010/09/03 00:23:20 | 000,000,110 | ---- | M] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
[2010/09/14 03:25:40 | 000,000,105 | ---- | M] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
< %systemroot%\system32\drivers\*.rmv >
< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >
< dir /b "%systemroot%\*.exe" | find /i " " /c >
< %PROGRAMFILES%\Microsoft\*.* >
< %systemroot%\System32\Wbem\proquota.exe >
< %PROGRAMFILES%\Mozilla Firefox\*.dat >
< %USERPROFILE%\Cookies\*.txt /x >
< %SystemRoot%\system32\fonts\*.* >
< %systemroot%\system32\winlog\*.* >
< %systemroot%\system32\Language\*.* >
< %systemroot%\system32\Settings\*.* >
< %systemroot%\system32\*.quo >
< %SYSTEMROOT%\AppPatch\*.exe >
< %SYSTEMROOT%\inf\*.exe >
< %SYSTEMROOT%\Installer\*.exe >
< %systemroot%\system32\config\*.bak2 >
< %systemroot%\system32\Computers\*.* >
< %SystemRoot%\system32\Sound\*.* >
< %SystemRoot%\system32\SpecialImg\*.* >
< %SystemRoot%\system32\code\*.* >
< %SystemRoot%\system32\draft\*.* >
< %SystemRoot%\system32\MSSSys\*.* >
< %ProgramFiles%\Javascript\*.* >
< %systemroot%\pchealth\helpctr\System\*.exe /s >
< %systemroot%\Web\*.exe >
< %systemroot%\system32\msn\*.* >
< %systemroot%\system32\*.tro >
< %AppData%\Microsoft\Installer\msupdates\*.* >
< %ProgramFiles%\Messenger\*.* >
< %systemroot%\system32\systhem32\*.* >
< %systemroot%\system\*.exe >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
< * >
[2009/07/13 19:38:58 | 000,383,562 | RHS- | M] () -- \bootmgr
[2010/12/07 23:18:46 | 3015,888,896 | -HS- | M] () --
[2010/12/07 23:18:48 | 4021,186,560 | -HS- | M] () --
[2010/12/06 17:44:18 | 000,000,184 | ---- | M] () -- \setup.log
========== Alternate Data Streams ==========
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:0B4227B4
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp
FC5A2B2< End of report >
OLT.txt from Run Scan not quick scan
OTL logfile created on: 12/7/2010 11:44:53 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Dusty\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 65.00% Memory free
7.00 Gb Paging File | 6.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 575.58 Gb Total Space | 514.25 Gb Free Space | 89.34% Space Free | Partition Type: NTFS
Drive D: | 20.29 Gb Total Space | 2.95 Gb Free Space | 14.54% Space Free | Partition Type: NTFS
Computer Name: DUSTY-HP | User Name: Dusty | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2010/12/07 23:37:15 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Dusty\Desktop\OTL.exe
PRC - [2010/11/30 17:02:35 | 000,991,800 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2010/10/09 19:12:28 | 000,340,520 | ---- | M] (Kaspersky Lab) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
PRC - [2010/07/23 11:56:02 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/06/29 20:00:08 | 000,027,192 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2010/06/29 19:58:04 | 000,602,168 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2010/06/24 23:32:50 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
PRC - [2010/06/12 19:06:08 | 000,400,368 | ---- | M] (CinemaNow, Inc.) -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
PRC - [2010/04/23 19:42:36 | 000,625,416 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
PRC - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
========== Modules (SafeList) ==========
MOD - [2010/12/07 23:37:15 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Dusty\Desktop\OTL.exe
MOD - [2010/08/20 23:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2010/06/18 17:26:18 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV:64bit: - [2010/06/09 03:06:18 | 000,258,048 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/04/23 19:42:40 | 000,445,192 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe -- (DpHost)
SRV:64bit: - [2010/04/16 08:09:00 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/02/23 08:38:54 | 002,192,176 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)
SRV:64bit: - [2009/07/13 19:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/08 13:49:02 | 000,030,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2009/03/03 04:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2010/10/09 19:12:28 | 000,340,520 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe -- (AVP)
SRV - [2010/07/23 11:56:02 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/06/29 21:51:12 | 000,245,232 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe -- (CLKMSVC10_C6F09094)
SRV - [2010/06/29 20:00:08 | 000,027,192 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2010/06/12 19:06:08 | 000,400,368 | ---- | M] (CinemaNow, Inc.) [Auto | Running] -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe -- (CinemaNow Service)
SRV - [2010/04/03 17:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/23 08:19:02 | 001,799,472 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2010/10/09 19:12:28 | 000,353,296 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2010/09/26 20:15:22 | 002,374,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/09/02 22:59:42 | 000,107,912 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/09/02 22:59:42 | 000,027,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/06/24 23:32:52 | 000,032,880 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/06/09 03:06:18 | 000,515,584 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/05/27 17:32:56 | 000,320,560 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/05/06 07:21:00 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/04/16 08:19:34 | 006,403,584 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/04/16 07:11:18 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/02/08 23:57:22 | 000,239,136 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/12/22 03:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009/11/27 19:45:06 | 000,295,424 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/10/14 22:18:38 | 000,040,464 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\klbg.sys -- (KLBG)
DRV:64bit: - [2009/10/02 20:39:32 | 000,021,008 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2009/09/14 15:46:42 | 000,027,152 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2009/09/01 16:29:56 | 000,157,712 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
DRV:64bit: - [2009/08/23 19:55:32 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/07/08 13:49:08 | 000,030,008 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2009/07/08 13:48:50 | 000,041,272 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2009/06/10 15:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 15:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 15:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 14:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 14:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 14:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 14:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: otis@digitalpersona.com:5.0.0.4375
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.736
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1167
FF - HKLM\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ [2010/12/04 22:31:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/12/04 22:35:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/12/06 10:12:05 | 000,000,000 | ---D | M]
[2010/11/02 03:05:28 | 000,000,000 | ---D | M] -- C:\Users\Dusty\AppData\Roaming\Mozilla\Extensions
[2010/12/04 16:27:15 | 000,000,000 | ---D | M] -- C:\Users\Dusty\AppData\Roaming\Mozilla\Firefox\Profiles\onq50cen.default\extensions
[2010/12/04 22:35:09 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Dusty\AppData\Roaming\Mozilla\Firefox\Profiles\onq50cen.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/12/04 22:31:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/12/04 22:31:16 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/12/04 22:31:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\x64\ievkbd.dll (Kaspersky Lab)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\x64\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [avp] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra Button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\x64\klwtbbho.dll (Kaspersky Lab)
O9:64bit: - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\x64\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\mzvkbd3.dll (Kaspersky Lab)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe) - C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe (DigitalPersona, Inc.)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\klogon: DllName - Reg Error: Key error. - C:\Windows\SysNative\klogon.dll (Kaspersky Lab)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.dvacm - c:\Program Files (x86)\Common Files\Ulead Systems\VIO\DVACM.acm (Corel TW Corp.)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2010/12/07 23:37:15 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Dusty\Desktop\OTL.exe
[2010/12/07 21:31:42 | 000,000,000 | ---D | C] -- C:\Users\Dusty\Desktop\NTBR_CD
[2010/12/07 16:10:19 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\Diagnostics
[2010/12/07 14:15:58 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/12/07 13:43:49 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Roaming\Malwarebytes
[2010/12/07 13:43:27 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/12/07 13:43:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/12/07 13:43:23 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/12/07 13:43:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/12/07 13:24:21 | 000,000,000 | ---D | C] -- C:\Users\Dusty\Desktop\UPDATED 8-step Viruses Spyware Malware Preliminary Removal Instructions - TechSpot OpenBoards_files
[2010/12/07 05:34:43 | 007,622,112 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Dusty\Desktop\mbam-setup-1.50.0.0.exe
[2010/12/07 00:14:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion
[2010/12/07 00:14:05 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Roaming\Yahoo!
[2010/12/06 22:40:10 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Roaming\AVG
[2010/12/06 21:54:10 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2010/12/06 17:43:47 | 000,439,808 | ---- | C] (Atheros) -- C:\Windows\SysNative\athihvs.dll
[2010/12/06 17:43:47 | 000,000,000 | ---D | C] -- C:\Windows\Options
[2010/12/06 00:14:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2010/12/05 22:09:12 | 000,000,000 | ---D | C] -- C:\Windows\en
[2010/12/05 22:05:07 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2010/12/05 22:05:07 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2010/12/05 22:05:06 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2010/12/05 22:05:06 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2010/12/05 21:53:02 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2010/12/05 21:53:02 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2010/12/05 21:53:01 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2010/12/05 21:53:01 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2010/12/05 21:53:01 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2010/12/05 21:53:00 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2010/12/05 21:53:00 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2010/12/05 21:48:07 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Roaming\AVG10
[2010/12/04 18:02:05 | 000,000,000 | ---D | C] -- C:\ProgramData\STOPzilla!
[2010/12/04 16:26:02 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\Apps
[2010/12/04 03:49:50 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2010/12/04 03:48:12 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10
[2010/12/04 03:46:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2010/12/04 03:35:49 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2010/12/04 02:14:53 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/12/02 15:29:45 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Roaming\Camfrog
[2010/12/02 15:29:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Camfrog
[2010/11/27 15:16:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kalypso
[2010/11/27 11:23:56 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010/11/27 11:20:43 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\Windows Live
[2010/11/23 13:00:53 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\Turbine
[2010/11/23 12:52:19 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\ApplicationHistory
[2010/11/23 12:22:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Turbine
[2010/11/23 08:37:03 | 000,000,000 | ---D | C] -- C:\ProgramData\LightScribe
[2010/11/23 07:55:45 | 000,000,000 | ---D | C] -- C:\Users\Dusty\Desktop\LOTRO Standard Res Install Files
[2010/11/23 07:55:24 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\PMB Files
[2010/11/23 07:55:23 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2010/11/23 07:55:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2010/11/21 22:10:45 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\Yahoo
[2010/11/21 22:09:15 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\Yahoo!
[2010/11/21 22:08:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2010/11/21 22:04:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo!
