Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Please Analyze My Hjt Log


  • Please log in to reply
33 replies to this topic

#1 shortmantuff

shortmantuff

  • Members
  • 124 posts
  • OFFLINE
  •  
  • Local time:10:38 AM

Posted 31 August 2008 - 06:16 PM

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:25:57 PM, on 8/12/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Last.fm\LastFM.exe
C:\Users\Blane\Downloads\dss.exe
C:\Windows\system32\SearchFilterHost.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Blane.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.a...&tbid=66005
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/1me10enus/2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/1me10enus/2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/1me10enus/2
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll
F2 - REG:system.ini: UserInit=C:\Windows\system32\Userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: TransactionProtector BHO - {C1656CCA-D2EA-4A32-94AE-AE0B180E6449} - (no file)
O2 - BHO: TrendProtect - {E3578B37-6346-4EC1-A82B-38273A100DCF} - C:\Program Files\Trend Micro\TrendProtect\MSIE\wrs.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: (no name) - {E7620C98-FCCC-40E5-92EC-C7685D2E1E40} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Live Search Club Toolbar - {719D74AB-1AF9-43a1-8C62-D8750628D93E} - C:\Program Files\Live Search Club Toolbar\Toolbar.dll
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\ctbr.dll
O3 - Toolbar: TrendProtect - {F83BE649-1CC3-48EE-B2E2-0826CEF3822A} - C:\Program Files\Trend Micro\TrendProtect\MSIE\wrs.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [OE] "C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - (no file)
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/Facebo...toUploader5.cab
O16 - DPF: {B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD} (TSEasyInstallX Control) - http://www.trendsecure.com/easy_install/_a...asyInstallX.CAB
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\ctbr.dll
O18 - Protocol: trendprotect - {BC3A5F6F-12A0-4B14-A184-32939F413823} - C:\Program Files\Trend Micro\TrendProtect\MSIE\wrs.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: pinger - Unknown owner - C:\Toshiba\IVP\ISM\pinger.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\IVP\swupdate\swupdtmr.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 10308 bytes

BC AdBot (Login to Remove)

 


m

#2 shortmantuff

shortmantuff
  • Topic Starter

  • Members
  • 124 posts
  • OFFLINE
  •  
  • Local time:10:38 AM

Posted 12 September 2008 - 01:32 PM

It's been 12 days and no response. My computer is really acting up. Please analyze my HJT log.

#3 shortmantuff

shortmantuff
  • Topic Starter

  • Members
  • 124 posts
  • OFFLINE
  •  
  • Local time:10:38 AM

Posted 13 September 2008 - 12:32 AM

This is my new log...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:31:25 AM, on 9/13/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.a...&tbid=66005
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/1me10enus/2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/1me10enus/2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/1me10enus/2
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\Userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: TransactionProtector BHO - {C1656CCA-D2EA-4A32-94AE-AE0B180E6449} - (no file)
O2 - BHO: TrendProtect - {E3578B37-6346-4EC1-A82B-38273A100DCF} - C:\Program Files\Trend Micro\TrendProtect\MSIE\wrs.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: (no name) - {E7620C98-FCCC-40E5-92EC-C7685D2E1E40} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Live Search Club Toolbar - {719D74AB-1AF9-43a1-8C62-D8750628D93E} - C:\Program Files\Live Search Club Toolbar\Toolbar.dll
O3 - Toolbar: TrendProtect - {F83BE649-1CC3-48EE-B2E2-0826CEF3822A} - C:\Program Files\Trend Micro\TrendProtect\MSIE\wrs.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKCU\..\Run: [OE] "C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - (no file)
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/Facebo...toUploader5.cab
O16 - DPF: {B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD} (TSEasyInstallX Control) - http://www.trendsecure.com/easy_install/_a...asyInstallX.CAB
O18 - Protocol: trendprotect - {BC3A5F6F-12A0-4B14-A184-32939F413823} - C:\Program Files\Trend Micro\TrendProtect\MSIE\wrs.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: pinger - Unknown owner - C:\Toshiba\IVP\ISM\pinger.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\IVP\swupdate\swupdtmr.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 9468 bytes

#4 Yourhighness

Yourhighness

    The BSG Malware Fighter


  • Malware Response Team
  • 7,943 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Hamburg
  • Local time:03:38 PM

Posted 15 September 2008 - 11:35 PM

Hello shortmantuff and welcome to BleepingComputer!

Apollogies for the delay. The forum has been very busy lately. If you are still having problems please download OTViewIt to your desktop.
  • Close all windows and double click OTViewIt
  • Place a tick in the Scan all Users box
  • In the File Age drop down box select 90 days
  • Click Run Scan and let the program run uninterrupted
  • On completion it will produce two logs on the Desktop, post the OTViewIt.txt and Extras.txt logs in your next post.
Thanks,

Johannes

"How did I get infected?" - "Safe-hex" - Member of UNITE -
Posted Image


#5 shortmantuff

shortmantuff
  • Topic Starter

  • Members
  • 124 posts
  • OFFLINE
  •  
  • Local time:10:38 AM

Posted 16 September 2008 - 11:25 PM

Can I not just run a HJT scna, or must I download all of that?

#6 Yourhighness

Yourhighness

    The BSG Malware Fighter


  • Malware Response Team
  • 7,943 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Hamburg
  • Local time:03:38 PM

Posted 16 September 2008 - 11:31 PM

if you want me to help you, you have to download that one programme. chances are we need to download more programmes. it depends on how infected you are.

"How did I get infected?" - "Safe-hex" - Member of UNITE -
Posted Image


#7 shortmantuff

shortmantuff
  • Topic Starter

  • Members
  • 124 posts
  • OFFLINE
  •  
  • Local time:10:38 AM

Posted 17 September 2008 - 01:17 PM

OTViewIt logfile created on: 9/17/2008 2:10:00 PM - Run 2
OTViewIt by OldTimer - Version 1.0.5.0 Folder = C:\Users\Blane\Desktop
Windows Vista Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18241)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 1.16 Gb Available Physical Memory | 62.13% Memory free
3.98 Gb Paging File | 3.20 Gb Available in Paging File | 80.28% Paging File free
Paging file location(s): ?:\pagefile.sys;

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 231.42 Gb Total Space | 138.78 Gb Free Space | 59.97% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BLANE-PC
Current User Name: Blane
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
Files within: 90 Days

========== Processes - Non-Microsoft Only ==========

[01/25/2007 20:47:50 | 00,136,816 | ---- | M] () -- C:\Toshiba\IVP\ISM\pinger.exe
[12/25/2007 12:23:09 | 00,066,872 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe
[12/25/2007 12:23:19 | 00,103,736 | ---- | M] () -- C:\Windows\System32\PnkBstrB.exe
[07/29/2008 14:24:36 | 00,698,888 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
[01/25/2007 20:50:26 | 00,063,096 | ---- | M] () -- c:\Toshiba\IVP\swupdate\swupdtmr.exe
[07/29/2008 14:24:38 | 01,398,024 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
[06/20/2008 07:37:00 | 01,316,136 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
[06/20/2008 07:14:00 | 00,200,704 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynToshiba.exe
[06/20/2008 07:37:00 | 00,103,720 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
[07/19/2008 01:10:40 | 00,053,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuauclt.exe
[09/17/2008 14:08:12 | 00,424,448 | ---- | M] (OldTimer Tools) -- C:\Users\Blane\Desktop\OTViewIt.exe

========== (O23) Win32 Services - Non-Microsoft Only ==========

File not found -- %SystemRoot%\system32\svchost.exe -- (CertPropSvc [Unknown | Stopped])
File not found -- %SystemRoot%\system32\svchost.exe -- (DcomLaunch [Unknown | Running])
File not found -- %systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
[09/11/2008 17:42:36 | ---D | M] -- C:\Windows\System32\Msdtc -- (MSDTC [Unknown | Stopped])
[01/25/2007 20:47:50 | 00,136,816 | ---- | M] () -- C:\Toshiba\IVP\ISM\pinger.exe -- (pinger [Auto | Running])
[12/25/2007 12:23:09 | 00,066,872 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe -- (PnkBstrA [Auto | Running])
[12/25/2007 12:23:19 | 00,103,736 | ---- | M] () -- C:\Windows\System32\PnkBstrB.exe -- (PnkBstrB [Auto | Running])
File not found -- %systemroot%\system32\svchost.exe -- (Schedule [Unknown | Running])
File not found -- %SystemRoot%\system32\svchost.exe -- (SCPolicySvc [Unknown | Stopped])
[07/29/2008 14:24:36 | 00,698,888 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe -- (SfCtlCom [Auto | Running])
[01/25/2007 20:50:26 | 00,063,096 | ---- | M] () -- c:\Toshiba\IVP\swupdate\swupdtmr.exe -- (Swupdtmr [Auto | Running])
File not found -- %SystemRoot%\servicing\TrustedInstaller.exe -- (TrustedInstaller [Unknown | Running])
File not found -- %SystemRoot%\System32\svchost.exe -- (WdiServiceHost [Unknown | Stopped])
File not found -- %SystemRoot%\System32\svchost.exe -- (WdiSystemHost [Unknown | Running])

========== Driver Services - Non-Microsoft Only ==========

File not found -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive [Disabled | Stopped])
File not found -- -- (CLFS [Unknown | Running])
[08/01/2008 21:01:23 | 00,625,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl [On_Demand | Running])
File not found -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp [On_Demand | Stopped])
File not found -- C:\Windows\system32\DRIVERS\ntcdrdrv.sys -- (ntcdrdrv [Boot | Stopped])
File not found -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt [On_Demand | Stopped])
File not found -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd [On_Demand | Stopped])
[07/22/2008 07:42:34 | 00,123,904 | ---- | M] (Realtek Corporation ) -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169 [On_Demand | Running])
[06/20/2008 07:37:00 | 00,200,112 | ---- | M] (Synaptics, Inc.) -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP [On_Demand | Running])
File not found -- C:\Windows\System32\drivers\tbhsd.sys -- (tbhsd [On_Demand | Stopped])
[07/18/2008 19:08:32 | 00,036,368 | ---- | M] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmpreflt.sys -- (tmpreflt [Auto | Running])
[07/18/2008 19:08:38 | 00,205,328 | ---- | M] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmxpflt.sys -- (tmxpflt [Auto | Running])
File not found -- C:\Windows\System32\DRIVERS\TpChoice.sys -- (TpChoice [On_Demand | Stopped])
[07/18/2008 18:51:32 | 01,195,448 | ---- | M] (Trend Micro Inc.) -- C:\Windows\System32\drivers\vsapint.sys -- (vsapint [Auto | Running])


========== (R ) Internet Explorer ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://g.msn.com/1me10enus/2
"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
"Default_Secondary_Page_URL"=
"Extensions Off Page"=about:NoAdd-ons
"Local Page"=C:\Windows\System32\blank.htm
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Secondary Start Pages"=
"Security Risk Page"=about:SecurityRisk
"Start Page"=http://g.msn.com/1me10enus/2

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://g.msn.com/1me10enus/2
"Local Page"=C:\Windows\system32\blank.htm
"Search Page"=http://www.google.com
"SearchDefaultBranded"=
"Start Page"=http://g.msn.com/1me10enus/2
"StartPageCache"=

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL]
""=http://www.google.com/keyword/%s

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
"ProxyOverride" = *.local

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
"ProxyOverride" = *.local

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
"ProxyOverride" = *.local

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation)

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3710417837-1379984046-1947269662-1000\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://g.msn.com/1me10enus/2
"Local Page"=C:\Windows\system32\blank.htm
"Search Page"=http://www.google.com
"SearchDefaultBranded"=
"Start Page"=http://g.msn.com/1me10enus/2
"StartPageCache"=

[HKEY_USERS\S-1-5-21-3710417837-1379984046-1947269662-1000\Software\Microsoft\Internet Explorer\SearchURL]
""=http://www.google.com/keyword/%s

[HKEY_USERS\S-1-5-21-3710417837-1379984046-1947269662-1000\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3710417837-1379984046-1947269662-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
"ProxyOverride" = *.local

========== (O1) Hosts File ==========

HOSTS File = (761 bytes) - C:\Windows\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost
::1 localhost

========== (O2) BHO's ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{68F9551E-0411-48E4-9AAF-4BC42A6A46BE} (HKLM) -- C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()
{7E853D72-626A-48EC-A868-BA8D5E23E045} (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
{C1656CCA-D2EA-4A32-94AE-AE0B180E6449} (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

========== (O3) Toolbars ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{0BF43445-2F28-4351-9252-17FE6E806AA0}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{327C2873-E90D-4c37-AA9D-10AC9BABA46C}" (HKLM) -- C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{719D74AB-1AF9-43a1-8C62-D8750628D93E}" (HKLM) -- C:\Program Files\Live Search Club Toolbar\Toolbar.dll ()

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{E7620C98-FCCC-40E5-92EC-C7685D2E1E40}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{4B3803EA-5230-4DC3-A7FC-33638F3D3542}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-3710417837-1379984046-1947269662-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{4B3803EA-5230-4DC3-A7FC-33638F3D3542}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

========== (O4) Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
"UfSeAgnt.exe"="C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe" (Trend Micro Inc.)