[2010/11/20 20:49:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Recovery
[2010/11/16 09:55:07 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\Adobe
[2010/11/15 17:33:43 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\HP MediaSmart Video
[2010/11/10 20:36:12 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Roaming\skypePM
[2010/11/10 20:35:02 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\Google
[2010/11/10 20:35:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2010/11/10 20:34:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2010/11/10 20:34:15 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2010/11/10 20:34:14 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Roaming\Skype
[2010/11/10 20:31:45 | 000,955,272 | ---- | C] (Skype Technologies S.A.) -- C:\Users\Dusty\Desktop\SkypeSetup.exe
========== Files - Modified Within 30 Days ==========
[2010/12/07 23:50:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/07 23:37:15 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Dusty\Desktop\OTL.exe
[2010/12/07 23:27:06 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/12/07 23:27:06 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/12/07 23:24:57 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/12/07 23:24:57 | 000,624,178 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/12/07 23:24:57 | 000,106,522 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/12/07 23:19:07 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/07 23:18:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/12/07 23:18:46 | 3015,888,896 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/07 21:28:14 | 002,565,432 | ---- | M] () -- C:\Users\Dusty\Desktop\NTBR_CD.exe
[2010/12/07 19:52:28 | 000,150,083 | ---- | M] () -- C:\Windows\SysNative\drivers\klin.dat
[2010/12/07 19:52:28 | 000,107,075 | ---- | M] () -- C:\Windows\SysNative\drivers\klick.dat
[2010/12/07 13:43:27 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/07 13:24:21 | 000,092,534 | ---- | M] () -- C:\Users\Dusty\Desktop\UPDATED 8-step Viruses Spyware Malware Preliminary Removal Instructions - TechSpot OpenBoards.htm
[2010/12/07 05:35:13 | 007,622,112 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Dusty\Desktop\mbam-setup-1.50.0.0.exe
[2010/12/07 00:13:38 | 000,001,165 | ---- | M] () -- C:\Users\Dusty\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2010/12/07 00:13:38 | 000,001,141 | ---- | M] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2010/12/06 22:38:33 | 000,001,181 | ---- | M] () -- C:\Users\Dusty\Desktop\AVG PC Tuneup 2011.lnk
[2010/12/06 22:00:22 | 001,236,032 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2010/12/06 21:53:50 | 000,507,360 | ---- | M] () -- C:\Users\Dusty\Desktop\sdsetup.exe
[2010/12/06 10:12:06 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/12/05 23:44:17 | 000,002,211 | ---- | M] () -- C:\Users\Dusty\Application Data\Microsoft\Internet Explorer\Quick Launch\Camfrog Video Chat 5.5.lnk
[2010/12/05 23:44:17 | 000,002,187 | ---- | M] () -- C:\Users\Dusty\Desktop\Camfrog Video Chat 5.5.lnk
[2010/12/05 21:32:11 | 000,002,344 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010/12/02 17:30:58 | 000,004,096 | ---- | M] () -- C:\Users\Public\Documents\000016CD.LCS
[2010/11/29 18:56:52 | 000,012,694 | ---- | M] () -- C:\Users\Dusty\Desktop\albertsons restart code.docx
[2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/11/29 17:42:06 | 000,024,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/11/23 13:00:55 | 000,000,093 | ---- | M] () -- C:\Users\Dusty\AppData\Local\fusioncache.dat
[2010/11/23 06:38:07 | 000,014,273 | ---- | M] () -- C:\Users\Dusty\Desktop\Alone Against the World.docx
[2010/11/16 09:59:39 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForDusty.job
[2010/11/15 22:24:20 | 000,085,575 | ---- | M] () -- C:\Users\Dusty\Desktop\Video call snapshot 3.png
[2010/11/15 19:05:46 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/11/14 22:26:42 | 000,265,645 | ---- | M] () -- C:\Users\Dusty\Desktop\IMG_0120.jpg
[2010/11/14 22:26:37 | 000,264,539 | ---- | M] () -- C:\Users\Dusty\Desktop\IMG_4970.jpg
[2010/11/14 21:50:57 | 000,137,240 | ---- | M] () -- C:\Users\Dusty\Desktop\IMG_7880.jpg
[2010/11/14 21:49:42 | 000,130,875 | ---- | M] () -- C:\Users\Dusty\Desktop\IMG_6911.jpg
[2010/11/10 20:41:59 | 000,002,243 | ---- | M] () -- C:\Users\Dusty\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/11/10 20:36:12 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010/11/10 20:32:00 | 000,955,272 | ---- | M] (Skype Technologies S.A.) -- C:\Users\Dusty\Desktop\SkypeSetup.exe
[2010/11/09 16:06:26 | 000,000,162 | -H-- | M] () -- C:\Users\Dusty\Desktop\~$sume Mar09b.doc
========== Files Created - No Company Name ==========
[2010/12/07 21:27:53 | 002,565,432 | ---- | C] () -- C:\Users\Dusty\Desktop\NTBR_CD.exe
[2010/12/07 13:43:27 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/07 13:24:18 | 000,092,534 | ---- | C] () -- C:\Users\Dusty\Desktop\UPDATED 8-step Viruses Spyware Malware Preliminary Removal Instructions - TechSpot OpenBoards.htm
[2010/12/07 00:13:38 | 000,001,165 | ---- | C] () -- C:\Users\Dusty\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2010/12/07 00:13:38 | 000,001,141 | ---- | C] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2010/12/06 22:38:33 | 000,001,181 | ---- | C] () -- C:\Users\Dusty\Desktop\AVG PC Tuneup 2011.lnk
[2010/12/06 22:00:01 | 001,236,032 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB
[2010/12/06 21:54:10 | 000,507,360 | ---- | C] () -- C:\Users\Dusty\Desktop\sdsetup.exe
[2010/12/05 23:44:17 | 000,002,211 | ---- | C] () -- C:\Users\Dusty\Application Data\Microsoft\Internet Explorer\Quick Launch\Camfrog Video Chat 5.5.lnk
[2010/12/05 23:44:17 | 000,002,187 | ---- | C] () -- C:\Users\Dusty\Desktop\Camfrog Video Chat 5.5.lnk
[2010/11/29 18:18:37 | 000,012,694 | ---- | C] () -- C:\Users\Dusty\Desktop\albertsons restart code.docx
[2010/11/29 18:01:19 | 000,004,096 | ---- | C] () -- C:\Users\Public\Documents\000016CD.LCS
[2010/11/23 13:00:55 | 000,000,093 | ---- | C] () -- C:\Users\Dusty\AppData\Local\fusioncache.dat
[2010/11/17 04:32:43 | 000,014,273 | ---- | C] () -- C:\Users\Dusty\Desktop\Alone Against the World.docx
[2010/11/16 11:26:39 | 000,002,014 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/11/15 22:23:52 | 000,085,575 | ---- | C] () -- C:\Users\Dusty\Desktop\Video call snapshot 3.png
[2010/11/15 18:32:42 | 000,000,332 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForDusty.job
[2010/11/14 20:25:24 | 000,265,645 | ---- | C] () -- C:\Users\Dusty\Desktop\IMG_0120.jpg
[2010/11/14 20:25:22 | 000,264,539 | ---- | C] () -- C:\Users\Dusty\Desktop\IMG_4970.jpg
[2010/11/14 19:38:58 | 000,130,875 | ---- | C] () -- C:\Users\Dusty\Desktop\IMG_6911.jpg
[2010/11/14 19:38:02 | 000,137,240 | ---- | C] () -- C:\Users\Dusty\Desktop\IMG_7880.jpg
[2010/11/10 20:41:59 | 000,002,344 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010/11/10 20:41:59 | 000,002,243 | ---- | C] () -- C:\Users\Dusty\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/11/10 20:36:12 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/11/10 20:35:10 | 000,000,896 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/11/10 20:35:09 | 000,000,892 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/11/10 20:34:16 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/11/09 16:06:26 | 000,000,162 | -H-- | C] () -- C:\Users\Dusty\Desktop\~$sume Mar09b.doc
[2010/09/14 03:25:30 | 000,000,105 | ---- | C] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
[2010/09/14 03:25:23 | 000,000,032 | ---- | C] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
[2010/09/14 03:25:08 | 000,000,032 | ---- | C] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
[2010/09/14 03:24:47 | 000,000,032 | ---- | C] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
[2010/09/14 03:24:05 | 000,000,032 | ---- | C] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
[2010/09/14 02:56:26 | 000,000,299 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini
[2010/09/14 02:56:26 | 000,000,240 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini
[2010/09/03 01:34:57 | 000,000,188 | ---- | C] () -- C:\Windows\SysWow64\HPWA.ini
[2010/09/03 00:34:18 | 000,000,186 | ---- | C] () -- C:\Windows\SysWow64\HP Documentation.ini
[2010/09/03 00:23:26 | 000,000,109 | ---- | C] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
[2010/09/03 00:19:28 | 000,000,110 | ---- | C] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
[2010/09/03 00:18:26 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2010/09/03 00:17:55 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[2010/02/09 19:58:12 | 000,012,800 | ---- | C] () -- C:\Windows\LPRES.DLL
[2009/07/13 17:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 15:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
========== Custom Scans ==========
< >
< * >
[2009/07/13 19:38:58 | 000,383,562 | RHS- | M] () -- \bootmgr
[2010/12/07 23:18:46 | 3015,888,896 | -HS- | M] () --
[2010/12/07 23:18:48 | 4021,186,560 | -HS- | M] () --
[2010/12/06 17:44:18 | 000,000,184 | ---- | M] () -- \setup.log
< %SYSTEMDRIVE%\*.* >
[2009/07/13 19:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2010/12/07 23:18:46 | 3015,888,896 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/07 23:18:48 | 4021,186,560 | -HS- | M] () -- C:\pagefile.sys
[2010/12/06 17:44:18 | 000,000,184 | ---- | M] () -- C:\setup.log
< %systemroot%\Fonts\*.com >
[2009/07/13 23:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/13 23:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/13 23:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/13 23:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2009/06/10 14:49:50 | 000,000,065 | -H-- | M] () -- C:\Windows\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
[2010/09/23 00:32:56 | 000,301,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
< %PROGRAMFILES%\*.* >
[2009/07/13 22:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< %systemroot%\System32\config\*.sav >
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2010/11/01 19:04:29 | 000,000,221 | -HS- | M] () -- C:\Users\Dusty\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
< %USERPROFILE%\Desktop\*.exe >
[2010/11/02 03:04:45 | 008,567,280 | ---- | M] (Mozilla) -- C:\Users\Dusty\Desktop\Firefox Setup 3.6.12.exe
[2010/12/07 05:35:13 | 007,622,112 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Dusty\Desktop\mbam-setup-1.50.0.0.exe
[2010/12/07 21:28:14 | 002,565,432 | ---- | M] () -- C:\Users\Dusty\Desktop\NTBR_CD.exe
[2010/12/07 23:37:15 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Dusty\Desktop\OTL.exe
[2010/12/06 21:53:50 | 000,507,360 | ---- | M] () -- C:\Users\Dusty\Desktop\sdsetup.exe
[2010/11/10 20:32:00 | 000,955,272 | ---- | M] (Skype Technologies S.A.) -- C:\Users\Dusty\Desktop\SkypeSetup.exe
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< %systemroot%\AppPatch\Custom\*.* >
< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >
< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >
< %PROGRAMFILES%\Internet Explorer\*.tmp >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %USERPROFILE%\My Documents\*.exe >
< %USERPROFILE%\*.exe >
< %systemroot%\ADDINS\*.* >
[2009/06/10 15:20:04 | 000,000,802 | ---- | M] () -- C:\Windows\addins\FXSEXT.ecf
< %systemroot%\assembly\*.bak2 >
< %systemroot%\Config\*.* >
< %systemroot%\REPAIR\*.bak2 >
< %systemroot%\SECURITY\Database\*.sdb /x >
< %systemroot%\SYSTEM\*.bak2 >
< %systemroot%\Web\*.bak2 >
< %systemroot%\Driver Cache\*.* >
< %PROGRAMFILES%\Mozilla Firefox\0*.exe >
< %ProgramFiles%\Microsoft Common\*.* >
< %ProgramFiles%\TinyProxy. >
< %USERPROFILE%\Favorites\*.url /x >
[2010/11/01 18:14:53 | 000,000,402 | -HS- | M] () -- C:\Users\Dusty\Favorites\desktop.ini
< %systemroot%\system32\*.bk >
< %systemroot%\*.te >
< %systemroot%\system32\system32\*.* >
< %ALLUSERSPROFILE%\*.dat /x >
[2010/09/14 03:25:23 | 000,000,032 | ---- | M] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
[2010/09/03 00:23:46 | 000,000,109 | ---- | M] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
[2010/09/14 03:24:47 | 000,000,032 | ---- | M] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
[2010/09/03 00:19:20 | 000,000,105 | ---- | M] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2010/09/14 03:24:05 | 000,000,032 | ---- | M] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
[2010/09/14 03:25:08 | 000,000,032 | ---- | M] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
[2010/09/03 00:18:19 | 000,000,107 | ---- | M] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[2010/09/03 00:23:20 | 000,000,110 | ---- | M] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
[2010/09/14 03:25:40 | 000,000,105 | ---- | M] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
< %systemroot%\system32\drivers\*.rmv >
< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >
< dir /b "%systemroot%\*.exe" | find /i " " /c >
< %PROGRAMFILES%\Microsoft\*.* >
< %systemroot%\System32\Wbem\proquota.exe >
< %PROGRAMFILES%\Mozilla Firefox\*.dat >
< %USERPROFILE%\Cookies\*.txt /x >
< %SystemRoot%\system32\fonts\*.* >
< %systemroot%\system32\winlog\*.* >
< %systemroot%\system32\Language\*.* >
< %systemroot%\system32\Settings\*.* >
< %systemroot%\system32\*.quo >
< %SYSTEMROOT%\AppPatch\*.exe >
< %SYSTEMROOT%\inf\*.exe >
< %SYSTEMROOT%\Installer\*.exe >
< %systemroot%\system32\config\*.bak2 >
< %systemroot%\system32\Computers\*.* >
< %SystemRoot%\system32\Sound\*.* >
< %SystemRoot%\system32\SpecialImg\*.* >
< %SystemRoot%\system32\code\*.* >
< %SystemRoot%\system32\draft\*.* >
< %SystemRoot%\system32\MSSSys\*.* >
< %ProgramFiles%\Javascript\*.* >
< %systemroot%\pchealth\helpctr\System\*.exe /s >
< %systemroot%\Web\*.exe >
< %systemroot%\system32\msn\*.* >
< %systemroot%\system32\*.tro >
< %AppData%\Microsoft\Installer\msupdates\*.* >
< %ProgramFiles%\Messenger\*.* >
< %systemroot%\system32\systhem32\*.* >
< %systemroot%\system\*.exe >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
< * >
[2009/07/13 19:38:58 | 000,383,562 | RHS- | M] () -- \bootmgr
[2010/12/07 23:18:46 | 3015,888,896 | -HS- | M] () --
[2010/12/07 23:18:48 | 4021,186,560 | -HS- | M] () --
[2010/12/06 17:44:18 | 000,000,184 | ---- | M] () -- \setup.log
========== Alternate Data Streams ==========
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:0B4227B4
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TempFC5A2B2
< End of report >
OTL logfile created on: 12/7/2010 11:44:53 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Dusty\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 65.00% Memory free
7.00 Gb Paging File | 6.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 575.58 Gb Total Space | 514.25 Gb Free Space | 89.34% Space Free | Partition Type: NTFS
Drive D: | 20.29 Gb Total Space | 2.95 Gb Free Space | 14.54% Space Free | Partition Type: NTFS
Computer Name: DUSTY-HP | User Name: Dusty | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2010/12/07 23:37:15 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Dusty\Desktop\OTL.exe
PRC - [2010/11/30 17:02:35 | 000,991,800 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2010/10/09 19:12:28 | 000,340,520 | ---- | M] (Kaspersky Lab) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
PRC - [2010/07/23 11:56:02 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/06/29 20:00:08 | 000,027,192 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2010/06/29 19:58:04 | 000,602,168 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2010/06/24 23:32:50 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
PRC - [2010/06/12 19:06:08 | 000,400,368 | ---- | M] (CinemaNow, Inc.) -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
PRC - [2010/04/23 19:42:36 | 000,625,416 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
PRC - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
========== Modules (SafeList) ==========
MOD - [2010/12/07 23:37:15 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Dusty\Desktop\OTL.exe
MOD - [2010/08/20 23:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2010/06/18 17:26:18 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV:64bit: - [2010/06/09 03:06:18 | 000,258,048 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/04/23 19:42:40 | 000,445,192 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe -- (DpHost)
SRV:64bit: - [2010/04/16 08:09:00 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/02/23 08:38:54 | 002,192,176 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)
SRV:64bit: - [2009/07/13 19:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/08 13:49:02 | 000,030,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2009/03/03 04:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2010/10/09 19:12:28 | 000,340,520 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe -- (AVP)
SRV - [2010/07/23 11:56:02 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/06/29 21:51:12 | 000,245,232 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe -- (CLKMSVC10_C6F09094)
SRV - [2010/06/29 20:00:08 | 000,027,192 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2010/06/12 19:06:08 | 000,400,368 | ---- | M] (CinemaNow, Inc.) [Auto | Running] -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe -- (CinemaNow Service)
SRV - [2010/04/03 17:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/23 08:19:02 | 001,799,472 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2010/10/09 19:12:28 | 000,353,296 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2010/09/26 20:15:22 | 002,374,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/09/02 22:59:42 | 000,107,912 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/09/02 22:59:42 | 000,027,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/06/24 23:32:52 | 000,032,880 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/06/09 03:06:18 | 000,515,584 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/05/27 17:32:56 | 000,320,560 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/05/06 07:21:00 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/04/16 08:19:34 | 006,403,584 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/04/16 07:11:18 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/02/08 23:57:22 | 000,239,136 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/12/22 03:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009/11/27 19:45:06 | 000,295,424 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/10/14 22:18:38 | 000,040,464 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\klbg.sys -- (KLBG)
DRV:64bit: - [2009/10/02 20:39:32 | 000,021,008 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2009/09/14 15:46:42 | 000,027,152 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2009/09/01 16:29:56 | 000,157,712 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
DRV:64bit: - [2009/08/23 19:55:32 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/07/08 13:49:08 | 000,030,008 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2009/07/08 13:48:50 | 000,041,272 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2009/06/10 15:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 15:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 15:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 14:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 14:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 14:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 14:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: otis@digitalpersona.com:5.0.0.4375
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.736
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1167
FF - HKLM\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ [2010/12/04 22:31:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/12/04 22:35:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/12/06 10:12:05 | 000,000,000 | ---D | M]
[2010/11/02 03:05:28 | 000,000,000 | ---D | M] -- C:\Users\Dusty\AppData\Roaming\Mozilla\Extensions
[2010/12/04 16:27:15 | 000,000,000 | ---D | M] -- C:\Users\Dusty\AppData\Roaming\Mozilla\Firefox\Profiles\onq50cen.default\extensions
[2010/12/04 22:35:09 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Dusty\AppData\Roaming\Mozilla\Firefox\Profiles\onq50cen.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/12/04 22:31:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/12/04 22:31:16 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/12/04 22:31:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\x64\ievkbd.dll (Kaspersky Lab)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\x64\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [avp] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra Button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\x64\klwtbbho.dll (Kaspersky Lab)
O9:64bit: - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\x64\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\mzvkbd3.dll (Kaspersky Lab)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe) - C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe (DigitalPersona, Inc.)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\klogon: DllName - Reg Error: Key error. - C:\Windows\SysNative\klogon.dll (Kaspersky Lab)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.dvacm - c:\Program Files (x86)\Common Files\Ulead Systems\VIO\DVACM.acm (Corel TW Corp.)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2010/12/07 23:37:15 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Dusty\Desktop\OTL.exe
[2010/12/07 21:31:42 | 000,000,000 | ---D | C] -- C:\Users\Dusty\Desktop\NTBR_CD
[2010/12/07 16:10:19 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\Diagnostics
[2010/12/07 14:15:58 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/12/07 13:43:49 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Roaming\Malwarebytes
[2010/12/07 13:43:27 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/12/07 13:43:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/12/07 13:43:23 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/12/07 13:43:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/12/07 13:24:21 | 000,000,000 | ---D | C] -- C:\Users\Dusty\Desktop\UPDATED 8-step Viruses Spyware Malware Preliminary Removal Instructions - TechSpot OpenBoards_files
[2010/12/07 05:34:43 | 007,622,112 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Dusty\Desktop\mbam-setup-1.50.0.0.exe
[2010/12/07 00:14:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion
[2010/12/07 00:14:05 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Roaming\Yahoo!
[2010/12/06 22:40:10 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Roaming\AVG
[2010/12/06 21:54:10 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2010/12/06 17:43:47 | 000,439,808 | ---- | C] (Atheros) -- C:\Windows\SysNative\athihvs.dll
[2010/12/06 17:43:47 | 000,000,000 | ---D | C] -- C:\Windows\Options
[2010/12/06 00:14:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2010/12/05 22:09:12 | 000,000,000 | ---D | C] -- C:\Windows\en
[2010/12/05 22:05:07 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2010/12/05 22:05:07 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2010/12/05 22:05:06 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2010/12/05 22:05:06 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2010/12/05 21:53:02 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2010/12/05 21:53:02 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2010/12/05 21:53:01 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2010/12/05 21:53:01 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2010/12/05 21:53:01 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2010/12/05 21:53:00 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2010/12/05 21:53:00 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2010/12/05 21:48:07 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Roaming\AVG10
[2010/12/04 18:02:05 | 000,000,000 | ---D | C] -- C:\ProgramData\STOPzilla!
[2010/12/04 16:26:02 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\Apps
[2010/12/04 03:49:50 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2010/12/04 03:48:12 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10
[2010/12/04 03:46:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2010/12/04 03:35:49 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2010/12/04 02:14:53 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/12/02 15:29:45 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Roaming\Camfrog
[2010/12/02 15:29:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Camfrog
[2010/11/27 15:16:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kalypso
[2010/11/27 11:23:56 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010/11/27 11:20:43 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\Windows Live
[2010/11/23 13:00:53 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\Turbine
[2010/11/23 12:52:19 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\ApplicationHistory
[2010/11/23 12:22:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Turbine
[2010/11/23 08:37:03 | 000,000,000 | ---D | C] -- C:\ProgramData\LightScribe
[2010/11/23 07:55:45 | 000,000,000 | ---D | C] -- C:\Users\Dusty\Desktop\LOTRO Standard Res Install Files
[2010/11/23 07:55:24 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\PMB Files
[2010/11/23 07:55:23 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2010/11/23 07:55:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2010/11/21 22:10:45 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\Yahoo
[2010/11/21 22:09:15 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\Yahoo!
[2010/11/21 22:08:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2010/11/21 22:04:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo!