========== (O6 & O7) Current Version Policies ==========


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"ConsentPromptBehaviorAdmin"=2
"ConsentPromptBehaviorUser"=1
"EnableInstallerDetection"=1
"EnableLUA"=1
"EnableSecureUIAPaths"=1
"EnableVirtualization"=1
"PromptOnSecureDesktop"=1
"ValidateAdminCodeSignatures"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"scforceoption"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"FilterAdministratorToken"=0
"EnableUIADesktopToggle"=0



"CF_TEXT"=1
"CF_BITMAP"=2
"CF_OEMTEXT"=7
"CF_DIB"=8
"CF_PALETTE"=9
"CF_UNICODETEXT"=13
"CF_DIBV5"=17





========== (O8) IE Context Menu Extensions ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]
E&xport to Microsoft Excel: C:\Program Files\Microsoft Office\Office12\EXCEL.EXE [07/03/2008 16:08:56 | 17,929,752 | ---- | M] (Microsoft Corporation)
Easy-WebPrint Add To Print List: C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [04/18/2006 19:05:46 | 00,552,960 | ---- | M] ()
Easy-WebPrint High Speed Print: C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [04/18/2006 19:05:46 | 00,552,960 | ---- | M] ()
Easy-WebPrint Preview: C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [04/18/2006 19:05:46 | 00,552,960 | ---- | M] ()
Easy-WebPrint Print: C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [04/18/2006 19:05:46 | 00,552,960 | ---- | M] ()

========== (O9) IE Extensions ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\]
{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45}: AIM -- File not found

========== (O12) Internet Explorer Plugins ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.microsoft.com/controls/find...=%s&mime=%s
PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

========== (O13) Default Prefixes ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

========== (O15) Trusted Sites ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
microsoft.com\www.update: https in Computer
1 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_USERS\S-1-5-21-3710417837-1379984046-1947269662-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
microsoft.com\www.update: https in Computer
1 domain(s) and sub-domain(s) not assigned to a zone.

========== (O16) DPF ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{0CCA191D-13A6-4E29-B746-314DEE697D83}: http://upload.facebook.com/controls/Facebo...toUploader5.cab -- Facebook Photo Uploader 5
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_07
{B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD}: http://www.trendsecure.com/easy_install/_a...asyInstallX.CAB -- TSEasyInstallX Control
{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_06
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_07
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_07

========== (O17) DNS Name Servers ==========

{A4A1F10A-4221-42B4-917B-1D53A08A2BBB} (Servers: | Description: Atheros AR5007EG Wireless Network Adapter)
{AF340AEF-21E4-4D7E-8F5A-179591069F18} (Servers: | Description: Realtek RTL8101E Family PCI-E Fast Ethernet NIC (NDIS 6.0))

========== (O21) SSODL Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED} (HKLM) -- C:\Windows\System32\webcheck.dll (Microsoft Corporation)

========== HKLM *SecurityProviders* ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
>File not found --
>File not found --
>File not found --

========== Safeboot Options ==========

"AlternateShell"=cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

autoexec.bat [REM Dummy file for NTVDM | ]
[09/18/2006 17:43:36 | 00,000,024 | ---- | M] () -- C:\autoexec.bat -- [ NTFS ]


========== MountPoints2 ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{270afc2d-b2fe-11dc-ae41-001b38154a9c}\Shell\AutoRun\command]
""=E:\InstallTomTomHOME.exe -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4ec4adbe-865c-11dc-9a14-001b38154a9c}\Shell]
""=AutoRun


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4ec4adbe-865c-11dc-9a14-001b38154a9c}\Shell\AutoRun\command]
""=F:\LaunchU3.exe -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6f4b11b0-5f0b-11dc-bbb9-001b38154a9c}\Shell]
""=AutoRun


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6f4b11b0-5f0b-11dc-bbb9-001b38154a9c}\Shell\AutoRun\command]
""=E:\LaunchU3.exe -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a78fa3d4-9075-11dc-a305-001b38154a9c}\Shell]
""=AutoRun


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a78fa3d4-9075-11dc-a305-001b38154a9c}\Shell\AutoRun\command]
""=F:\LaunchU3.exe -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\Shell]
""=AutoRun


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\Shell\AutoRun\command]
""=E:\LaunchU3.exe -- File not found



========== Files/Folders - Created Within 90 days ==========

[1 C:\Windows\*.tmp files]
[06/20/2008 07:06:00 | 00,163,840 | ---- | C] (Synaptics, Inc.) -- C:\Windows\System32\SynCOM.dll
[06/20/2008 07:07:00 | 00,200,704 | ---- | C] (Synaptics, Inc.) -- C:\Windows\System32\SynCtrl.dll
[06/20/2008 07:18:00 | 00,147,456 | ---- | C] (Synaptics, Inc.) -- C:\Windows\System32\SynTPAPI.dll
[06/20/2008 07:37:00 | 00,200,112 | ---- | C] (Synaptics, Inc.) -- C:\Windows\System32\drivers\SynTP.sys
[06/23/2008 21:29:39 | 00,090,668 | ---- | C] () -- C:\Windows\System32\vobis32.dll
[07/09/2008 00:00:10 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[07/09/2008 00:00:10 | 00,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrrun.dll
[07/09/2008 00:00:10 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll
[07/09/2008 00:00:11 | 00,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshext.dll
[07/09/2008 00:00:11 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshom.ocx
[07/09/2008 00:00:11 | 00,155,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscript.exe
[07/09/2008 00:00:11 | 00,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[07/09/2008 00:00:14 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pacerprf.dll
[07/09/2008 00:00:14 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pacer.sys
[07/09/2008 00:00:14 | 00,891,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpip.sys
[07/09/2008 00:00:15 | 03,549,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[07/09/2008 00:00:15 | 03,600,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[07/09/2008 00:00:16 | 00,784,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll
[07/09/2008 00:00:26 | 11,580,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll
[07/11/2008 23:18:34 | 00,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[07/11/2008 23:19:05 | 02,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[07/11/2008 23:19:14 | 12,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[07/16/2008 13:34:46 | 00,427,864 | ---- | C] (Xceed Software Inc (450) 442-2626 support@xceedsoft.com www.xceedsoft.com) -- C:\Windows\System32\XceedZip.dll
[07/16/2008 13:34:46 | 00,662,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCT2.OCX
[07/16/2008 13:34:46 | 01,686,016 | ---- | C] (Clever Components) -- C:\Windows\System32\clinetsuitex6.ocx
[07/21/2008 05:08:40 | 00,009,728 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\Windows\System32\RtNicProp32.dll
[07/22/2008 07:42:34 | 00,123,904 | ---- | C] (Realtek Corporation ) -- C:\Windows\System32\drivers\Rtlh86.sys
[07/22/2008 10:55:43 | 00,001,885 | ---- | C] () -- C:\Users\Blane\Desktop\HijackThis.lnk
[08/08/2008 14:41:05 | 00,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[08/08/2008 14:41:05 | 00,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[08/08/2008 14:41:05 | 00,670,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[08/08/2008 14:41:05 | 01,418,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[08/08/2008 14:41:06 | 00,184,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SearchProtocolHost.exe
[08/08/2008 14:41:06 | 00,439,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe
[08/08/2008 14:41:06 | 01,582,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[08/08/2008 14:41:07 | 01,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll
[08/08/2008 14:41:07 | 06,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll
[08/08/2008 14:41:08 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll
[08/08/2008 14:41:08 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[08/08/2008 14:41:08 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll
[08/08/2008 14:41:08 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[08/08/2008 14:41:08 | 00,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll
[08/08/2008 14:41:08 | 00,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll
[08/08/2008 14:41:09 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll
[08/08/2008 14:41:09 | 11,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[08/08/2008 14:41:11 | 00,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
[08/08/2008 14:41:11 | 00,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[08/08/2008 14:41:11 | 00,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll
[08/08/2008 14:41:11 | 00,754,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll
[08/08/2008 14:41:12 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
[08/08/2008 14:41:12 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
[08/08/2008 14:41:12 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll
[08/08/2008 14:41:12 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll
[08/08/2008 14:41:12 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SearchFilterHost.exe
[08/08/2008 14:41:12 | 00,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[08/08/2008 14:41:14 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll
[08/08/2008 14:41:16 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
[08/08/2008 14:41:16 | 00,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[08/08/2008 14:41:16 | 00,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[08/14/2008 16:50:42 | 00,738,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcomm.dll
[08/14/2008 16:51:03 | 00,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\es.dll
[08/14/2008 16:51:06 | 00,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IPSECSVC.DLL
[08/14/2008 17:28:22 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[08/19/2008 20:46:34 | 00,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
[08/30/2008 13:03:28 | 00,001,807 | ---- | C] () -- C:\Users\Public\Desktop\AIM 6.lnk
[09/04/2008 14:11:49 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[09/04/2008 14:11:49 | 00,163,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[09/04/2008 14:12:17 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[09/04/2008 14:12:17 | 00,563,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[09/04/2008 14:12:18 | 00,036,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[09/04/2008 14:13:48 | 01,811,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuaueng.dll
[09/04/2008 14:13:49 | 00,045,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[09/04/2008 14:13:49 | 00,053,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuauclt.exe
[09/04/2008 14:13:49 | 01,524,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[09/04/2008 18:49:32 | 00,000,825 | ---- | C] () -- C:\Users\Public\Desktop\WinRAR.lnk
[09/09/2008 18:16:03 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[09/09/2008 18:16:03 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
[09/09/2008 18:16:03 | 00,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\nwifi.sys
[09/09/2008 18:16:03 | 00,211,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys
[09/09/2008 18:16:03 | 00,565,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\emdmgmt.dll
[09/09/2008 18:16:03 | 00,625,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgkrnl.sys
[09/09/2008 18:16:08 | 00,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[09/09/2008 18:19:37 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[09/09/2008 18:19:37 | 04,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[09/12/2008 14:22:25 | 00,001,986 | ---- | C] () -- C:\Users\Public\Desktop\Kodak EasyShare.lnk
[09/12/2008 14:56:02 | 00,002,231 | ---- | C] () -- C:\Users\Blane\Desktop\iTunes.lnk
[09/14/2008 01:10:27 | 05,699,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[09/14/2008 01:10:27 | 11,985,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
[09/14/2008 01:10:28 | 01,415,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[09/14/2008 01:10:29 | 00,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[09/14/2008 01:10:29 | 00,878,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[09/14/2008 01:10:29 | 01,206,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
[09/14/2008 01:10:30 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshta.exe
[09/14/2008 01:10:30 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardie.dll
[09/14/2008 01:10:30 | 00,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[09/14/2008 01:10:30 | 00,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[09/14/2008 01:10:30 | 03,670,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[09/14/2008 01:10:31 | 00,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[09/14/2008 01:10:31 | 01,778,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
[09/14/2008 01:10:32 | 00,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[09/14/2008 01:10:33 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[09/14/2008 01:10:33 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[09/14/2008 01:10:33 | 00,103,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[09/14/2008 01:10:33 | 00,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe
[09/14/2008 01:10:33 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[09/14/2008 01:10:33 | 00,110,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe
[09/14/2008 01:10:33 | 00,129,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[09/14/2008 01:10:33 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[09/14/2008 01:10:33 | 00,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[09/14/2008 01:10:33 | 00,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[09/14/2008 01:10:34 | 00,056,413 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[09/14/2008 01:10:34 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\occache.dll
[09/14/2008 01:10:34 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[09/14/2008 01:10:34 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[09/14/2008 01:10:34 | 00,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[09/14/2008 01:10:34 | 00,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webcheck.dll
[09/14/2008 01:10:34 | 00,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[09/14/2008 01:10:34 | 00,630,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[09/14/2008 01:10:35 | 00,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[09/14/2008 01:10:36 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[09/14/2008 01:10:36 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[09/14/2008 01:10:36 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[09/14/2008 01:10:36 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[09/14/2008 01:10:36 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[09/14/2008 01:10:36 | 00,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[09/14/2008 01:10:36 | 00,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[09/14/2008 01:10:37 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[09/14/2008 01:10:37 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[09/14/2008 01:10:37 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[09/14/2008 01:10:37 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[09/14/2008 01:10:37 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PrivacIE.dll
[09/14/2008 01:10:37 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[09/14/2008 01:10:37 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdc.ocx
[09/14/2008 01:10:37 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[09/14/2008 01:10:37 | 00,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\advpack.dll
[09/14/2008 01:10:37 | 00,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[09/14/2008 01:10:37 | 00,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[09/14/2008 01:10:38 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmled.dll
[09/14/2008 01:10:38 | 01,659,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[09/17/2008 14:08:02 | 00,424,448 | ---- | C] (OldTimer Tools) -- C:\Users\Blane\Desktop\OTViewIt.exe