[2010/11/20 20:49:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Recovery
[2010/11/16 09:55:07 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\Adobe
[2010/11/15 17:33:43 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\HP MediaSmart Video
[2010/11/10 20:36:12 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Roaming\skypePM
[2010/11/10 20:35:02 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Local\Google
[2010/11/10 20:35:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2010/11/10 20:34:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2010/11/10 20:34:15 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2010/11/10 20:34:14 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Roaming\Skype
[2010/11/10 20:31:45 | 000,955,272 | ---- | C] (Skype Technologies S.A.) -- C:\Users\Dusty\Desktop\SkypeSetup.exe
========== Files - Modified Within 30 Days ==========
[2010/12/07 23:50:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/07 23:37:15 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Dusty\Desktop\OTL.exe
[2010/12/07 23:27:06 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/12/07 23:27:06 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/12/07 23:24:57 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/12/07 23:24:57 | 000,624,178 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/12/07 23:24:57 | 000,106,522 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/12/07 23:19:07 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/07 23:18:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/12/07 23:18:46 | 3015,888,896 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/07 21:28:14 | 002,565,432 | ---- | M] () -- C:\Users\Dusty\Desktop\NTBR_CD.exe
[2010/12/07 19:52:28 | 000,150,083 | ---- | M] () -- C:\Windows\SysNative\drivers\klin.dat
[2010/12/07 19:52:28 | 000,107,075 | ---- | M] () -- C:\Windows\SysNative\drivers\klick.dat
[2010/12/07 13:43:27 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/07 13:24:21 | 000,092,534 | ---- | M] () -- C:\Users\Dusty\Desktop\UPDATED 8-step Viruses Spyware Malware Preliminary Removal Instructions - TechSpot OpenBoards.htm
[2010/12/07 05:35:13 | 007,622,112 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Dusty\Desktop\mbam-setup-1.50.0.0.exe
[2010/12/07 00:13:38 | 000,001,165 | ---- | M] () -- C:\Users\Dusty\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2010/12/07 00:13:38 | 000,001,141 | ---- | M] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2010/12/06 22:38:33 | 000,001,181 | ---- | M] () -- C:\Users\Dusty\Desktop\AVG PC Tuneup 2011.lnk
[2010/12/06 22:00:22 | 001,236,032 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2010/12/06 21:53:50 | 000,507,360 | ---- | M] () -- C:\Users\Dusty\Desktop\sdsetup.exe
[2010/12/06 10:12:06 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/12/05 23:44:17 | 000,002,211 | ---- | M] () -- C:\Users\Dusty\Application Data\Microsoft\Internet Explorer\Quick Launch\Camfrog Video Chat 5.5.lnk
[2010/12/05 23:44:17 | 000,002,187 | ---- | M] () -- C:\Users\Dusty\Desktop\Camfrog Video Chat 5.5.lnk
[2010/12/05 21:32:11 | 000,002,344 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010/12/02 17:30:58 | 000,004,096 | ---- | M] () -- C:\Users\Public\Documents\000016CD.LCS
[2010/11/29 18:56:52 | 000,012,694 | ---- | M] () -- C:\Users\Dusty\Desktop\albertsons restart code.docx
[2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/11/29 17:42:06 | 000,024,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/11/23 13:00:55 | 000,000,093 | ---- | M] () -- C:\Users\Dusty\AppData\Local\fusioncache.dat
[2010/11/23 06:38:07 | 000,014,273 | ---- | M] () -- C:\Users\Dusty\Desktop\Alone Against the World.docx
[2010/11/16 09:59:39 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForDusty.job
[2010/11/15 22:24:20 | 000,085,575 | ---- | M] () -- C:\Users\Dusty\Desktop\Video call snapshot 3.png
[2010/11/15 19:05:46 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/11/14 22:26:42 | 000,265,645 | ---- | M] () -- C:\Users\Dusty\Desktop\IMG_0120.jpg
[2010/11/14 22:26:37 | 000,264,539 | ---- | M] () -- C:\Users\Dusty\Desktop\IMG_4970.jpg
[2010/11/14 21:50:57 | 000,137,240 | ---- | M] () -- C:\Users\Dusty\Desktop\IMG_7880.jpg
[2010/11/14 21:49:42 | 000,130,875 | ---- | M] () -- C:\Users\Dusty\Desktop\IMG_6911.jpg
[2010/11/10 20:41:59 | 000,002,243 | ---- | M] () -- C:\Users\Dusty\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/11/10 20:36:12 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010/11/10 20:32:00 | 000,955,272 | ---- | M] (Skype Technologies S.A.) -- C:\Users\Dusty\Desktop\SkypeSetup.exe
[2010/11/09 16:06:26 | 000,000,162 | -H-- | M] () -- C:\Users\Dusty\Desktop\~$sume Mar09b.doc
========== Files Created - No Company Name ==========
[2010/12/07 21:27:53 | 002,565,432 | ---- | C] () -- C:\Users\Dusty\Desktop\NTBR_CD.exe
[2010/12/07 13:43:27 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/07 13:24:18 | 000,092,534 | ---- | C] () -- C:\Users\Dusty\Desktop\UPDATED 8-step Viruses Spyware Malware Preliminary Removal Instructions - TechSpot OpenBoards.htm
[2010/12/07 00:13:38 | 000,001,165 | ---- | C] () -- C:\Users\Dusty\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2010/12/07 00:13:38 | 000,001,141 | ---- | C] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2010/12/06 22:38:33 | 000,001,181 | ---- | C] () -- C:\Users\Dusty\Desktop\AVG PC Tuneup 2011.lnk
[2010/12/06 22:00:01 | 001,236,032 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB
[2010/12/06 21:54:10 | 000,507,360 | ---- | C] () -- C:\Users\Dusty\Desktop\sdsetup.exe
[2010/12/05 23:44:17 | 000,002,211 | ---- | C] () -- C:\Users\Dusty\Application Data\Microsoft\Internet Explorer\Quick Launch\Camfrog Video Chat 5.5.lnk
[2010/12/05 23:44:17 | 000,002,187 | ---- | C] () -- C:\Users\Dusty\Desktop\Camfrog Video Chat 5.5.lnk
[2010/11/29 18:18:37 | 000,012,694 | ---- | C] () -- C:\Users\Dusty\Desktop\albertsons restart code.docx
[2010/11/29 18:01:19 | 000,004,096 | ---- | C] () -- C:\Users\Public\Documents\000016CD.LCS
[2010/11/23 13:00:55 | 000,000,093 | ---- | C] () -- C:\Users\Dusty\AppData\Local\fusioncache.dat
[2010/11/17 04:32:43 | 000,014,273 | ---- | C] () -- C:\Users\Dusty\Desktop\Alone Against the World.docx
[2010/11/16 11:26:39 | 000,002,014 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/11/15 22:23:52 | 000,085,575 | ---- | C] () -- C:\Users\Dusty\Desktop\Video call snapshot 3.png
[2010/11/15 18:32:42 | 000,000,332 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForDusty.job
[2010/11/14 20:25:24 | 000,265,645 | ---- | C] () -- C:\Users\Dusty\Desktop\IMG_0120.jpg
[2010/11/14 20:25:22 | 000,264,539 | ---- | C] () -- C:\Users\Dusty\Desktop\IMG_4970.jpg
[2010/11/14 19:38:58 | 000,130,875 | ---- | C] () -- C:\Users\Dusty\Desktop\IMG_6911.jpg
[2010/11/14 19:38:02 | 000,137,240 | ---- | C] () -- C:\Users\Dusty\Desktop\IMG_7880.jpg
[2010/11/10 20:41:59 | 000,002,344 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010/11/10 20:41:59 | 000,002,243 | ---- | C] () -- C:\Users\Dusty\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/11/10 20:36:12 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/11/10 20:35:10 | 000,000,896 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/11/10 20:35:09 | 000,000,892 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/11/10 20:34:16 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/11/09 16:06:26 | 000,000,162 | -H-- | C] () -- C:\Users\Dusty\Desktop\~$sume Mar09b.doc
[2010/09/14 03:25:30 | 000,000,105 | ---- | C] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
[2010/09/14 03:25:23 | 000,000,032 | ---- | C] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
[2010/09/14 03:25:08 | 000,000,032 | ---- | C] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
[2010/09/14 03:24:47 | 000,000,032 | ---- | C] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
[2010/09/14 03:24:05 | 000,000,032 | ---- | C] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
[2010/09/14 02:56:26 | 000,000,299 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini
[2010/09/14 02:56:26 | 000,000,240 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini
[2010/09/03 01:34:57 | 000,000,188 | ---- | C] () -- C:\Windows\SysWow64\HPWA.ini
[2010/09/03 00:34:18 | 000,000,186 | ---- | C] () -- C:\Windows\SysWow64\HP Documentation.ini
[2010/09/03 00:23:26 | 000,000,109 | ---- | C] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
[2010/09/03 00:19:28 | 000,000,110 | ---- | C] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
[2010/09/03 00:18:26 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2010/09/03 00:17:55 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[2010/02/09 19:58:12 | 000,012,800 | ---- | C] () -- C:\Windows\LPRES.DLL
[2009/07/13 17:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 15:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
========== Custom Scans ==========
< >
< * >
[2009/07/13 19:38:58 | 000,383,562 | RHS- | M] () -- \bootmgr
[2010/12/07 23:18:46 | 3015,888,896 | -HS- | M] () --
[2010/12/07 23:18:48 | 4021,186,560 | -HS- | M] () --
[2010/12/06 17:44:18 | 000,000,184 | ---- | M] () -- \setup.log
< %SYSTEMDRIVE%\*.* >
[2009/07/13 19:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2010/12/07 23:18:46 | 3015,888,896 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/07 23:18:48 | 4021,186,560 | -HS- | M] () -- C:\pagefile.sys
[2010/12/06 17:44:18 | 000,000,184 | ---- | M] () -- C:\setup.log
< %systemroot%\Fonts\*.com >
[2009/07/13 23:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/13 23:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/13 23:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/13 23:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2009/06/10 14:49:50 | 000,000,065 | -H-- | M] () -- C:\Windows\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
[2010/09/23 00:32:56 | 000,301,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
< %PROGRAMFILES%\*.* >
[2009/07/13 22:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< %systemroot%\System32\config\*.sav >
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2010/11/01 19:04:29 | 000,000,221 | -HS- | M] () -- C:\Users\Dusty\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
< %USERPROFILE%\Desktop\*.exe >
[2010/11/02 03:04:45 | 008,567,280 | ---- | M] (Mozilla) -- C:\Users\Dusty\Desktop\Firefox Setup 3.6.12.exe
[2010/12/07 05:35:13 | 007,622,112 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Dusty\Desktop\mbam-setup-1.50.0.0.exe
[2010/12/07 21:28:14 | 002,565,432 | ---- | M] () -- C:\Users\Dusty\Desktop\NTBR_CD.exe
[2010/12/07 23:37:15 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Dusty\Desktop\OTL.exe
[2010/12/06 21:53:50 | 000,507,360 | ---- | M] () -- C:\Users\Dusty\Desktop\sdsetup.exe
[2010/11/10 20:32:00 | 000,955,272 | ---- | M] (Skype Technologies S.A.) -- C:\Users\Dusty\Desktop\SkypeSetup.exe
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< %systemroot%\AppPatch\Custom\*.* >
< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >
< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >
< %PROGRAMFILES%\Internet Explorer\*.tmp >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %USERPROFILE%\My Documents\*.exe >
< %USERPROFILE%\*.exe >
< %systemroot%\ADDINS\*.* >
[2009/06/10 15:20:04 | 000,000,802 | ---- | M] () -- C:\Windows\addins\FXSEXT.ecf
< %systemroot%\assembly\*.bak2 >
< %systemroot%\Config\*.* >
< %systemroot%\REPAIR\*.bak2 >
< %systemroot%\SECURITY\Database\*.sdb /x >
< %systemroot%\SYSTEM\*.bak2 >
< %systemroot%\Web\*.bak2 >
< %systemroot%\Driver Cache\*.* >
< %PROGRAMFILES%\Mozilla Firefox\0*.exe >
< %ProgramFiles%\Microsoft Common\*.* >
< %ProgramFiles%\TinyProxy. >
< %USERPROFILE%\Favorites\*.url /x >
[2010/11/01 18:14:53 | 000,000,402 | -HS- | M] () -- C:\Users\Dusty\Favorites\desktop.ini