========== Files - Modified Within 90 days ==========

[1 C:\Windows\*.tmp files]
[06/20/2008 07:06:00 | 00,163,840 | ---- | M] (Synaptics, Inc.) -- C:\Windows\System32\SynCOM.dll
[06/20/2008 07:07:00 | 00,200,704 | ---- | M] (Synaptics, Inc.) -- C:\Windows\System32\SynCtrl.dll
[06/20/2008 07:18:00 | 00,147,456 | ---- | M] (Synaptics, Inc.) -- C:\Windows\System32\SynTPAPI.dll
[06/20/2008 07:36:00 | 00,110,592 | ---- | M] (Synaptics, Inc.) -- C:\Windows\System32\SynTPCo4.dll
[06/20/2008 07:37:00 | 00,200,112 | ---- | M] (Synaptics, Inc.) -- C:\Windows\System32\drivers\SynTP.sys
[06/22/2008 12:39:12 | 00,000,761 | ---- | M] () -- C:\Windows\System32\drivers\etc\tmvsthfss.bin
[06/22/2008 12:39:12 | 00,000,761 | ---- | M] () -- C:\Windows\System32\drivers\etc\tmvsthfud.bin
[06/25/2008 21:45:43 | 12,240,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[06/25/2008 21:45:55 | 02,644,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[06/25/2008 23:29:02 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
[06/25/2008 23:29:02 | 00,565,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\emdmgmt.dll
[06/25/2008 23:29:06 | 00,801,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[06/25/2008 23:29:09 | 00,303,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[07/15/2008 21:32:44 | 00,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[07/18/2008 18:51:32 | 01,195,448 | ---- | M] (Trend Micro Inc.) -- C:\Windows\System32\drivers\vsapint.sys
[07/18/2008 19:08:32 | 00,036,368 | ---- | M] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmpreflt.sys
[07/18/2008 19:08:38 | 00,205,328 | ---- | M] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmxpflt.sys
[07/18/2008 20:44:32 | 00,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[07/18/2008 22:08:18 | 00,163,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[07/18/2008 23:44:12 | 00,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[07/18/2008 23:44:52 | 01,524,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[07/19/2008 01:09:40 | 01,811,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuaueng.dll
[07/19/2008 01:09:42 | 00,563,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[07/19/2008 01:10:18 | 00,036,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[07/19/2008 01:10:39 | 00,045,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[07/19/2008 01:10:40 | 00,053,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuauclt.exe
[07/21/2008 05:08:40 | 00,009,728 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\Windows\System32\RtNicProp32.dll
[07/22/2008 07:42:34 | 00,123,904 | ---- | M] (Realtek Corporation ) -- C:\Windows\System32\drivers\Rtlh86.sys
[07/22/2008 10:55:43 | 00,001,885 | ---- | M] () -- C:\Users\Blane\Desktop\HijackThis.lnk
[07/30/2008 01:58:07 | 03,670,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[07/30/2008 21:13:15 | 04,240,384 | ---- | M] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[07/30/2008 23:32:38 | 00,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[08/01/2008 21:01:23 | 00,625,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgkrnl.sys
[08/01/2008 23:26:00 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[08/19/2008 20:46:34 | 00,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
[08/22/2008 05:42:21 | 00,443,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[08/22/2008 05:49:54 | 00,056,413 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[08/22/2008 05:57:54 | 00,156,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[08/22/2008 05:58:10 | 00,181,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[08/22/2008 06:04:49 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tdc.ocx
[08/22/2008 06:04:53 | 00,045,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshta.exe
[08/22/2008 06:04:56 | 01,659,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[08/22/2008 06:04:58 | 00,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PrivacIE.dll
[08/22/2008 06:04:59 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[08/22/2008 06:05:06 | 00,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmled.dll
[08/22/2008 06:05:09 | 00,217,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[08/22/2008 06:05:12 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[08/22/2008 06:05:13 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[08/22/2008 06:05:14 | 00,346,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[08/22/2008 06:05:19 | 00,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icardie.dll
[08/22/2008 06:05:20 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[08/22/2008 06:05:21 | 00,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[08/22/2008 06:05:22 | 00,186,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[08/22/2008 06:05:33 | 00,630,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[08/22/2008 06:05:47 | 00,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[08/22/2008 06:05:57 | 00,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[08/22/2008 06:06:01 | 01,778,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
[08/22/2008 06:06:04 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[08/22/2008 06:06:14 | 00,128,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advpack.dll
[08/22/2008 06:06:15 | 00,094,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[08/22/2008 06:06:19 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[08/22/2008 06:06:22 | 00,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[08/22/2008 06:06:23 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[08/22/2008 06:06:23 | 00,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[08/22/2008 06:06:28 | 00,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[08/22/2008 06:06:28 | 00,552,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[08/22/2008 06:06:34 | 00,124,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[08/22/2008 06:06:39 | 00,228,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[08/22/2008 06:06:43 | 00,385,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[08/22/2008 06:06:49 | 00,129,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[08/22/2008 06:06:50 | 00,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[08/22/2008 06:06:51 | 00,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe
[08/22/2008 06:06:52 | 00,110,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe
[08/22/2008 06:06:57 | 00,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[08/22/2008 06:07:06 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[08/22/2008 06:07:48 | 00,116,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\occache.dll
[08/22/2008 06:07:49 | 00,193,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[08/22/2008 06:07:57 | 00,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[08/22/2008 06:07:59 | 00,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[08/22/2008 06:08:05 | 00,878,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[08/22/2008 06:08:06 | 00,236,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\webcheck.dll
[08/22/2008 06:08:20 | 00,208,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[08/22/2008 06:08:20 | 01,206,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
[08/22/2008 06:08:32 | 01,415,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[08/22/2008 06:08:41 | 00,385,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[08/22/2008 06:09:30 | 05,699,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[08/22/2008 06:10:33 | 11,985,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
[08/23/2008 15:49:20 | 00,798,720 | R--- | M] () -- C:\Users\Public\Documents\ESBK.mbb
[08/26/2008 16:28:12 | 16,208,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mrt.exe
[08/28/2008 23:17:20 | 00,001,356 | ---- | M] () -- C:\Users\Blane\AppData\Local\d3d9caps.dat
[08/30/2008 13:03:28 | 00,001,807 | ---- | M] () -- C:\Users\Public\Desktop\AIM 6.lnk
[08/30/2008 13:03:47 | 00,002,485 | -H-- | M] () -- C:\IPH.PH
[09/04/2008 18:49:32 | 00,000,825 | ---- | M] () -- C:\Users\Public\Desktop\WinRAR.lnk
[09/09/2008 18:43:09 | 00,102,194 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[09/09/2008 18:43:09 | 00,598,588 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[09/09/2008 18:43:09 | 00,694,964 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[09/10/2008 20:13:40 | 00,001,735 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[09/12/2008 14:22:25 | 00,001,986 | ---- | M] () -- C:\Users\Public\Desktop\Kodak EasyShare.lnk
[09/12/2008 14:36:06 | 00,431,104 | R--- | M] () -- C:\Users\Public\Documents\ESBK.mb
[09/14/2008 17:45:12 | 00,002,231 | ---- | M] () -- C:\Users\Blane\Desktop\iTunes.lnk
[09/14/2008 23:12:01 | 02,998,385 | -H-- | M] () -- C:\Users\Blane\AppData\Local\IconCache.db
[09/17/2008 00:00:19 | 00,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{5FB3E98B-E53E-4B97-9B05-F3D3A13707A8}.job
[09/17/2008 00:04:15 | 00,002,838 | ---- | M] () -- C:\Windows\machine.ver
[09/17/2008 00:05:29 | 00,000,067 | ---- | M] () -- C:\Windows\swupdate.INI
[09/17/2008 13:30:50 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[09/17/2008 13:30:58 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[09/17/2008 13:31:04 | 00,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[09/17/2008 13:31:04 | 00,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[09/17/2008 14:08:12 | 00,424,448 | ---- | M] (OldTimer Tools) -- C:\Users\Blane\Desktop\OTViewIt.exe
[09/17/2008 14:11:05 | 00,000,254 | ---- | M] () -- C:\Windows\tasks\Check Updates for Windows Live Toolbar.job

< End of report >

OTViewIt Extras logfile created on: 9/17/2008 2:10:00 PM - Run Blane
OTViewIt by OldTimer - Version 1.0.5.0 Folder = C:\Users\Blane\Desktop
Windows Vista Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18241)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 1.16 Gb Available Physical Memory | 62.13% Memory free
3.98 Gb Paging File | 3.20 Gb Available in Paging File | 80.28% Paging File free
Paging file location(s): ?:\pagefile.sys;

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 231.42 Gb Total Space | 138.78 Gb Free Space | 59.97% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BLANE-PC
Current User Name: Blane
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
Files within: 90 Days

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.dll (Microsoft Corporation)
========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval"=1
"AutoUpdateDisableNotify"=1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride"=0
"AntiSpywareOverride"=0
"FirewallOverride"=0
"VistaSp1"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3710417837-1379984046-1947269662-1000]
"EnableNotifications"=0
"EnableNotificationsRef"=1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[01/25/2007 20:47:50 | 00,136,816 | ---- | M] () -- C:\TOSHIBA\Ivp\ISM\pinger.exe:*:Enabled:Toshiba Software Upgrades Pinger

========== (O10) Winsock2 Catalogs ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]
NameSpace_Catalog5\Catalog_Entries\000000000007 [mdnsNSP] -- C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