< %systemroot%\system32\*.bk >
< %systemroot%\*.te >
< %systemroot%\system32\system32\*.* >
< %ALLUSERSPROFILE%\*.dat /x >
[2010/09/14 03:25:23 | 000,000,032 | ---- | M] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
[2010/09/03 00:23:46 | 000,000,109 | ---- | M] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
[2010/09/14 03:24:47 | 000,000,032 | ---- | M] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
[2010/09/03 00:19:20 | 000,000,105 | ---- | M] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2010/09/14 03:24:05 | 000,000,032 | ---- | M] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
[2010/09/14 03:25:08 | 000,000,032 | ---- | M] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
[2010/09/03 00:18:19 | 000,000,107 | ---- | M] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[2010/09/03 00:23:20 | 000,000,110 | ---- | M] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
[2010/09/14 03:25:40 | 000,000,105 | ---- | M] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
< %systemroot%\system32\drivers\*.rmv >
< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >
< dir /b "%systemroot%\*.exe" | find /i " " /c >
< %PROGRAMFILES%\Microsoft\*.* >
< %systemroot%\System32\Wbem\proquota.exe >
< %PROGRAMFILES%\Mozilla Firefox\*.dat >
< %USERPROFILE%\Cookies\*.txt /x >
< %SystemRoot%\system32\fonts\*.* >
< %systemroot%\system32\winlog\*.* >
< %systemroot%\system32\Language\*.* >
< %systemroot%\system32\Settings\*.* >
< %systemroot%\system32\*.quo >
< %SYSTEMROOT%\AppPatch\*.exe >
< %SYSTEMROOT%\inf\*.exe >
< %SYSTEMROOT%\Installer\*.exe >
< %systemroot%\system32\config\*.bak2 >
< %systemroot%\system32\Computers\*.* >
< %SystemRoot%\system32\Sound\*.* >
< %SystemRoot%\system32\SpecialImg\*.* >
< %SystemRoot%\system32\code\*.* >
< %SystemRoot%\system32\draft\*.* >
< %SystemRoot%\system32\MSSSys\*.* >
< %ProgramFiles%\Javascript\*.* >
< %systemroot%\pchealth\helpctr\System\*.exe /s >
< %systemroot%\Web\*.exe >
< %systemroot%\system32\msn\*.* >
< %systemroot%\system32\*.tro >
< %AppData%\Microsoft\Installer\msupdates\*.* >
< %ProgramFiles%\Messenger\*.* >
< %systemroot%\system32\systhem32\*.* >
< %systemroot%\system\*.exe >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
< * >
[2009/07/13 19:38:58 | 000,383,562 | RHS- | M] () -- \bootmgr
[2010/12/07 23:18:46 | 3015,888,896 | -HS- | M] () --
[2010/12/07 23:18:48 | 4021,186,560 | -HS- | M] () --
[2010/12/06 17:44:18 | 000,000,184 | ---- | M] () -- \setup.log
========== Alternate Data Streams ==========
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:0B4227B4
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp
FC5A2B2< End of report >
Extras.txt from Run Scan option
OTL Extras logfile created on: 12/7/2010 11:44:53 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Dusty\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 65.00% Memory free
7.00 Gb Paging File | 6.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 575.58 Gb Total Space | 514.25 Gb Free Space | 89.34% Space Free | Partition Type: NTFS
Drive D: | 20.29 Gb Total Space | 2.95 Gb Free Space | 14.54% Space Free | Partition Type: NTFS
Computer Name: DUSTY-HP | User Name: Dusty | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [Browse with Corel PaintShop Photo Pro X3] -- "c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\Corel Paint Shop Pro Photo.exe" "%L" (Corel, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with Corel PaintShop Photo Pro X3] -- "c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\Corel Paint Shop Pro Photo.exe" "%L" (Corel, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
"" =
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{11A4D79B-672C-7FFF-B5F7-B4409B1194EF}" = ATI Catalyst Install Manager
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1F6B7CB0-66D8-4B31-BF1F-D2318E58080E}" = HP SimplePass Identity Protection
"{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java(TM) 6 Update 20 (64-bit)
"{299625B9-6C69-462C-9CEA-8E06D878B1C5}" = HP 3D DriveGuard
"{426FAE9F-7373-496E-A215-9DB7EF4398CF}" = Validity Sensors DDK
"{4B4E2FA2-3B1E-4147-99DB-5033981D8C2F}" = HP MediaSmart Movies and TV
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{731A1D36-BF17-4C76-B7E7-CC055AF8C54E}" = HP MediaSmart SmartMenu
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B5FC1E1B-E70D-45F1-8E40-A3C30698B323}" = HP Wireless Assistant
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{E2BDBC42-A7F5-BE3C-CAE7-672461BADFBB}" = ccc-utility64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6246243-CF06-4E40-8A37-C3B537695C36}" = Share64
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{D1AEB5DB-04FA-489D-94EF-8600898B93EE}" = Corel PaintShop Photo Pro X3
"_{F072CA07-A781-45E4-9975-C033A73019CF}" = Corel VideoStudio Pro X3
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"{06C75F9A-97AD-5248-E32E-DF614E74CB30}" = CCC Help English
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = Roxio CinemaNow 2.0
"{17AAFDC8-0126-8325-99C3-BA94ECC88719}" = CCC Help Chinese Standard
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1C7D54A1-3EAF-1FA6-865A-5BD68563978F}" = Catalyst Control Center Graphics Previews Vista
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2469F651-772F-53D7-66D6-EC065F786E38}" = CCC Help French
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 22
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2E228408-8C07-BF2B-E3BE-6FE3226D0557}" = Catalyst Control Center Graphics Full Existing
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3418A50C-5B73-420F-A617-B680D778573C}" = CCC Help Greek
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35021DFB-F9CA-402A-89A2-47F91E506465}" = HP MediaSmart/TouchSmart Netflix
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{3CE8DBEF-2A88-F180-F62C-43AA930D6D47}" = CCC Help Korean
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{43C189A4-D61F-F7C7-F4BC-C3FE800FF7BB}" = ccc-core-static
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}" = LightScribe System Software
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B156358-CE9C-4E9F-8CAD-79AE86A68C60}" = HP Power Manager
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup 2011
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{527B2D1F-0129-70C1-3D8E-D7C13994F3D8}" = Catalyst Control Center Graphics Previews Common
"{5911C3EB-2E4F-80CC-4A1F-65DD5BFFEA0D}" = CCC Help German
"{639BDAFA-4A48-62A1-E2D9-13A84E9582FE}" = CCC Help Polish
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6B6A1FFD-AF4B-2348-1854-1BBDD6A4E852}" = CCC Help Chinese Traditional
"{6C122441-1861-4CD7-B1C5-A163A6984E12}" = CinemaNow Media Manager
"{6C872198-9ED1-4046-87B3-AFA79CDF342D}" = HP Software Framework
"{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"{705893E4-960A-E551-4825-B63B7BE8959A}" = CCC Help Czech
"{72D90DB3-A16A-4545-B555-868471101833}" = HP Setup
"{766BF6D1-A746-9B26-EC0B-E76DF6D5DE07}" = CCC Help Norwegian
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{783C5B03-DF9C-30B0-BC32-066150B77F19}" = CCC Help Japanese
"{7D4318AC-9560-46F0-910F-0B38D6CDC009}" = HP Documentation
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83853D8B-E9F1-1E35-2F1B-4210D2875A8C}" = CCC Help Spanish
"{845E9545-2A7F-FFCB-D2FA-A292B0137325}" = CCC Help Hungarian
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6E13F3-44FB-A8A6-D9F5-2AF030A47F2C}" = CCC Help Portuguese
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MediaSmart CinemaNow 2.0
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{943B6738-4801-4982-90EC-0442EF7AEB16}" = Kaspersky Anti-Virus 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{987B04C4-B5AC-4AD6-A7E9-8D681085B850}" = AMD USB Filter Driver
"{996FF46F-797F-AFE4-2932-3F391B5BB4A5}" = CCC Help Thai
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9ECF7817-DB11-4FBA-9DF1-296A578D513A}" = Adobe Shockwave Player 11.5
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA11D798-A4C3-F2BF-E9C8-584D1AA7C891}" = Catalyst Control Center Graphics Full New
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB14AFDF-990F-C0FD-DDDF-6113BD111593}" = Catalyst Control Center Localization All
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.4.1 MUI
"{AEBFE622-2807-E0D5-E7E2-0D5AA4977B48}" = CCC Help Danish
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B34FE99A-48DD-3564-761E-6BB78FBE5DB9}" = Catalyst Control Center InstallProxy
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{BFC1210F-19B0-A7F0-B027-82AD610DA5B7}" = CCC Help Italian
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8871195-1265-0859-CC55-ADE112EEF7D3}" = Times Reader
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"{D1612A3D-0DCC-4055-BB6A-0036F31158A0}" = Setup
"{D1AEB5DB-04FA-489D-94EF-8600898B93EE}" = ICA
"{D1F80EFD-A032-4E8E-A367-70C44AD4DCE0}" = ISCOM
"{D2D49B64-FBC1-15EE-5734-97BB457F197E}" = Catalyst Control Center Core Implementation
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5EA734C-2DEC-76F6-9D98-97D57A6F61CE}" = CCC Help Swedish
"{DA4BF4BE-3CDC-43B5-BBDA-DDDA73103111}" = Corel PaintShop Photo Pro X3
"{DB6A09A0-34B0-BFE5-7026-C91829ED879D}" = CCC Help Turkish
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DCD941B6-F2E7-4FAF-B102-F7D4DE5FF99A}" = IPM_PSP_Pro
"{DCF1928A-FC01-48E7-A7E6-4651D42EF6A1}" = PSPPRO_DCRAW
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DF8B9311-ADE7-4EDE-B121-326CAA3D225D}" = PSPPContent
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1600759-7AB3-A146-5ED4-4A50E743D3D3}" = CCC Help Russian
"{E22B38FA-7A08-3CEE-EB31-970C4CF2AA54}" = CCC Help Dutch
"{E342D296-DB9D-4FC7-ACB0-39926C0BFA16}" = HP Quick Launch
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F069C491-69E6-4D9B-9A0C-B7894A1FA97C}" = Setup
"{F072CA07-A781-45E4-9975-C033A73019CF}" = ICA
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F206FEC3-F5DD-43FD-A8CF-9C46B8A6A92C}" = VSPro
"{F3620D5D-B046-41F0-AB8D-3C56A36AFD60}" = Catalyst Control Center - Branding
"{F4E9851F-765E-40B7-9859-237C2724E62C}" = DeviceIO
"{F55BB217-BB0F-4A7A-A499-8A0C34D842E2}" = Catalyst Control Center Graphics Light
"{F6A76E9C-C299-4CFA-AD2A-57FE9DD68B70}" = Contents
"{F8423392-2296-4748-9B66-344432459632}" = PureHD
"{F909BD3C-8684-4ACF-B7C3-33F4F9F901B7}" = Share
"{F95C8C1F-25BB-44EC-A7E6-5C17ABC6BC71}" = VIO
"{FB0B6DDD-DF3E-4CD6-927C-724AB854E322}" = VSClassic
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"{FC17E0A7-EAA9-4902-92F8-C83B9FD02246}" = HP Support Assistant
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FD67D9F3-FED6-4A2E-9D6C-8C8C44DEF8FF}" = IPM_VS_Pro
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE39FB6F-05FB-4B09-4DE7-6E2BEC08427D}" = CCC Help Finnish
"{FE661711-E392-4B3F-A4A7-02C747C09134}" = ISCOM
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Camfrog 5.5" = Camfrog Video Chat 5.5
"com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1" = Times Reader
"Google Chrome" = Google Chrome
"HP DVB-T TV Tuner" = HP DVB-T TV Tuner 8.0.64.43
"HP Photo Creations" = HP Photo Creations
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"InstallWIX_{943B6738-4801-4982-90EC-0442EF7AEB16}" = Kaspersky Anti-Virus 2010
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"My HP Game Console" = HP Game Console
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"WildTangent hp Master Uninstall" = HP Games
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite" = Windows Live Essentials
"WT087328" = Blackhawk Striker 2
"WT087335" = Build-a-lot 2
"WT087342" = Dora's Carnival Adventure
"WT087360" = Escape Rosecliff Island
"WT087361" = FATE
"WT087362" = Final Drive Nitro
"WT087372" = Heroes of Hellas 2 - Olympia
"WT087373" = Jewel Quest 3
"WT087379" = Jewel Quest Solitaire 2
"WT087394" = Penguins!