========== HKEY_LOCAL_MACHINE Protocol Defaults ==========


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults - Default Protocols
ldap -- 4 = Restricted sites (Not a Default Protocol)
news -- 4 = Restricted sites (Not a Default Protocol)
nntp -- 4 = Restricted sites (Not a Default Protocol)
oecmd -- 4 = Restricted sites (Not a Default Protocol)
snews -- 4 = Restricted sites (Not a Default Protocol)

========== HKEY_USERS Protocol Defaults ==========


[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults] - Default Protocols
@ivt -- @ivt protocol not assigned
file -- file protocol not assigned
ftp -- ftp protocol not assigned
http -- http protocol not assigned
https -- https protocol not assigned
shell -- shell protocol not assigned

========== HKEY_USERS Protocol Defaults ==========


[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults] - Default Protocols
@ivt -- @ivt protocol not assigned
file -- file protocol not assigned
ftp -- ftp protocol not assigned
http -- http protocol not assigned
https -- https protocol not assigned
shell -- shell protocol not assigned

========== (O18) Protocol Handlers ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[08/22/2008 06:09:30 | 05,699,584 | ---- | M] (Microsoft Corporation) C:\Windows\System32\mshtml.dll (about:{3050F406-98B5-11CF-BB82-00AA00BDCE0B} (HKLM) [Microsoft HTML About Pluggable Protocol])
[08/22/2008 06:08:20 | 01,206,784 | ---- | M] (Microsoft Corporation) C:\Windows\System32\urlmon.dll (cdl:{3dd53d40-7b8b-11D0-b013-00aa0059ce02} (HKLM) [CDL: Asychronous Pluggable Protocol Handler])
[08/22/2008 06:08:20 | 01,206,784 | ---- | M] (Microsoft Corporation) C:\Windows\System32\urlmon.dll (file:{79eac9e7-baf9-11ce-8c82-00aa004ba90b} (HKLM) [file:, local: Asychronous Pluggable Protocol Handler])
[08/22/2008 06:08:20 | 01,206,784 | ---- | M] (Microsoft Corporation) C:\Windows\System32\urlmon.dll (ftp:{79eac9e3-baf9-11ce-8c82-00aa004ba90b} (HKLM) [ftp: Asychronous Pluggable Protocol Handler])
[08/22/2008 06:08:20 | 01,206,784 | ---- | M] (Microsoft Corporation) C:\Windows\System32\urlmon.dll (http:{79eac9e2-baf9-11ce-8c82-00aa004ba90b} (HKLM) [http: Asychronous Pluggable Protocol Handler])
[08/22/2008 06:08:20 | 01,206,784 | ---- | M] (Microsoft Corporation) C:\Windows\System32\urlmon.dll (https:{79eac9e5-baf9-11ce-8c82-00aa004ba90b} (HKLM) [https: Asychronous Pluggable Protocol Handler])
[08/22/2008 06:09:30 | 05,699,584 | ---- | M] (Microsoft Corporation) C:\Windows\System32\mshtml.dll (java script:{3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} (HKLM) [Microsoft HTML Javascript Pluggable Protocol])
[08/22/2008 06:08:20 | 01,206,784 | ---- | M] (Microsoft Corporation) C:\Windows\System32\urlmon.dll (local:{79eac9e7-baf9-11ce-8c82-00aa004ba90b} (HKLM) [file:, local: Asychronous Pluggable Protocol Handler])
[08/22/2008 06:09:30 | 05,699,584 | ---- | M] (Microsoft Corporation) C:\Windows\System32\mshtml.dll (mailto:{3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} (HKLM) [Microsoft HTML Mailto Pluggable Protocol])
[08/22/2008 06:08:20 | 01,206,784 | ---- | M] (Microsoft Corporation) C:\Windows\System32\urlmon.dll (mk:{79eac9e6-baf9-11ce-8c82-00aa004ba90b} (HKLM) [mk: Asychronous Pluggable Protocol Handler])
[08/22/2008 06:09:30 | 05,699,584 | ---- | M] (Microsoft Corporation) C:\Windows\System32\mshtml.dll (res:{3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} (HKLM) [Microsoft HTML Resource Pluggable Protocol])
[08/22/2008 06:09:30 | 05,699,584 | ---- | M] (Microsoft Corporation) C:\Windows\System32\mshtml.dll (vbscript:{3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} (HKLM) [Microsoft HTML Javascript Pluggable Protocol])

========== (O18) Protocol Filters ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\] - Protocol Filters
[08/22/2008 06:08:20 | 01,206,784 | ---- | M] (Microsoft Corporation) C:\Windows\System32\urlmon.dll deflate:{8f6b0360-b80d-11d0-a9b3-006097942311} (HKLM) [AP encoding/decoding Filters]
[08/22/2008 06:08:20 | 01,206,784 | ---- | M] (Microsoft Corporation) C:\Windows\System32\urlmon.dll gzip:{8f6b0360-b80d-11d0-a9b3-006097942311} (HKLM) [AP encoding/decoding Filters]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}"=Adobe AIR
"{003B5184-F3DF-AF76-CB17-D35B7BB46B81}"=CCC Help Japanese
"{008D69EB-70FF-46AB-9C75-924620DF191A}"=TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{03EDED24-8375-407D-A721-4643D9768BE1}"=kgchlwn
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}"=Battlefield 2: Deluxe Edition
"{073F22CE-9A5B-4A40-A604-C7270AC6BF34}"=ESSSONIC
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}"=OpenOffice.org Installer 1.0
"{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}"=Security Update for CAPICOM (KB931906)
"{0F6932CF-E642-5A7A-8194-3F7443188287}"=CCC Help Turkish
"{103A43D9-9ED8-E78D-7BF1-E536DFE6FC9F}"=Catalyst Control Center Localization Greek
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP1700"=Canon iP1700
"{11F3F858-4131-4FFA-A560-3FE282933B6E}"=kgchday
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}"=Utility Common Driver
"{12887AF2-AE16-34CC-E85C-637DF6911C8C}"=Catalyst Control Center Localization Turkish
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}"=TOSHIBA Assist
"{13614186-B0A0-AA21-F75A-2097F9167DB8}"=CCC Help Portuguese
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}"=ESSPCD
"{177B615E-47B1-C1C4-6F3B-7D6FEB8D4564}"=CCC Help Thai
"{184E7118-0295-43C4-B72C-1D54AA75AAF7}"=Windows Live Mail
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=Google Toolbar for Internet Explorer
"{26210745-925C-8AE4-F3B9-5FA737A1F6F2}"=CCC Help Russian
"{2768CDA5-57DA-59D4-884F-A0F8A5B36D3E}"=CCC Help Finnish
"{28006915-2739-4EBE-B5E8-49B25D32EB33}"=Atheros Driver Installation Program
"{29DC966A-DA3E-3ED4-68E7-6D3D9A055B42}"=Catalyst Control Center Localization Korean
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}"=essvatgt
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}"=Rhapsody Player Engine
"{2E7A9DDC-E062-0074-08AB-DE7D1B431F75}"=Catalyst Control Center Localization Chinese Traditional
"{2FAE3800-CC47-C556-C57F-A91851BF7854}"=CCC Help French
"{3248F0A8-6813-11D6-A77B-00B0D0160000}"=Java™ SE Runtime Environment 6
"{3248F0A8-6813-11D6-A77B-00B0D0160060}"=Java™ 6 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160070}"=Java™ 6 Update 7
"{33824DAC-3F98-0BB6-56D5-7DE1A3CCC068}"=Catalyst Control Center Localization German
"{3621A2DF-0870-FE7E-674F-1DBCB18C5D22}"=ccc-utility
"{37477865-A3F1-4772-AD43-AAFC6BCFF99F}"=MSXML 4.0 SP2 (KB927978)
"{37C866E4-AA67-4725-9E95-A39968DD7960}"=Camera Assistant Software for Toshiba
"{3F11CE8A-388B-0D3A-DF6F-061F23A13D26}"=CCC Help Korean
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}"=TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}"=ATI Catalyst Install Manager
"{41B9E2CF-0B3F-442A-B5B3-592A4A355634}"=iTunes
"{41DD15BE-811D-7DEF-19A9-30AF18F75EFF}"=Catalyst Control Center Localization Thai
"{425A2BC2-AA64-4107-9C29-484245BBEA05}"=TOSHIBA Software Upgrades
"{42938595-0D83-404D-9F73-F8177FDD531A}"=ESScore
"{4537EA4B-F603-4181-89FB-2953FC695AB1}"=netbrdg
"{508CE775-4BA4-4748-82DF-FE28DA9F03B0}"=Windows Live Messenger
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}"=TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}"=TOSHIBA Hardware Setup
"{52F368DE-06BD-E116-9233-D1DE207BDFE6}"=CCC Help Dutch
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}"=skin0001
"{53BABC75-1DC1-479B-224B-1EB9E18A799B}"=CCC Help German
"{56797214-1A4C-052E-1ECE-B00308BF3362}"=CCC Help Chinese Standard
"{56DF5C9E-6392-46D3-B366-297B14E1DAAF}"=Bonjour Core for Windows
"{572D71E9-5102-74B3-5D22-DEDF911F7FE5}"=CCC Help Italian
"{5BA0C9F0-3B01-91A3-6922-4DCF943D9CBE}"=CCC Help English
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}"=TOSHIBA Disc Creator
"{605A4E39-613C-4A12-B56F-DEFBE6757237}"=SHASTA
"{6080CE3C-2CB3-2FA3-1CE2-3350B06664BC}"=CCC Help Swedish
"{608D2A3C-6889-4C11-9B54-A42F45ACBFDB}"=fflink
"{611E35B8-7F46-DDBB-CC4F-FAAED6C054FF}"=Catalyst Control Center Localization Spanish
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}"=TOSHIBA Extended Tiles for Windows Mobility Center
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}"=TOSHIBA Flash Cards Support Utility
"{621FCD24-4498-4324-A81E-07D331376EDF}"=PixiePack Codec Pack
"{643EAE81-920C-4931-9F0B-4B343B225CA6}"=ESSBrwr
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}"=Activation Assistant for the 2007 Microsoft Office suites
"{678F1F2D-F214-08D4-67FB-AC04316C4940}"=ccc-core-static
"{693C08A7-9E76-43FF-B11E-9A58175474C4}"=kgckids
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}"=Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}"=Windows Media Player Firefox Plugin
"{6A0B868C-89BE-ACF1-8C0A-CC88878A9E46}"=Catalyst Control Center Localization Russian
"{6C4734CF-A10C-DFF4-5565-457F33849862}"=Catalyst Control Center Localization Swedish
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}"=TOSHIBA DVD PLAYER
"{6D52C408-B09A-4520-9B18-475B81D393F1}"=Microsoft Works
"{6DA9102E-199F-43A0-A36B-6EF48081A658}"=MobileMe Control Panel
"{6DECCD60-782D-7B14-22DE-FB8D6EA46433}"=CCC Help Polish
"{715044AC-B95E-4CD0-9B0C-CEDDB422F93B}"=CCC Help Czech
"{718D791F-F4E8-4aa7-98A6-15FDED17BDD0}"=Trend Micro Internet Security
"{724A8BEC-B350-1C76-C580-959AEA487108}"=Catalyst Control Center Localization Japanese
"{7299052b-02a4-4627-81f2-1818da5d550d}"=Microsoft Visual C++ 2005 Redistributable
"{77DCDCE3-2DED-62F3-8154-05E745472D07}"=Acrobat.com
"{789289CA-F73A-4A16-A331-54D498CE069F}"=Ventrilo Client
"{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}"=TOSHIBA ConfigFree
"{7994AA46-4BA6-4349-1606-1DF4148CE05B}"=CCC Help Hungarian
"{7AFBAC39-F6A8-9F8D-6A6D-F134F7E34B6E}"=Catalyst Control Center Localization Danish
"{8154ADFC-B51E-493A-BDF5-2866B5B81279}"=Live Search Club Toolbar
"{845D19A7-0BBF-12DF-87CF-F5D468930EA6}"=Catalyst Control Center Localization Czech
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}"=Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{8943CE61-53BD-475E-90E1-A580869E98A2}"=staticcr
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}"=Microsoft Silverlight
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}"=Bonjour
"{8A502E38-29C9-49FA-BCFA-D727CA062589}"=ESSTOOLS
"{8A8664E1-84C8-4936-891C-BC1F07797549}"=kgcvday
"{8DC42D05-680B-41B0-8878-6C14D24602DB}"=QuickTime
"{8E92D746-CD9F-4B90-9668-42B74C14F765}"=ESSini
"{90120000-0015-0409-0000-0000000FF1CE}"=Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUSR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-0409-0000-0000000FF1CE}"=Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUSR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0409-0000-0000000FF1CE}"=Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0409-0000-0000000FF1CE}_PROPLUSR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-0409-0000-0000000FF1CE}"=Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUSR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-0409-0000-0000000FF1CE}"=Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUSR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0409-0000-0000000FF1CE}"=Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUSR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}"=Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUSR_{3EC77D26-799B-4CD8-914F-C1565E796173}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}"=Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{430971B1-C31E-45DA-81E0-72C095BAB72C}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUSR_{430971B1-C31E-45DA-81E0-72C095BAB72C}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}"=Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUSR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0409-0000-0000000FF1CE}"=Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}"=Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUSR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-006E-0409-0000-0000000FF1CE}"=Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUSR_{FAD8A83E-9BAC-4179-9268-A35948034D85}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0409-0000-0000000FF1CE}"=Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0115-0409-0000-0000000FF1CE}"=Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0115-0409-0000-0000000FF1CE}_PROPLUSR_{FAD8A83E-9BAC-4179-9268-A35948034D85}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0117-0409-0000-0000000FF1CE}"=Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROPLUSR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90BF970B-3335-CFD5-711C-9FE0310A97C0}"=CCC Help Greek
"{91120000-0011-0000-0000-0000000FF1CE}"=Microsoft Office Professional Plus 2007
"{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{1AFF2298-CC00-4A3B-866A-C62B8373794E}"=Security Update for 2007 Microsoft Office System (KB951596)
"{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{4AD3A076-427C-491F-A5B7-7D1DE788A756}"=Update for Microsoft Office Outlook 2007 (KB952142)
"{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{558B709B-821B-4FC5-90FC-9A8890641E77}"=Security Update for Microsoft Office PowerPoint 2007 (KB951338)
"{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{5F7F6FFF-395D-480E-8450-64F385D82C5F}"=Security Update for Microsoft Office system 2007 (KB954326)
"{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{6BAD036C-261F-4BEF-96CF-C20678D07A41}"=Security Update for Visio 2007 (KB947590)
"{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{7399DD71-8E24-4E60-B6A8-6CED89C0AC26}"=Security Update for Microsoft Office Excel 2007 (KB951546)
"{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{797AE457-BA17-4BBC-B501-25FB3A0103C7}"=Security Update for 2007 Microsoft Office System (KB951944)
"{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{8F375E11-4FD6-4B89-9E2B-A76D48B51E00}"=Security Update for Microsoft Office system 2007 (KB951808)
"{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{96CC215F-3F22-4E1E-A101-F0041934A456}"=Update for Outlook 2007 Junk Email Filter (kb956080)
"{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{A420F522-7395-4872-9882-C591B4B92278}"=Update for Office 2007 (KB946691)
"{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{AD72BABE-C733-4FCF-9674-4314466191B9}"=Security Update for Microsoft Office Word 2007 (KB950113)
"{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}"=Security Update for Microsoft Office Publisher 2007 (KB950114)
"{91120000-002F-0000-0000-0000000FF1CE}"=Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{1AFF2298-CC00-4A3B-866A-C62B8373794E}"=Security Update for 2007 Microsoft Office System (KB951596)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{558B709B-821B-4FC5-90FC-9A8890641E77}"=Security Update for Microsoft Office PowerPoint 2007 (KB951338)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5F7F6FFF-395D-480E-8450-64F385D82C5F}"=Security Update for Microsoft Office system 2007 (KB954326)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6BAD036C-261F-4BEF-96CF-C20678D07A41}"=Security Update for Visio 2007 (KB947590)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7399DD71-8E24-4E60-B6A8-6CED89C0AC26}"=Security Update for Microsoft Office Excel 2007 (KB951546)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{797AE457-BA17-4BBC-B501-25FB3A0103C7}"=Security Update for 2007 Microsoft Office System (KB951944)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8F375E11-4FD6-4B89-9E2B-A76D48B51E00}"=Security Update for Microsoft Office system 2007 (KB951808)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A420F522-7395-4872-9882-C591B4B92278}"=Update for Office 2007 (KB946691)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{AD72BABE-C733-4FCF-9674-4314466191B9}"=Security Update for Microsoft Office Word 2007 (KB950113)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{F1B2401C-B610-4BF2-AA1C-52C55827A8F4}"=Security Update for Microsoft Office OneNote 2007 (KB950130)
"{91517631-A9F3-4B7C-B482-43E0068FD55A}"=ESSgui
"{926593ED-3962-4630-7CE3-34FF1B4ACCF3}"=Catalyst Control Center Localization Finnish
"{95120000-00B9-0409-0000-0000000FF1CE}"=Microsoft Application Error Reporting
"{999D43F4-9709-4887-9B1A-83EBB15A8370}"=VPRINTOL
"{9BD54685-1496-46A5-AB62-357CD140ED8B}"=kgcinvt
"{9EB0D4D4-87A5-52F5-C59C-159F81BED0E6}"=Catalyst Control Center Graphics Previews Vista
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}"=ALPS Touch Pad Driver
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}"=CD/DVD Drive Acoustic Silencer
"{A1588373-1D86-4D44-86C9-78ABD190F9CC}"=kgcmove
"{A621B45A-D138-4A95-BE10-7CABA05EF94E}"=Trend Micro Internet Security
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}"=Windows Live installer
"{A91383E9-0311-DB40-6AF6-3F9E80F83E84}"=Catalyst Control Center Localization Portuguese
"{AA9768AA-FF0B-4C66-A085-31E934F77841}"=Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A90000000001}"=Adobe Reader 9
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}"=ESSCDBK
"{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}"=Windows Live Sign-in Assistant
"{B1211E68-4DA2-7942-BE75-14272A8C1EA9}"=Catalyst Control Center Localization Dutch
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}"=OfotoXMI
"{B1F8FA80-EFA5-EC12-AD36-F5266EF90B61}"=CCC Help Danish
"{B4369E44-8703-E769-A711-40EE5000AC2C}"=Catalyst Control Center Core Implementation
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}"=CCScore
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}"=Microsoft XML Parser
"{B7DE7B5E-4A2B-B709-E133-EC74C81E654A}"=Catalyst Control Center Graphics Full New
"{B87A3B9F-7632-E053-2148-8EDD1A787B78}"=Catalyst Control Center Localization Chinese Standard
"{C04E32E0-0416-434D-AFB9-6969D703A9EF}"=MSXML 4.0 SP2 (KB936181)
"{C523D256-313D-4866-B36A-F3DE528246EF}"=MSXML 4.0 SP2 (KB941833)
"{C7EA6173-A2B8-D45E-A0EE-74F8D2C58D30}"=Catalyst Control Center Localization Hungarian
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}"=Bluetooth Stack for Windows by Toshiba
"{D1C3920F-1DC3-A2FA-BF5E-7497B5EF072E}"=Catalyst Control Center Localization Norwegian
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}"=Kodak EasyShare software
"{D5462C8A-D08C-4163-8293-82F2E11A2760}"=Trend Micro TrendProtect for Internet Explorer
"{D5A145FC-D00C-4F1A-9119-EB4D9D659750}"=Windows Live Toolbar
"{D95AAA04-9BEF-54B3-CD70-348AC1155DAB}"=Catalyst Control Center Graphics Full Existing
"{D9C7C58C-AC51-EDBF-CF22-E4E1B93ED50D}"=Skins
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}"=SFR
"{DB780B85-B4B5-4864-A49C-9B706B169C93}"=TIPCI
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}"=Google Toolbar for Internet Explorer
"{DDC4619D-1DC8-C2A7-4968-45586F237131}"=CCC Help Norwegian
"{E015B7D9-01AD-FE29-052A-489F4F29ED7F}"=Catalyst Control Center Graphics Light
"{E18B549C-5D15-45DA-8D8F-8FD2BD946344}"=kgcbaby
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}"=Windows Media Encoder 9 Series
"{E7511B20-2857-3F50-1B84-F0F32C519FE1}"=CCC Help Chinese Traditional
"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}"=tooltips
"{EB5BE9DE-6025-6227-0C25-AE5C852EC479}"=Catalyst Control Center Localization Polish
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}"=TOSHIBA SD Memory Utilities
"{EC28331A-FF2B-6D66-D8A0-32C706AEA120}"=CCC Help Spanish
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}"=TOSHIBA Speech System Applications
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}"=Realtek High Definition Audio Driver
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}"=DVD MovieFactory for TOSHIBA
"{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}"=kgcbase
"{F2B27034-6059-0549-F01A-4BD9865521B1}"=Catalyst Control Center Localization French
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}"=SKINXSDK
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}"=WIRELESS
"{FBE6B550-A93E-AA46-1DBB-421EC319E2DA}"=Catalyst Control Center Localization Italian
"{FCDB1C92-03C6-4C76-8625-371224256091}"=ESSPDock
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}"=TOSHIBA Value Added Package
"Activation Assistant for the 2007 Microsoft Office suites"=Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR"=Adobe AIR
"Adobe Flash Player ActiveX"=Adobe Flash Player ActiveX
"Adobe Flash Player Plugin"=Adobe Flash Player Plugin
"Adobe Shockwave Player"=Adobe Shockwave Player 11
"AIM Broadcaster 1.1.0.0"=AIM Broadcaster 1.1.0.0
"AIM MusicLink 2.1.0.5"=AIM MusicLink 2.1.0.5
"AIM_6"=AIM 6
"ATI Uninstaller"=ATI Uninstaller
"Canon iP1700 User Registration"=Canon iP1700 User Registration
"CanonMyPrinter"=Canon My Printer
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1"=Acrobat.com
"Desktop Dialer"=Desktop Dialer
"Easy-PhotoPrint"=Canon Utilities Easy-PhotoPrint
"Easy-WebPrint"=Easy-WebPrint
"filehippo.com"=filehippo.com Update Checker
"Google Updater"=Google Updater
"HijackThis"=HijackThis 2.0.2
"HOMESTUDENTR"=Microsoft Office Home and Student 2007
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}"=Call of Duty® 4 - Modern Warfare™ 1.4 Patch
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}"=TOSHIBA Supervisor Password
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}"=TOSHIBA Hardware Setup
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}"=TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}"=TOSHIBA Flash Cards Support Utility
"InstallShield_{DB780B85-B4B5-4864-A49C-9B706B169C93}"=Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}"=TOSHIBA Value Added Package
"KB931906"=Security Update for CAPICOM (KB931906)
"KB954156"=Security Update for Windows Media Encoder (KB954156)
"LastFM_is1"=Last.fm 1.5.1.29527
"Mozilla Firefox (3.0.1)"=Mozilla Firefox (3.0.1)
"Music Rescue_is1"=Music Rescue 3.1.6
"Picasa2"=Picasa 2
"PreCast"=Ocucom PreCast 1.5
"PROPLUSR"=Microsoft Office Professional Plus 2007
"SynTPDeinstKey"=Synaptics Pointing Device Driver
"TOSHIBA Game Console"=TOSHIBA Game Console
"TOSHIBA Media Center Game Console"=TOSHIBA Media Center Game Console
"TOSHIBA Software Modem"=TOSHIBA Software Modem
"TwitterMan Widget 3.0"=TwitterMan Widget 3.0
"Windows Live Toolbar"=Windows Live Toolbar
"Windows Media Encoder 9"=Windows Media Encoder 9 Series
"WinRAR archiver"=WinRAR archiver
"World of Warcraft"=World of Warcraft
"WT022084"=Bejeweled 2 Deluxe
"WT022085"=Blackhawk Striker 2
"WT022086"=Blasterball 3
"WT022087"=Diner Dash - Flo on the Go
"WT022089"=FATE
"WT022090"=Mah Jong Quest
"WT022091"=Penguins!
"WT022092"=Polar Bowler
"WT022093"=Polar Golfer