"WT087395" = Poker Superstars III
"WT087396" = Polar Bowler
"WT087397" = Polar Golfer
"WT087414" = Virtual Families
"WT087415" = Wheel of Fortune 2
"WT087428" = Bejeweled 2 Deluxe
"WT087453" = Chuzzle Deluxe
"WT087501" = Plants vs. Zombies
"WT087513" = Virtual Villagers - The Secret City
"WT087533" = Zuma Deluxe
"WT087536" = Diner Dash 2 Restaurant Rescue
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"HuluDesktop" = Hulu Desktop
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 11/10/2010 9:23:02 PM | Computer Name = Dusty-HP | Source = System Restore | ID = 8193
Description =
Error - 11/13/2010 3:26:50 PM | Computer Name = Dusty-HP | Source = Google Update | ID = 20
Description =
Error - 11/14/2010 10:05:28 AM | Computer Name = Dusty-HP | Source = Google Update | ID = 20
Description =
Error - 11/15/2010 1:49:21 AM | Computer Name = Dusty-HP | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "C:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.
Error - 11/15/2010 1:52:56 AM | Computer Name = Dusty-HP | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\Program Files (x86)\Corel\Corel
PaintShop Photo Pro\X3\PSPClassic\Python Libraries\Lib\distutils\command\wininst-8_d.exe".
Dependent
Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 11/16/2010 4:06:46 AM | Computer Name = Dusty-HP | Source = Google Update | ID = 20
Description =
Error - 11/16/2010 6:40:21 PM | Computer Name = Dusty-HP | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "C:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.
Error - 11/16/2010 6:41:41 PM | Computer Name = Dusty-HP | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\Program Files (x86)\Corel\Corel
PaintShop Photo Pro\X3\PSPClassic\Python Libraries\Lib\distutils\command\wininst-8_d.exe".
Dependent
Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 11/17/2010 8:14:16 PM | Computer Name = Dusty-HP | Source = Google Update | ID = 20
Description =
Error - 11/22/2010 7:42:51 PM | Computer Name = Dusty-HP | Source = Application Error | ID = 1000
Description = Faulting application name: hpasset.exe, version: 3.0.0.3, time stamp:
0x4ab90f9f Faulting module name: hpasset.exe, version: 3.0.0.3, time stamp: 0x4ab90f9f
Exception
code: 0xc0000005 Fault offset: 0x0003f1c9 Faulting process id: 0x15e8 Faulting application
start time: 0x01cb8a9ee9382bd0 Faulting application path: C:\Program Files (x86)\Hewlett-Packard\HP
Health Check\HPAsset\hpasset.exe Faulting module path: C:\Program Files (x86)\Hewlett-Packard\HP
Health Check\HPAsset\hpasset.exe Report Id: 37aea897-f692-11df-8005-db214ad5056d
[ HP Wireless Assistant Events ]
Error - 10/9/2010 8:47:42 PM | Computer Name = Dusty-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 10/9/2010 8:47:55 PM | Computer Name = Dusty-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 10/9/2010 8:48:07 PM | Computer Name = Dusty-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 10/9/2010 8:48:20 PM | Computer Name = Dusty-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 10/9/2010 8:48:33 PM | Computer Name = Dusty-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 10/9/2010 8:48:46 PM | Computer Name = Dusty-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 10/9/2010 8:48:59 PM | Computer Name = Dusty-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 10/9/2010 8:49:12 PM | Computer Name = Dusty-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 10/9/2010 8:49:24 PM | Computer Name = Dusty-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 10/9/2010 8:49:37 PM | Computer Name = Dusty-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
[ System Events ]
Error - 12/4/2010 4:15:28 AM | Computer Name = Dusty-HP | Source = DCOM | ID = 10005
Description =
Error - 12/4/2010 4:15:29 AM | Computer Name = Dusty-HP | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 12/4/2010 4:15:29 AM | Computer Name = Dusty-HP | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 12/4/2010 4:15:29 AM | Computer Name = Dusty-HP | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 12/4/2010 4:15:29 AM | Computer Name = Dusty-HP | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 12/4/2010 4:15:29 AM | Computer Name = Dusty-HP | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 12/4/2010 4:15:29 AM | Computer Name = Dusty-HP | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 12/4/2010 11:41:37 PM | Computer Name = Dusty-HP | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the szserver service.
Error - 12/5/2010 12:50:19 AM | Computer Name = Dusty-HP | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition
1.95.1100.0).
Error - 12/6/2010 12:10:20 AM | Computer Name = Dusty-HP | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x800706be: Windows Live Essentials 2011 (KB2434419).
< End of report >
OTL Extras logfile created on: 12/7/2010 11:44:53 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Dusty\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 65.00% Memory free
7.00 Gb Paging File | 6.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 575.58 Gb Total Space | 514.25 Gb Free Space | 89.34% Space Free | Partition Type: NTFS
Drive D: | 20.29 Gb Total Space | 2.95 Gb Free Space | 14.54% Space Free | Partition Type: NTFS
Computer Name: DUSTY-HP | User Name: Dusty | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [Browse with Corel PaintShop Photo Pro X3] -- "c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\Corel Paint Shop Pro Photo.exe" "%L" (Corel, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with Corel PaintShop Photo Pro X3] -- "c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\Corel Paint Shop Pro Photo.exe" "%L" (Corel, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
"" =
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{11A4D79B-672C-7FFF-B5F7-B4409B1194EF}" = ATI Catalyst Install Manager
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1F6B7CB0-66D8-4B31-BF1F-D2318E58080E}" = HP SimplePass Identity Protection
"{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java(TM) 6 Update 20 (64-bit)
"{299625B9-6C69-462C-9CEA-8E06D878B1C5}" = HP 3D DriveGuard
"{426FAE9F-7373-496E-A215-9DB7EF4398CF}" = Validity Sensors DDK
"{4B4E2FA2-3B1E-4147-99DB-5033981D8C2F}" = HP MediaSmart Movies and TV
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{731A1D36-BF17-4C76-B7E7-CC055AF8C54E}" = HP MediaSmart SmartMenu
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B5FC1E1B-E70D-45F1-8E40-A3C30698B323}" = HP Wireless Assistant
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{E2BDBC42-A7F5-BE3C-CAE7-672461BADFBB}" = ccc-utility64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6246243-CF06-4E40-8A37-C3B537695C36}" = Share64
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{D1AEB5DB-04FA-489D-94EF-8600898B93EE}" = Corel PaintShop Photo Pro X3
"_{F072CA07-A781-45E4-9975-C033A73019CF}" = Corel VideoStudio Pro X3
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"{06C75F9A-97AD-5248-E32E-DF614E74CB30}" = CCC Help English
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = Roxio CinemaNow 2.0
"{17AAFDC8-0126-8325-99C3-BA94ECC88719}" = CCC Help Chinese Standard
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1C7D54A1-3EAF-1FA6-865A-5BD68563978F}" = Catalyst Control Center Graphics Previews Vista
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2469F651-772F-53D7-66D6-EC065F786E38}" = CCC Help French
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 22
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2E228408-8C07-BF2B-E3BE-6FE3226D0557}" = Catalyst Control Center Graphics Full Existing
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3418A50C-5B73-420F-A617-B680D778573C}" = CCC Help Greek
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35021DFB-F9CA-402A-89A2-47F91E506465}" = HP MediaSmart/TouchSmart Netflix
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{3CE8DBEF-2A88-F180-F62C-43AA930D6D47}" = CCC Help Korean
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{43C189A4-D61F-F7C7-F4BC-C3FE800FF7BB}" = ccc-core-static
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}" = LightScribe System Software
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B156358-CE9C-4E9F-8CAD-79AE86A68C60}" = HP Power Manager
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup 2011
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{527B2D1F-0129-70C1-3D8E-D7C13994F3D8}" = Catalyst Control Center Graphics Previews Common
"{5911C3EB-2E4F-80CC-4A1F-65DD5BFFEA0D}" = CCC Help German
"{639BDAFA-4A48-62A1-E2D9-13A84E9582FE}" = CCC Help Polish
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6B6A1FFD-AF4B-2348-1854-1BBDD6A4E852}" = CCC Help Chinese Traditional
"{6C122441-1861-4CD7-B1C5-A163A6984E12}" = CinemaNow Media Manager
"{6C872198-9ED1-4046-87B3-AFA79CDF342D}" = HP Software Framework
"{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"{705893E4-960A-E551-4825-B63B7BE8959A}" = CCC Help Czech
"{72D90DB3-A16A-4545-B555-868471101833}" = HP Setup
"{766BF6D1-A746-9B26-EC0B-E76DF6D5DE07}" = CCC Help Norwegian
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{783C5B03-DF9C-30B0-BC32-066150B77F19}" = CCC Help Japanese
"{7D4318AC-9560-46F0-910F-0B38D6CDC009}" = HP Documentation
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83853D8B-E9F1-1E35-2F1B-4210D2875A8C}" = CCC Help Spanish
"{845E9545-2A7F-FFCB-D2FA-A292B0137325}" = CCC Help Hungarian
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6E13F3-44FB-A8A6-D9F5-2AF030A47F2C}" = CCC Help Portuguese
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MediaSmart CinemaNow 2.0
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{943B6738-4801-4982-90EC-0442EF7AEB16}" = Kaspersky Anti-Virus 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{987B04C4-B5AC-4AD6-A7E9-8D681085B850}" = AMD USB Filter Driver
"{996FF46F-797F-AFE4-2932-3F391B5BB4A5}" = CCC Help Thai
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9ECF7817-DB11-4FBA-9DF1-296A578D513A}" = Adobe Shockwave Player 11.5
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA11D798-A4C3-F2BF-E9C8-584D1AA7C891}" = Catalyst Control Center Graphics Full New
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB14AFDF-990F-C0FD-DDDF-6113BD111593}" = Catalyst Control Center Localization All
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.4.1 MUI
"{AEBFE622-2807-E0D5-E7E2-0D5AA4977B48}" = CCC Help Danish
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B34FE99A-48DD-3564-761E-6BB78FBE5DB9}" = Catalyst Control Center InstallProxy
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{BFC1210F-19B0-A7F0-B027-82AD610DA5B7}" = CCC Help Italian
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8871195-1265-0859-CC55-ADE112EEF7D3}" = Times Reader
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"{D1612A3D-0DCC-4055-BB6A-0036F31158A0}" = Setup
"{D1AEB5DB-04FA-489D-94EF-8600898B93EE}" = ICA
"{D1F80EFD-A032-4E8E-A367-70C44AD4DCE0}" = ISCOM
"{D2D49B64-FBC1-15EE-5734-97BB457F197E}" = Catalyst Control Center Core Implementation
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5EA734C-2DEC-76F6-9D98-97D57A6F61CE}" = CCC Help Swedish
"{DA4BF4BE-3CDC-43B5-BBDA-DDDA73103111}" = Corel PaintShop Photo Pro X3
"{DB6A09A0-34B0-BFE5-7026-C91829ED879D}" = CCC Help Turkish
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DCD941B6-F2E7-4FAF-B102-F7D4DE5FF99A}" = IPM_PSP_Pro
"{DCF1928A-FC01-48E7-A7E6-4651D42EF6A1}" = PSPPRO_DCRAW
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DF8B9311-ADE7-4EDE-B121-326CAA3D225D}" = PSPPContent
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1600759-7AB3-A146-5ED4-4A50E743D3D3}" = CCC Help Russian
"{E22B38FA-7A08-3CEE-EB31-970C4CF2AA54}" = CCC Help Dutch
"{E342D296-DB9D-4FC7-ACB0-39926C0BFA16}" = HP Quick Launch
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F069C491-69E6-4D9B-9A0C-B7894A1FA97C}" = Setup
"{F072CA07-A781-45E4-9975-C033A73019CF}" = ICA
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F206FEC3-F5DD-43FD-A8CF-9C46B8A6A92C}" = VSPro
"{F3620D5D-B046-41F0-AB8D-3C56A36AFD60}" = Catalyst Control Center - Branding
"{F4E9851F-765E-40B7-9859-237C2724E62C}" = DeviceIO
"{F55BB217-BB0F-4A7A-A499-8A0C34D842E2}" = Catalyst Control Center Graphics Light
"{F6A76E9C-C299-4CFA-AD2A-57FE9DD68B70}" = Contents
"{F8423392-2296-4748-9B66-344432459632}" = PureHD
"{F909BD3C-8684-4ACF-B7C3-33F4F9F901B7}" = Share
"{F95C8C1F-25BB-44EC-A7E6-5C17ABC6BC71}" = VIO
"{FB0B6DDD-DF3E-4CD6-927C-724AB854E322}" = VSClassic
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"{FC17E0A7-EAA9-4902-92F8-C83B9FD02246}" = HP Support Assistant
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FD67D9F3-FED6-4A2E-9D6C-8C8C44DEF8FF}" = IPM_VS_Pro
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE39FB6F-05FB-4B09-4DE7-6E2BEC08427D}" = CCC Help Finnish
"{FE661711-E392-4B3F-A4A7-02C747C09134}" = ISCOM
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Camfrog 5.5" = Camfrog Video Chat 5.5
"com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1" = Times Reader
"Google Chrome" = Google Chrome
"HP DVB-T TV Tuner" = HP DVB-T TV Tuner 8.0.64.43
"HP Photo Creations" = HP Photo Creations
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"InstallWIX_{943B6738-4801-4982-90EC-0442EF7AEB16}" = Kaspersky Anti-Virus 2010
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"My HP Game Console" = HP Game Console
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"WildTangent hp Master Uninstall" = HP Games
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite" = Windows Live Essentials
"WT087328" = Blackhawk Striker 2
"WT087335" = Build-a-lot 2
"WT087342" = Dora's Carnival Adventure
"WT087360" = Escape Rosecliff Island
"WT087361" = FATE
"WT087362" = Final Drive Nitro
"WT087372" = Heroes of Hellas 2 - Olympia
"WT087373" = Jewel Quest 3
"WT087379" = Jewel Quest Solitaire 2
"WT087394" = Penguins!
"WT087395" = Poker Superstars III
"WT087396" = Polar Bowler
"WT087397" = Polar Golfer
"WT087414" = Virtual Families
"WT087415" = Wheel of Fortune 2
"WT087428" = Bejeweled 2 Deluxe
"WT087453" = Chuzzle Deluxe
"WT087501" = Plants vs. Zombies
"WT087513" = Virtual Villagers - The Secret City
"WT087533" = Zuma Deluxe
"WT087536" = Diner Dash 2 Restaurant Rescue
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"HuluDesktop" = Hulu Desktop
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 11/10/2010 9:23:02 PM | Computer Name = Dusty-HP | Source = System Restore | ID = 8193
Description =
Error - 11/13/2010 3:26:50 PM | Computer Name = Dusty-HP | Source = Google Update | ID = 20
Description =
Error - 11/14/2010 10:05:28 AM | Computer Name = Dusty-HP | Source = Google Update | ID = 20
Description =
Error - 11/15/2010 1:49:21 AM | Computer Name = Dusty-HP | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "C:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.
Error - 11/15/2010 1:52:56 AM | Computer Name = Dusty-HP | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\Program Files (x86)\Corel\Corel
PaintShop Photo Pro\X3\PSPClassic\Python Libraries\Lib\distutils\command\wininst-8_d.exe".
Dependent
Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 11/16/2010 4:06:46 AM | Computer Name = Dusty-HP | Source = Google Update | ID = 20
Description =
Error - 11/16/2010 6:40:21 PM | Computer Name = Dusty-HP | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "C:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.
Error - 11/16/2010 6:41:41 PM | Computer Name = Dusty-HP | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\Program Files (x86)\Corel\Corel
PaintShop Photo Pro\X3\PSPClassic\Python Libraries\Lib\distutils\command\wininst-8_d.exe".
Dependent
Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 11/17/2010 8:14:16 PM | Computer Name = Dusty-HP | Source = Google Update | ID = 20
Description =
Error - 11/22/2010 7:42:51 PM | Computer Name = Dusty-HP | Source = Application Error | ID = 1000
Description = Faulting application name: hpasset.exe, version: 3.0.0.3, time stamp:
0x4ab90f9f Faulting module name: hpasset.exe, version: 3.0.0.3, time stamp: 0x4ab90f9f
Exception
code: 0xc0000005 Fault offset: 0x0003f1c9 Faulting process id: 0x15e8 Faulting application
start time: 0x01cb8a9ee9382bd0 Faulting application path: C:\Program Files (x86)\Hewlett-Packard\HP
Health Check\HPAsset\hpasset.exe Faulting module path: C:\Program Files (x86)\Hewlett-Packard\HP
Health Check\HPAsset\hpasset.exe Report Id: 37aea897-f692-11df-8005-db214ad5056d
[ HP Wireless Assistant Events ]
Error - 10/9/2010 8:47:42 PM | Computer Name = Dusty-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 10/9/2010 8:47:55 PM | Computer Name = Dusty-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 10/9/2010 8:48:07 PM | Computer Name = Dusty-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 10/9/2010 8:48:20 PM | Computer Name = Dusty-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 10/9/2010 8:48:33 PM | Computer Name = Dusty-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 10/9/2010 8:48:46 PM | Computer Name = Dusty-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 10/9/2010 8:48:59 PM | Computer Name = Dusty-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 10/9/2010 8:49:12 PM | Computer Name = Dusty-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 10/9/2010 8:49:24 PM | Computer Name = Dusty-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 10/9/2010 8:49:37 PM | Computer Name = Dusty-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
[ System Events ]
Error - 12/4/2010 4:15:28 AM | Computer Name = Dusty-HP | Source = DCOM | ID = 10005
Description =
Error - 12/4/2010 4:15:29 AM | Computer Name = Dusty-HP | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 12/4/2010 4:15:29 AM | Computer Name = Dusty-HP | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 12/4/2010 4:15:29 AM | Computer Name = Dusty-HP | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 12/4/2010 4:15:29 AM | Computer Name = Dusty-HP | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 12/4/2010 4:15:29 AM | Computer Name = Dusty-HP | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 12/4/2010 4:15:29 AM | Computer Name = Dusty-HP | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068
Error - 12/4/2010 11:41:37 PM | Computer Name = Dusty-HP | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the szserver service.
Error - 12/5/2010 12:50:19 AM | Computer Name = Dusty-HP | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition
1.95.1100.0).
Error - 12/6/2010 12:10:20 AM | Computer Name = Dusty-HP | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x800706be: Windows Live Essentials 2011 (KB2434419).
< End of report >
Broni
Posts: 56,041 +517
We need to remove old Java version and its remnants...
Download JavaRa to your desktop and unzip it to its own folder
=========================================================================
Run OTL
=======================================================================
Last scans....
1. Download Security Check from HERE, and save it to your Desktop.
2. Download Temp File Cleaner (TFC)
3. Please run a free online scan with the ESET Online Scanner
Download JavaRa to your desktop and unzip it to its own folder
- Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
- Accept any prompts.
=========================================================================
Run OTL
- Under the Custom Scans/Fixes box at the bottom, paste in the following
Code::OTL IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - Reg Error: Key error. File not found [2010/12/06 22:40:10 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Roaming\AVG [2010/12/06 00:14:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec 2010/12/05 21:48:07 | 000,000,000 | ---D | C] -- C:\Users\Dusty\AppData\Roaming\AVG10 [2010/12/04 18:02:05 | 000,000,000 | ---D | C] -- C:\ProgramData\STOPzilla! [2010/12/04 03:48:12 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10 [2010/12/04 03:46:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG @Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:0B4227B4 @Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:DFC5A2B2 :Services :Reg [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring" =- "" = - :Files :Commands [purity] [emptytemp] [emptyflash] [Reboot] - Then click the Run Fix button at the top
- Let the program run unhindered, reboot the PC when it is done
- You will get a log that shows the results of the fix. Please post it.
=======================================================================
Last scans....
1. Download Security Check from HERE, and save it to your Desktop.
- Double-click SecurityCheck.exe
- Follow the onscreen instructions inside of the black box.
- A Notepad document should open automatically called checkup.txt; please post the contents of that document.
NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.
2. Download Temp File Cleaner (TFC)
- Double click on TFC.exe to run the program.
- Click on Start button to begin cleaning process.
- TFC will close all running programs, and it may ask you to restart computer.
3. Please run a free online scan with the ESET Online Scanner
- Disable your antivirus program
- Tick the box next to YES, I accept the Terms of Use
- Click Start
- IMPORTANT! UN-check Remove found threats
- Accept any security warnings from your browser.
- Check Scan archives
- Click Start
- ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
- When the scan completes, push List of found threats
- Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
- NOTE. If Eset won't find any threats, it won't produce any log.
Olt Run Fix Log
All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{472734EA-242A-422b-ADF8-83D1E48CC825} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{472734EA-242A-422b-ADF8-83D1E48CC825}\ not found.
C:\Users\Dusty\AppData\Roaming\AVG\Rescue\PC Tuneup 2011 folder moved successfully.
C:\Users\Dusty\AppData\Roaming\AVG\Rescue folder moved successfully.
C:\Users\Dusty\AppData\Roaming\AVG\PC Tuneup 2011\User Reports folder moved successfully.
C:\Users\Dusty\AppData\Roaming\AVG\PC Tuneup 2011 folder moved successfully.
C:\Users\Dusty\AppData\Roaming\AVG folder moved successfully.
C:\ProgramData\Symantec folder moved successfully.
C:\ProgramData\STOPzilla!\vdb folder moved successfully.
C:\ProgramData\STOPzilla!\Quarantine folder moved successfully.
C:\ProgramData\STOPzilla! folder moved successfully.
C:\ProgramData\AVG10\SetupBackup folder moved successfully.
C:\ProgramData\AVG10\lsdb\prev folder moved successfully.
C:\ProgramData\AVG10\lsdb folder moved successfully.
C:\ProgramData\AVG10\IDS\config\EN_US folder moved successfully.
C:\ProgramData\AVG10\IDS\config folder moved successfully.