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 9/4/2008 6:42:54 PM | Computer Name = Blane-PC | Source = Application Hang | ID = 1002
Description = The program Explorer.EXE version 6.0.6001.18000 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: cac Start Time: 01c90edac7909f60 Termination Time: 0

Error - 9/4/2008 11:41:22 PM | Computer Name = Blane-PC | Source = EventSystem | ID = 4621
Description =

Error - 9/7/2008 11:04:13 PM | Computer Name = Blane-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 9/7/2008 11:04:13 PM | Computer Name = Blane-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 9/7/2008 11:04:14 PM | Computer Name = Blane-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 9/7/2008 11:04:14 PM | Computer Name = Blane-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 9/7/2008 11:04:14 PM | Computer Name = Blane-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 9/7/2008 11:04:17 PM | Computer Name = Blane-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 9/7/2008 11:04:17 PM | Computer Name = Blane-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 9/8/2008 12:43:48 AM | Computer Name = Blane-PC | Source = EventSystem | ID = 4621
Description =

[ Media Center Events ]
Error - 12/9/2007 12:51:32 AM | Computer Name = Blane-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 12/11/2007 4:42:18 PM | Computer Name = Blane-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 12/12/2007 12:58:45 AM | Computer Name = Blane-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 12/16/2007 8:42:23 PM | Computer Name = Blane-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 4/15/2008 8:54:04 PM | Computer Name = Blane-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 4/18/2008 12:06:04 PM | Computer Name = Blane-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 5/22/2008 7:04:53 PM | Computer Name = Blane-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 5/26/2008 3:43:42 PM | Computer Name = Blane-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 5/30/2008 2:52:00 AM | Computer Name = Blane-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 5/31/2008 9:39:03 AM | Computer Name = Blane-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

[ System Events ]
Error - 9/16/2008 11:58:33 PM | Computer Name = Blane-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 9/16/2008 11:58:33 PM | Computer Name = Blane-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 9/17/2008 12:25:51 AM | Computer Name = Blane-PC | Source = DCOM | ID = 10010
Description =

Error - 9/17/2008 1:30:37 PM | Computer Name = Blane-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 9/17/2008 1:30:44 PM | Computer Name = Blane-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 9/17/2008 1:30:59 PM | Computer Name = Blane-PC | Source = HTTP | ID = 15021
Description =

Error - 9/17/2008 1:30:59 PM | Computer Name = Blane-PC | Source = HTTP | ID = 15016
Description =

Error - 9/17/2008 1:31:27 PM | Computer Name = Blane-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 9/17/2008 1:31:27 PM | Computer Name = Blane-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 9/17/2008 1:47:21 PM | Computer Name = Blane-PC | Source = BROWSER | ID = 8032
Description =


< End of report >

#8 Yourhighness

Yourhighness

    The BSG Malware Fighter


  • Malware Response Team
  • 7,943 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Hamburg
  • Local time:03:38 PM

Posted 17 September 2008 - 02:11 PM

hi,

Your Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 6 and save it to your desktop.
  • Scroll down to where it says "Java Runtime Environment (JRE) 6 Update 7...allows end-users to run Java applications".
  • Click the "Download" button to the right.
  • Select your Platform: "Windows".
  • Select your Language: "Multi-language".
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • Click Continue and the page will refresh.
  • Click on the link to download Windows Offline Installation and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u7-windows-i586-p.exe to install the newest version.

It's been 12 days and no response. My computer is really acting up. Please analyze my HJT log.

this is rather unspecific. i need clear details to help you as the logs you have posted thus far do not show anything that alows for the rough suggestion you made above.

thanks!

"How did I get infected?" - "Safe-hex" - Member of UNITE -
Posted Image


#9 shortmantuff

shortmantuff
  • Topic Starter

  • Members
  • 124 posts
  • OFFLINE
  •  
  • Local time:10:38 AM

Posted 18 September 2008 - 11:35 AM

Im posting my logs again so you can make sure I did the java installation and deleting right...

OTViewIt logfile created on: 9/18/2008 12:21:01 PM - Run 4
OTViewIt by OldTimer - Version 1.0.5.0 Folder = C:\Users\Blane\Desktop
Windows Vista Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18241)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 1.22 Gb Available Physical Memory | 65.33% Memory free
3.98 Gb Paging File | 3.22 Gb Available in Paging File | 80.88% Paging File free
Paging file location(s): ?:\pagefile.sys;

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 231.42 Gb Total Space | 138.14 Gb Free Space | 59.69% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BLANE-PC
Current User Name: Blane
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
Files within: 90 Days

========== Processes - Non-Microsoft Only ==========

[01/25/2007 20:47:50 | 00,136,816 | ---- | M] () -- C:\Toshiba\IVP\ISM\pinger.exe
[12/25/2007 12:23:09 | 00,066,872 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe
[12/25/2007 12:23:19 | 00,103,736 | ---- | M] () -- C:\Windows\System32\PnkBstrB.exe
[07/29/2008 14:24:36 | 00,698,888 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
[01/25/2007 20:50:26 | 00,063,096 | ---- | M] () -- c:\Toshiba\IVP\swupdate\swupdtmr.exe
[07/29/2008 14:24:38 | 01,398,024 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
[07/19/2008 01:10:40 | 00,053,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuauclt.exe
[09/17/2008 14:08:12 | 00,424,448 | ---- | M] (OldTimer Tools) -- C:\Users\Blane\Desktop\OTViewIt.exe

========== (O23) Win32 Services - Non-Microsoft Only ==========

File not found -- %SystemRoot%\system32\svchost.exe -- (CertPropSvc [Unknown | Stopped])
File not found -- %SystemRoot%\system32\svchost.exe -- (DcomLaunch [Unknown | Running])
File not found -- %systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
[09/11/2008 17:42:36 | ---D | M] -- C:\Windows\System32\Msdtc -- (MSDTC [Unknown | Stopped])
[01/25/2007 20:47:50 | 00,136,816 | ---- | M] () -- C:\Toshiba\IVP\ISM\pinger.exe -- (pinger [Auto | Running])
[12/25/2007 12:23:09 | 00,066,872 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe -- (PnkBstrA [Auto | Running])
[12/25/2007 12:23:19 | 00,103,736 | ---- | M] () -- C:\Windows\System32\PnkBstrB.exe -- (PnkBstrB [Auto | Running])
File not found -- %systemroot%\system32\svchost.exe -- (Schedule [Unknown | Running])
File not found -- %SystemRoot%\system32\svchost.exe -- (SCPolicySvc [Unknown | Stopped])
[07/29/2008 14:24:36 | 00,698,888 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe -- (SfCtlCom [Auto | Running])
[01/25/2007 20:50:26 | 00,063,096 | ---- | M] () -- c:\Toshiba\IVP\swupdate\swupdtmr.exe -- (Swupdtmr [Auto | Running])
File not found -- %SystemRoot%\servicing\TrustedInstaller.exe -- (TrustedInstaller [Unknown | Running])
File not found -- %SystemRoot%\System32\svchost.exe -- (WdiServiceHost [Unknown | Stopped])
File not found -- %SystemRoot%\System32\svchost.exe -- (WdiSystemHost [Unknown | Running])

========== Driver Services - Non-Microsoft Only ==========

File not found -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive [Disabled | Stopped])
File not found -- -- (CLFS [Unknown | Running])
[08/01/2008 21:01:23 | 00,625,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl [On_Demand | Running])
File not found -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp [On_Demand | Stopped])
File not found -- C:\Windows\system32\DRIVERS\ntcdrdrv.sys -- (ntcdrdrv [Boot | Stopped])
File not found -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt [On_Demand | Stopped])
File not found -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd [On_Demand | Stopped])
[07/22/2008 07:42:34 | 00,123,904 | ---- | M] (Realtek Corporation ) -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169 [On_Demand | Running])
File not found -- C:\Windows\System32\drivers\tbhsd.sys -- (tbhsd [On_Demand | Stopped])
[07/18/2008 19:08:32 | 00,036,368 | ---- | M] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmpreflt.sys -- (tmpreflt [Auto | Running])
[07/18/2008 19:08:38 | 00,205,328 | ---- | M] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmxpflt.sys -- (tmxpflt [Auto | Running])
File not found -- C:\Windows\System32\DRIVERS\TpChoice.sys -- (TpChoice [On_Demand | Stopped])
[07/18/2008 18:51:32 | 01,195,448 | ---- | M] (Trend Micro Inc.) -- C:\Windows\System32\drivers\vsapint.sys -- (vsapint [Auto | Running])


========== (R ) Internet Explorer ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://g.msn.com/1me10enus/2
"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
"Default_Secondary_Page_URL"=
"Extensions Off Page"=about:NoAdd-ons
"Local Page"=C:\Windows\System32\blank.htm
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Secondary Start Pages"=
"Security Risk Page"=about:SecurityRisk
"Start Page"=http://g.msn.com/1me10enus/2

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://g.msn.com/1me10enus/2
"Local Page"=C:\Windows\system32\blank.htm
"Search Page"=http://www.google.com
"SearchDefaultBranded"=
"Start Page"=http://g.msn.com/1me10enus/2
"StartPageCache"=

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL]
""=http://www.google.com/keyword/%s

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
"ProxyOverride" = *.local

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
"ProxyOverride" = *.local

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
"ProxyOverride" = *.local

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation)

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]

[HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3710417837-1379984046-1947269662-1000\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://g.msn.com/1me10enus/2
"Local Page"=C:\Windows\system32\blank.htm
"Search Page"=http://www.google.com
"SearchDefaultBranded"=
"Start Page"=http://g.msn.com/1me10enus/2
"StartPageCache"=

[HKEY_USERS\S-1-5-21-3710417837-1379984046-1947269662-1000\Software\Microsoft\Internet Explorer\SearchURL]
""=http://www.google.com/keyword/%s

[HKEY_USERS\S-1-5-21-3710417837-1379984046-1947269662-1000\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3710417837-1379984046-1947269662-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
"ProxyOverride" = *.local

========== (O1) Hosts File ==========

HOSTS File = (761 bytes) - C:\Windows\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost
::1 localhost

========== (O2) BHO's ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{68F9551E-0411-48E4-9AAF-4BC42A6A46BE} (HKLM) -- C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()
{7E853D72-626A-48EC-A868-BA8D5E23E045} (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
{C1656CCA-D2EA-4A32-94AE-AE0B180E6449} (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

========== (O3) Toolbars ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{0BF43445-2F28-4351-9252-17FE6E806AA0}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{327C2873-E90D-4c37-AA9D-10AC9BABA46C}" (HKLM) -- C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{719D74AB-1AF9-43a1-8C62-D8750628D93E}" (HKLM) -- C:\Program Files\Live Search Club Toolbar\Toolbar.dll ()

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{E7620C98-FCCC-40E5-92EC-C7685D2E1E40}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{4B3803EA-5230-4DC3-A7FC-33638F3D3542}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-3710417837-1379984046-1947269662-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{4B3803EA-5230-4DC3-A7FC-33638F3D3542}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

========== (O4) Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UfSeAgnt.exe"="C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe" (Trend Micro Inc.)

========== (O6 & O7) Current Version Policies ==========


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"ConsentPromptBehaviorAdmin"=2
"ConsentPromptBehaviorUser"=1
"EnableInstallerDetection"=1
"EnableLUA"=1
"EnableSecureUIAPaths"=1
"EnableVirtualization"=1
"PromptOnSecureDesktop"=1
"ValidateAdminCodeSignatures"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"scforceoption"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"FilterAdministratorToken"=0
"EnableUIADesktopToggle"=0



"CF_TEXT"=1
"CF_BITMAP"=2
"CF_OEMTEXT"=7
"CF_DIB"=8
"CF_PALETTE"=9
"CF_UNICODETEXT"=13
"CF_DIBV5"=17





========== (O8) IE Context Menu Extensions ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]
E&xport to Microsoft Excel: C:\Program Files\Microsoft Office\Office12\EXCEL.EXE [07/03/2008 16:08:56 | 17,929,752 | ---- | M] (Microsoft Corporation)
Easy-WebPrint Add To Print List: C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [04/18/2006 19:05:46 | 00,552,960 | ---- | M] ()
Easy-WebPrint High Speed Print: C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [04/18/2006 19:05:46 | 00,552,960 | ---- | M] ()
Easy-WebPrint Preview: C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [04/18/2006 19:05:46 | 00,552,960 | ---- | M] ()
Easy-WebPrint Print: C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [04/18/2006 19:05:46 | 00,552,960 | ---- | M] ()

========== (O9) IE Extensions ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\]
{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45}: AIM -- File not found

========== (O12) Internet Explorer Plugins ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.microsoft.com/controls/find...=%s&mime=%s
PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

========== (O13) Default Prefixes ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

========== (O15) Trusted Sites ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
microsoft.com\www.update: https in Computer
1 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_USERS\S-1-5-21-3710417837-1379984046-1947269662-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
microsoft.com\www.update: https in Computer
1 domain(s) and sub-domain(s) not assigned to a zone.

========== (O16) DPF ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{0CCA191D-13A6-4E29-B746-314DEE697D83}: http://upload.facebook.com/controls/Facebo...toUploader5.cab -- Facebook Photo Uploader 5
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_07
{B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD}: http://www.trendsecure.com/easy_install/_a...asyInstallX.CAB -- TSEasyInstallX Control
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_07
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_07

========== (O17) DNS Name Servers ==========

{A4A1F10A-4221-42B4-917B-1D53A08A2BBB} (Servers: | Description: Atheros AR5007EG Wireless Network Adapter)
{AF340AEF-21E4-4D7E-8F5A-179591069F18} (Servers: | Description: Realtek RTL8101E Family PCI-E Fast Ethernet NIC (NDIS 6.0))

========== (O21) SSODL Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED} (HKLM) -- C:\Windows\System32\webcheck.dll (Microsoft Corporation)

========== HKLM *SecurityProviders* ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
>File not found --
>File not found --
>File not found --

========== Safeboot Options ==========

"AlternateShell"=cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

autoexec.bat [REM Dummy file for NTVDM | ]
[09/18/2006 17:43:36 | 00,000,024 | ---- | M] () -- C:\autoexec.bat -- [ NTFS ]


========== MountPoints2 ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{270afc2d-b2fe-11dc-ae41-001b38154a9c}\Shell\AutoRun\command]
""=E:\InstallTomTomHOME.exe -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4ec4adbe-865c-11dc-9a14-001b38154a9c}\Shell]
""=AutoRun


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4ec4adbe-865c-11dc-9a14-001b38154a9c}\Shell\AutoRun\command]
""=F:\LaunchU3.exe -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6f4b11b0-5f0b-11dc-bbb9-001b38154a9c}\Shell]
""=AutoRun


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6f4b11b0-5f0b-11dc-bbb9-001b38154a9c}\Shell\AutoRun\command]
""=E:\LaunchU3.exe -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a78fa3d4-9075-11dc-a305-001b38154a9c}\Shell]
""=AutoRun


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a78fa3d4-9075-11dc-a305-001b38154a9c}\Shell\AutoRun\command]
""=F:\LaunchU3.exe -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\Shell]
""=AutoRun


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\Shell\AutoRun\command]
""=E:\LaunchU3.exe -- File not found



========== Files/Folders - Created Within 90 days ==========

[1 C:\Windows\*.tmp files]
[06/23/2008 21:29:39 | 00,090,668 | ---- | C] () -- C:\Windows\System32\vobis32.dll
[07/09/2008 00:00:10 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[07/09/2008 00:00:10 | 00,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrrun.dll
[07/09/2008 00:00:10 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll
[07/09/2008 00:00:11 | 00,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshext.dll
[07/09/2008 00:00:11 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshom.ocx
[07/09/2008 00:00:11 | 00,155,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscript.exe
[07/09/2008 00:00:11 | 00,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[07/09/2008 00:00:14 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pacerprf.dll
[07/09/2008 00:00:14 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pacer.sys
[07/09/2008 00:00:14 | 00,891,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpip.sys
[07/09/2008 00:00:15 | 03,549,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[07/09/2008 00:00:15 | 03,600,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[07/09/2008 00:00:16 | 00,784,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll
[07/09/2008 00:00:26 | 11,580,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll
[07/11/2008 23:18:34 | 00,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[07/11/2008 23:19:05 | 02,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[07/11/2008 23:19:14 | 12,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[07/16/2008 13:34:46 | 00,427,864 | ---- | C] (Xceed Software Inc (450) 442-2626 support@xceedsoft.com www.xceedsoft.com) -- C:\Windows\System32\XceedZip.dll
[07/16/2008 13:34:46 | 00,662,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCT2.OCX
[07/16/2008 13:34:46 | 01,686,016 | ---- | C] (Clever Components) -- C:\Windows\System32\clinetsuitex6.ocx
[07/21/2008 05:08:40 | 00,009,728 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\Windows\System32\RtNicProp32.dll
[07/22/2008 07:42:34 | 00,123,904 | ---- | C] (Realtek Corporation ) -- C:\Windows\System32\drivers\Rtlh86.sys
[07/22/2008 10:55:43 | 00,001,885 | ---- | C] () -- C:\Users\Blane\Desktop\HijackThis.lnk
[08/08/2008 14:41:05 | 00,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[08/08/2008 14:41:05 | 00,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[08/08/2008 14:41:05 | 00,670,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[08/08/2008 14:41:05 | 01,418,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[08/08/2008 14:41:06 | 00,184,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SearchProtocolHost.exe
[08/08/2008 14:41:06 | 00,439,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe
[08/08/2008 14:41:06 | 01,582,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[08/08/2008 14:41:07 | 01,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll
[08/08/2008 14:41:07 | 06,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll
[08/08/2008 14:41:08 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll
[08/08/2008 14:41:08 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[08/08/2008 14:41:08 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll
[08/08/2008 14:41:08 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[08/08/2008 14:41:08 | 00,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll
[08/08/2008 14:41:08 | 00,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll
[08/08/2008 14:41:09 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll
[08/08/2008 14:41:09 | 11,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[08/08/2008 14:41:11 | 00,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
[08/08/2008 14:41:11 | 00,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[08/08/2008 14:41:11 | 00,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll
[08/08/2008 14:41:11 | 00,754,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll
[08/08/2008 14:41:12 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
[08/08/2008 14:41:12 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
[08/08/2008 14:41:12 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll
[08/08/2008 14:41:12 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll
[08/08/2008 14:41:12 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SearchFilterHost.exe
[08/08/2008 14:41:12 | 00,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[08/08/2008 14:41:14 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll
[08/08/2008 14:41:16 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
[08/08/2008 14:41:16 | 00,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[08/08/2008 14:41:16 | 00,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[08/14/2008 16:50:42 | 00,738,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcomm.dll
[08/14/2008 16:51:03 | 00,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\es.dll
[08/14/2008 16:51:06 | 00,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IPSECSVC.DLL
[08/14/2008 17:28:22 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[08/19/2008 20:46:34 | 00,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
[08/30/2008 13:03:28 | 00,001,807 | ---- | C] () -- C:\Users\Public\Desktop\AIM 6.lnk
[09/04/2008 14:11:49 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[09/04/2008 14:11:49 | 00,163,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[09/04/2008 14:12:17 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[09/04/2008 14:12:17 | 00,563,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[09/04/2008 14:12:18 | 00,036,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[09/04/2008 14:13:48 | 01,811,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuaueng.dll
[09/04/2008 14:13:49 | 00,045,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[09/04/2008 14:13:49 | 00,053,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuauclt.exe
[09/04/2008 14:13:49 | 01,524,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[09/04/2008 18:49:32 | 00,000,825 | ---- | C] () -- C:\Users\Public\Desktop\WinRAR.lnk
[09/09/2008 18:16:03 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[09/09/2008 18:16:03 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
[09/09/2008 18:16:03 | 00,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\nwifi.sys
[09/09/2008 18:16:03 | 00,211,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys
[09/09/2008 18:16:03 | 00,565,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\emdmgmt.dll
[09/09/2008 18:16:03 | 00,625,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgkrnl.sys
[09/09/2008 18:16:08 | 00,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[09/09/2008 18:19:37 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[09/09/2008 18:19:37 | 04,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[09/12/2008 14:22:25 | 00,001,986 | ---- | C] () -- C:\Users\Public\Desktop\Kodak EasyShare.lnk
[09/12/2008 14:56:02 | 00,002,231 | ---- | C] () -- C:\Users\Blane\Desktop\iTunes.lnk
[09/14/2008 01:10:27 | 05,699,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[09/14/2008 01:10:27 | 11,985,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
[09/14/2008 01:10:28 | 01,415,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[09/14/2008 01:10:29 | 00,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[09/14/2008 01:10:29 | 00,878,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[09/14/2008 01:10:29 | 01,206,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
[09/14/2008 01:10:30 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshta.exe
[09/14/2008 01:10:30 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardie.dll
[09/14/2008 01:10:30 | 00,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[09/14/2008 01:10:30 | 00,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[09/14/2008 01:10:30 | 03,670,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[09/14/2008 01:10:31 | 00,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[09/14/2008 01:10:31 | 01,778,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
[09/14/2008 01:10:32 | 00,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[09/14/2008 01:10:33 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[09/14/2008 01:10:33 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[09/14/2008 01:10:33 | 00,103,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[09/14/2008 01:10:33 | 00,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe
[09/14/2008 01:10:33 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[09/14/2008 01:10:33 | 00,110,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe
[09/14/2008 01:10:33 | 00,129,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[09/14/2008 01:10:33 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[09/14/2008 01:10:33 | 00,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[09/14/2008 01:10:33 | 00,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[09/14/2008 01:10:34 | 00,056,413 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[09/14/2008 01:10:34 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\occache.dll
[09/14/2008 01:10:34 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[09/14/2008 01:10:34 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[09/14/2008 01:10:34 | 00,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[09/14/2008 01:10:34 | 00,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webcheck.dll
[09/14/2008 01:10:34 | 00,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[09/14/2008 01:10:34 | 00,630,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[09/14/2008 01:10:35 | 00,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[09/14/2008 01:10:36 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[09/14/2008 01:10:36 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[09/14/2008 01:10:36 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[09/14/2008 01:10:36 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[09/14/2008 01:10:36 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[09/14/2008 01:10:36 | 00,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[09/14/2008 01:10:36 | 00,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[09/14/2008 01:10:37 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[09/14/2008 01:10:37 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[09/14/2008 01:10:37 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[09/14/2008 01:10:37 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[09/14/2008 01:10:37 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PrivacIE.dll
[09/14/2008 01:10:37 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[09/14/2008 01:10:37 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdc.ocx
[09/14/2008 01:10:37 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[09/14/2008 01:10:37 | 00,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\advpack.dll
[09/14/2008 01:10:37 | 00,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[09/14/2008 01:10:37 | 00,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[09/14/2008 01:10:38 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmled.dll
[09/14/2008 01:10:38 | 01,659,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[09/17/2008 14:08:02 | 00,424,448 | ---- | C] (OldTimer Tools) -- C:\Users\Blane\Desktop\OTViewIt.exe