C:\ProgramData\AVG10\IDS folder moved successfully.
C:\ProgramData\AVG10\Dumps folder moved successfully.
C:\ProgramData\AVG10\Chjw\ea8a05c38a058d6f folder moved successfully.
C:\ProgramData\AVG10\Chjw\b6e86640e865ff4d folder moved successfully.
C:\ProgramData\AVG10\Chjw\467214f47214eb07 folder moved successfully.
C:\ProgramData\AVG10\Chjw folder moved successfully.
C:\ProgramData\AVG10\admincli folder moved successfully.
C:\ProgramData\AVG10 folder moved successfully.
C:\Program Files (x86)\AVG\AVG10\PCTuneup folder moved successfully.
C:\Program Files (x86)\AVG\AVG10\Notification folder moved successfully.
C:\Program Files (x86)\AVG\AVG10\Icons folder moved successfully.
C:\Program Files (x86)\AVG\AVG10\Firefox\Components folder moved successfully.
C:\Program Files (x86)\AVG\AVG10\Firefox\Chrome folder moved successfully.
C:\Program Files (x86)\AVG\AVG10\Firefox folder moved successfully.
C:\Program Files (x86)\AVG\AVG10\Drivers\ErHr7x64 folder moved successfully.
C:\Program Files (x86)\AVG\AVG10\Drivers folder moved successfully.
C:\Program Files (x86)\AVG\AVG10\3rd_party\licenses folder moved successfully.
C:\Program Files (x86)\AVG\AVG10\3rd_party folder moved successfully.
C:\Program Files (x86)\AVG\AVG10 folder moved successfully.
C:\Program Files (x86)\AVG\AVG PC Tuneup 2011\Lang folder moved successfully.
C:\Program Files (x86)\AVG\AVG PC Tuneup 2011\Data folder moved successfully.
C:\Program Files (x86)\AVG\AVG PC Tuneup 2011 folder moved successfully.
C:\Program Files (x86)\AVG folder moved successfully.
ADS C:\ProgramData\Temp:0B4227B4 deleted successfully.
ADS C:\ProgramData\TempFC5A2B2 deleted successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\\DisableMonitoring deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\\ deleted successfully.
========== FILES ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Dusty
->Temp folder emptied: 137517 bytes
->Temporary Internet Files folder emptied: 65938 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 29200606 bytes
->Flash cache emptied: 1811 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 54624 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 32902 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 28.00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Dusty
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0.00 mb
OTL by OldTimer - Version 3.2.17.3 log created on 12082010_004720
Files\Folders moved on Reboot...
C:\Users\Dusty\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
Registry entries deleted on Reboot...
All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{472734EA-242A-422b-ADF8-83D1E48CC825} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{472734EA-242A-422b-ADF8-83D1E48CC825}\ not found.
C:\Users\Dusty\AppData\Roaming\AVG\Rescue\PC Tuneup 2011 folder moved successfully.
C:\Users\Dusty\AppData\Roaming\AVG\Rescue folder moved successfully.
C:\Users\Dusty\AppData\Roaming\AVG\PC Tuneup 2011\User Reports folder moved successfully.
C:\Users\Dusty\AppData\Roaming\AVG\PC Tuneup 2011 folder moved successfully.
C:\Users\Dusty\AppData\Roaming\AVG folder moved successfully.
C:\ProgramData\Symantec folder moved successfully.
C:\ProgramData\STOPzilla!\vdb folder moved successfully.
C:\ProgramData\STOPzilla!\Quarantine folder moved successfully.
C:\ProgramData\STOPzilla! folder moved successfully.
C:\ProgramData\AVG10\SetupBackup folder moved successfully.
C:\ProgramData\AVG10\lsdb\prev folder moved successfully.
C:\ProgramData\AVG10\lsdb folder moved successfully.
C:\ProgramData\AVG10\IDS\config\EN_US folder moved successfully.
C:\ProgramData\AVG10\IDS\config folder moved successfully.
C:\ProgramData\AVG10\IDS folder moved successfully.
C:\ProgramData\AVG10\Dumps folder moved successfully.
C:\ProgramData\AVG10\Chjw\ea8a05c38a058d6f folder moved successfully.
C:\ProgramData\AVG10\Chjw\b6e86640e865ff4d folder moved successfully.
C:\ProgramData\AVG10\Chjw\467214f47214eb07 folder moved successfully.
C:\ProgramData\AVG10\Chjw folder moved successfully.
C:\ProgramData\AVG10\admincli folder moved successfully.
C:\ProgramData\AVG10 folder moved successfully.
C:\Program Files (x86)\AVG\AVG10\PCTuneup folder moved successfully.
C:\Program Files (x86)\AVG\AVG10\Notification folder moved successfully.
C:\Program Files (x86)\AVG\AVG10\Icons folder moved successfully.
C:\Program Files (x86)\AVG\AVG10\Firefox\Components folder moved successfully.
C:\Program Files (x86)\AVG\AVG10\Firefox\Chrome folder moved successfully.
C:\Program Files (x86)\AVG\AVG10\Firefox folder moved successfully.
C:\Program Files (x86)\AVG\AVG10\Drivers\ErHr7x64 folder moved successfully.
C:\Program Files (x86)\AVG\AVG10\Drivers folder moved successfully.
C:\Program Files (x86)\AVG\AVG10\3rd_party\licenses folder moved successfully.
C:\Program Files (x86)\AVG\AVG10\3rd_party folder moved successfully.
C:\Program Files (x86)\AVG\AVG10 folder moved successfully.
C:\Program Files (x86)\AVG\AVG PC Tuneup 2011\Lang folder moved successfully.
C:\Program Files (x86)\AVG\AVG PC Tuneup 2011\Data folder moved successfully.
C:\Program Files (x86)\AVG\AVG PC Tuneup 2011 folder moved successfully.
C:\Program Files (x86)\AVG folder moved successfully.
ADS C:\ProgramData\Temp:0B4227B4 deleted successfully.
ADS C:\ProgramData\Temp
FC5A2B2 deleted successfully.========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\\DisableMonitoring deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\\ deleted successfully.
========== FILES ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Dusty
->Temp folder emptied: 137517 bytes
->Temporary Internet Files folder emptied: 65938 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 29200606 bytes
->Flash cache emptied: 1811 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 54624 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 32902 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 28.00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Dusty
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0.00 mb
OTL by OldTimer - Version 3.2.17.3 log created on 12082010_004720
Files\Folders moved on Reboot...
C:\Users\Dusty\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
Registry entries deleted on Reboot...
Checkup.txt
Results of screen317's Security Check version 0.99.5
Windows 7 (UAC is enabled)
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
AVG PC Tuneup 2011
Kaspersky Anti-Virus 2010
[size=1]WMI entry may not exist for antivirus; attempting automatic update.[/size]
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
AVG PC Tuneup 2011
Java(TM) 6 Update 22
Out of date Java installed!
Adobe Flash Player 10.1.102.64
Adobe Reader 9.4.1 MUI
Mozilla Firefox (3.6.12) Firefox Out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent
Kaspersky Lab Kaspersky Anti-Virus 2010 avp.exe
````````````````````````````````
DNS Vulnerability Check:
GREAT! (Not vulnerable to DNS cache poisoning)
``````````End of Log````````````
Results of screen317's Security Check version 0.99.5
Windows 7 (UAC is enabled)
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
AVG PC Tuneup 2011
Kaspersky Anti-Virus 2010
[size=1]WMI entry may not exist for antivirus; attempting automatic update.[/size]
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
AVG PC Tuneup 2011
Java(TM) 6 Update 22
Out of date Java installed!
Adobe Flash Player 10.1.102.64
Adobe Reader 9.4.1 MUI
Mozilla Firefox (3.6.12) Firefox Out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent
Kaspersky Lab Kaspersky Anti-Virus 2010 avp.exe
````````````````````````````````
DNS Vulnerability Check:
GREAT! (Not vulnerable to DNS cache poisoning)
``````````End of Log````````````
I notice that every time I go to enter my yahoo mail after i put in my password and user name I press enter.... it states.... if you are seeing this message your server settings are automatically preventing you from being directed to a new URL... please click Here to continue.... is this anything to worry about... its been doing that and still does after everything we've done.
Broni
Posts: 56,041 +517
Which browser is it?
=======================================================================
Your computer is clean
1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point, using following OTL script:
Run OTL
- Under the Custom Scans/Fixes box at the bottom, paste in the following:
Code:
:OTL
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[Reboot]- Then click the Run Fix button at the top
- Let the program run unhindered, reboot the PC when it is done
- Post resulting log.
2. Now, we'll remove all tools, we used during our cleaning process
Clean up with OTL:
- Double-click OTL.exe to start the program.
- Close all other programs apart from OTL as this step will require a reboot
- On the OTL main screen, press the CLEANUP button
- Say Yes to the prompt and then allow the program to reboot your computer.
If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.
3. Make sure, Windows Updates are current.
4. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!
5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.
6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.
7. Run Temporary File Cleaner (TFC) weekly.
8. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.
9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.
10. Run defrag at your convenience.
11. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
12. Please, let me know, how your computer is doing.
I have 3 browsers on my computer. when i use firefox and try to log into my email nothing goes wrong. When I use internet explorer and try to log into my yahoo email it continually says "A website wants you to use yahoo toolbar assistant to help open up the page... i keep saying don't allow over and over and it keeps wanting me to even after i log into my email.... when I use google chrome and try to log into yahoo mail after entering my password and username and press enter it says Your server settings are preventing you from Automatically being redirecting to a new URL
Click here to continue.... when I do nothing it goes straight to my mail .... I have never clicked the thing that says click here to continue.... should these issues be addressed before I do the final clean up you listed?
Click here to continue.... when I do nothing it goes straight to my mail .... I have never clicked the thing that says click here to continue.... should these issues be addressed before I do the final clean up you listed?
Broni
Posts: 56,041 +517
It looks like Chrome bug. Se here:
http://www.google.com/support/forum/p/Chrome/thread?tid=5170bc3239395d61&hl=en
As for IE, I simply don't know.
When you're done with my last steps, you can create new topic about the above at Windows forum.
The resetting of system restore points
All processes killed
========== OTL ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Dusty
->Temp folder emptied: 35328 bytes
->Temporary Internet Files folder emptied: 736108 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 43403798 bytes
->Google Chrome cache emptied: 29086392 bytes
->Flash cache emptied: 1982 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 53532 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 32902 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 70.00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Dusty
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0.00 mb
Restore point Set: OTL Restore Point
OTL by OldTimer - Version 3.2.17.3 log created on 12092010_124524
Files\Folders moved on Reboot...
C:\Users\Dusty\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
Registry entries deleted on Reboot...
All processes killed
========== OTL ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Dusty
->Temp folder emptied: 35328 bytes
->Temporary Internet Files folder emptied: 736108 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 43403798 bytes
->Google Chrome cache emptied: 29086392 bytes
->Flash cache emptied: 1982 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 53532 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 32902 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 70.00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Dusty
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0.00 mb
Restore point Set: OTL Restore Point
OTL by OldTimer - Version 3.2.17.3 log created on 12092010_124524
Files\Folders moved on Reboot...
C:\Users\Dusty\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
Registry entries deleted on Reboot...
I do have a concern.... each time I restart my computer I have a warning from Kaspersky saying Detected PMD key logger behavior then it says system protected.. and under the log I have 4 riskware threats listed as detected today, but under my report it doesn't show anything as detected today. Can you make anything of this?
Similar threads