========== Files - Modified Within 90 days ==========

[1 C:\Windows\*.tmp files]
[06/22/2008 12:39:12 | 00,000,761 | ---- | M] () -- C:\Windows\System32\drivers\etc\tmvsthfss.bin
[06/22/2008 12:39:12 | 00,000,761 | ---- | M] () -- C:\Windows\System32\drivers\etc\tmvsthfud.bin
[06/25/2008 21:45:43 | 12,240,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[06/25/2008 21:45:55 | 02,644,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[06/25/2008 23:29:02 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
[06/25/2008 23:29:02 | 00,565,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\emdmgmt.dll
[06/25/2008 23:29:06 | 00,801,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[06/25/2008 23:29:09 | 00,303,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[07/15/2008 21:32:44 | 00,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[07/18/2008 18:51:32 | 01,195,448 | ---- | M] (Trend Micro Inc.) -- C:\Windows\System32\drivers\vsapint.sys
[07/18/2008 19:08:32 | 00,036,368 | ---- | M] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmpreflt.sys
[07/18/2008 19:08:38 | 00,205,328 | ---- | M] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmxpflt.sys
[07/18/2008 20:44:32 | 00,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[07/18/2008 22:08:18 | 00,163,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[07/18/2008 23:44:12 | 00,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[07/18/2008 23:44:52 | 01,524,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[07/19/2008 01:09:40 | 01,811,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuaueng.dll
[07/19/2008 01:09:42 | 00,563,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[07/19/2008 01:10:18 | 00,036,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[07/19/2008 01:10:39 | 00,045,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[07/19/2008 01:10:40 | 00,053,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuauclt.exe
[07/21/2008 05:08:40 | 00,009,728 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\Windows\System32\RtNicProp32.dll
[07/22/2008 07:42:34 | 00,123,904 | ---- | M] (Realtek Corporation ) -- C:\Windows\System32\drivers\Rtlh86.sys
[07/22/2008 10:55:43 | 00,001,885 | ---- | M] () -- C:\Users\Blane\Desktop\HijackThis.lnk
[07/30/2008 01:58:07 | 03,670,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[07/30/2008 21:13:15 | 04,240,384 | ---- | M] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[07/30/2008 23:32:38 | 00,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[08/01/2008 21:01:23 | 00,625,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgkrnl.sys
[08/01/2008 23:26:00 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[08/19/2008 20:46:34 | 00,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
[08/22/2008 05:42:21 | 00,443,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[08/22/2008 05:49:54 | 00,056,413 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[08/22/2008 05:57:54 | 00,156,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[08/22/2008 05:58:10 | 00,181,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[08/22/2008 06:04:49 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tdc.ocx
[08/22/2008 06:04:53 | 00,045,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshta.exe
[08/22/2008 06:04:56 | 01,659,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[08/22/2008 06:04:58 | 00,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PrivacIE.dll
[08/22/2008 06:04:59 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[08/22/2008 06:05:06 | 00,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmled.dll
[08/22/2008 06:05:09 | 00,217,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[08/22/2008 06:05:12 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[08/22/2008 06:05:13 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[08/22/2008 06:05:14 | 00,346,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[08/22/2008 06:05:19 | 00,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icardie.dll
[08/22/2008 06:05:20 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[08/22/2008 06:05:21 | 00,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[08/22/2008 06:05:22 | 00,186,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[08/22/2008 06:05:33 | 00,630,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[08/22/2008 06:05:47 | 00,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[08/22/2008 06:05:57 | 00,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[08/22/2008 06:06:01 | 01,778,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
[08/22/2008 06:06:04 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[08/22/2008 06:06:14 | 00,128,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advpack.dll
[08/22/2008 06:06:15 | 00,094,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[08/22/2008 06:06:19 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[08/22/2008 06:06:22 | 00,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[08/22/2008 06:06:23 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[08/22/2008 06:06:23 | 00,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[08/22/2008 06:06:28 | 00,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[08/22/2008 06:06:28 | 00,552,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[08/22/2008 06:06:34 | 00,124,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[08/22/2008 06:06:39 | 00,228,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[08/22/2008 06:06:43 | 00,385,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[08/22/2008 06:06:49 | 00,129,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[08/22/2008 06:06:50 | 00,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[08/22/2008 06:06:51 | 00,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe
[08/22/2008 06:06:52 | 00,110,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe
[08/22/2008 06:06:57 | 00,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[08/22/2008 06:07:06 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[08/22/2008 06:07:48 | 00,116,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\occache.dll
[08/22/2008 06:07:49 | 00,193,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[08/22/2008 06:07:57 | 00,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[08/22/2008 06:07:59 | 00,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[08/22/2008 06:08:05 | 00,878,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[08/22/2008 06:08:06 | 00,236,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\webcheck.dll
[08/22/2008 06:08:20 | 00,208,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[08/22/2008 06:08:20 | 01,206,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
[08/22/2008 06:08:32 | 01,415,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[08/22/2008 06:08:41 | 00,385,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[08/22/2008 06:09:30 | 05,699,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[08/22/2008 06:10:33 | 11,985,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
[08/23/2008 15:49:20 | 00,798,720 | R--- | M] () -- C:\Users\Public\Documents\ESBK.mbb
[08/26/2008 16:28:12 | 16,208,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mrt.exe
[08/28/2008 23:17:20 | 00,001,356 | ---- | M] () -- C:\Users\Blane\AppData\Local\d3d9caps.dat
[08/30/2008 13:03:28 | 00,001,807 | ---- | M] () -- C:\Users\Public\Desktop\AIM 6.lnk
[08/30/2008 13:03:47 | 00,002,485 | -H-- | M] () -- C:\IPH.PH
[09/04/2008 18:49:32 | 00,000,825 | ---- | M] () -- C:\Users\Public\Desktop\WinRAR.lnk
[09/09/2008 18:43:09 | 00,102,194 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[09/09/2008 18:43:09 | 00,598,588 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[09/09/2008 18:43:09 | 00,694,964 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[09/10/2008 20:13:40 | 00,001,735 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[09/12/2008 14:22:25 | 00,001,986 | ---- | M] () -- C:\Users\Public\Desktop\Kodak EasyShare.lnk
[09/12/2008 14:36:06 | 00,431,104 | R--- | M] () -- C:\Users\Public\Documents\ESBK.mb
[09/14/2008 17:45:12 | 00,002,231 | ---- | M] () -- C:\Users\Blane\Desktop\iTunes.lnk
[09/17/2008 00:04:15 | 00,002,838 | ---- | M] () -- C:\Windows\machine.ver
[09/17/2008 00:05:29 | 00,000,067 | ---- | M] () -- C:\Windows\swupdate.INI
[09/17/2008 14:08:12 | 00,424,448 | ---- | M] (OldTimer Tools) -- C:\Users\Blane\Desktop\OTViewIt.exe
[09/17/2008 18:12:39 | 03,102,478 | -H-- | M] () -- C:\Users\Blane\AppData\Local\IconCache.db
[09/18/2008 12:09:05 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[09/18/2008 12:09:10 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[09/18/2008 12:09:16 | 00,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[09/18/2008 12:09:16 | 00,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[09/18/2008 12:10:19 | 00,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{5FB3E98B-E53E-4B97-9B05-F3D3A13707A8}.job
[09/18/2008 12:11:07 | 00,000,254 | ---- | M] () -- C:\Windows\tasks\Check Updates for Windows Live Toolbar.job

< End of report >

OTViewIt Extras logfile created on: 9/18/2008 12:21:01 PM - Run Blane
OTViewIt by OldTimer - Version 1.0.5.0 Folder = C:\Users\Blane\Desktop
Windows Vista Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18241)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 1.22 Gb Available Physical Memory | 65.33% Memory free
3.98 Gb Paging File | 3.22 Gb Available in Paging File | 80.88% Paging File free
Paging file location(s): ?:\pagefile.sys;

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 231.42 Gb Total Space | 138.14 Gb Free Space | 59.69% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BLANE-PC
Current User Name: Blane
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
Files within: 90 Days

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.dll (Microsoft Corporation)
========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval"=1
"AutoUpdateDisableNotify"=1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride"=0
"AntiSpywareOverride"=0
"FirewallOverride"=0
"VistaSp1"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3710417837-1379984046-1947269662-1000]
"EnableNotifications"=0
"EnableNotificationsRef"=1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[01/25/2007 20:47:50 | 00,136,816 | ---- | M] () -- C:\TOSHIBA\Ivp\ISM\pinger.exe:*:Enabled:Toshiba Software Upgrades Pinger

========== (O10) Winsock2 Catalogs ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]
NameSpace_Catalog5\Catalog_Entries\000000000007 [mdnsNSP] -- C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

========== HKEY_LOCAL_MACHINE Protocol Defaults ==========


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults - Default Protocols
ldap -- 4 = Restricted sites (Not a Default Protocol)
news -- 4 = Restricted sites (Not a Default Protocol)
nntp -- 4 = Restricted sites (Not a Default Protocol)
oecmd -- 4 = Restricted sites (Not a Default Protocol)
snews -- 4 = Restricted sites (Not a Default Protocol)

========== HKEY_USERS Protocol Defaults ==========


[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults] - Default Protocols
@ivt -- @ivt protocol not assigned
file -- file protocol not assigned
ftp -- ftp protocol not assigned
http -- http protocol not assigned
https -- https protocol not assigned
shell -- shell protocol not assigned

========== HKEY_USERS Protocol Defaults ==========


[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults] - Default Protocols
@ivt -- @ivt protocol not assigned
file -- file protocol not assigned
ftp -- ftp protocol not assigned
http -- http protocol not assigned
https -- https protocol not assigned
shell -- shell protocol not assigned

========== (O18) Protocol Handlers ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[08/22/2008 06:09:30 | 05,699,584 | ---- | M] (Microsoft Corporation) C:\Windows\System32\mshtml.dll (about:{3050F406-98B5-11CF-BB82-00AA00BDCE0B} (HKLM) [Microsoft HTML About Pluggable Protocol])
[08/22/2008 06:08:20 | 01,206,784 | ---- | M] (Microsoft Corporation) C:\Windows\System32\urlmon.dll (cdl:{3dd53d40-7b8b-11D0-b013-00aa0059ce02} (HKLM) [CDL: Asychronous Pluggable Protocol Handler])
[08/22/2008 06:08:20 | 01,206,784 | ---- | M] (Microsoft Corporation) C:\Windows\System32\urlmon.dll (file:{79eac9e7-baf9-11ce-8c82-00aa004ba90b} (HKLM) [file:, local: Asychronous Pluggable Protocol Handler])
[08/22/2008 06:08:20 | 01,206,784 | ---- | M] (Microsoft Corporation) C:\Windows\System32\urlmon.dll (ftp:{79eac9e3-baf9-11ce-8c82-00aa004ba90b} (HKLM) [ftp: Asychronous Pluggable Protocol Handler])
[08/22/2008 06:08:20 | 01,206,784 | ---- | M] (Microsoft Corporation) C:\Windows\System32\urlmon.dll (http:{79eac9e2-baf9-11ce-8c82-00aa004ba90b} (HKLM) [http: Asychronous Pluggable Protocol Handler])
[08/22/2008 06:08:20 | 01,206,784 | ---- | M] (Microsoft Corporation) C:\Windows\System32\urlmon.dll (https:{79eac9e5-baf9-11ce-8c82-00aa004ba90b} (HKLM) [https: Asychronous Pluggable Protocol Handler])
[08/22/2008 06:09:30 | 05,699,584 | ---- | M] (Microsoft Corporation) C:\Windows\System32\mshtml.dll (java script:{3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} (HKLM) [Microsoft HTML Javascript Pluggable Protocol])
[08/22/2008 06:08:20 | 01,206,784 | ---- | M] (Microsoft Corporation) C:\Windows\System32\urlmon.dll (local:{79eac9e7-baf9-11ce-8c82-00aa004ba90b} (HKLM) [file:, local: Asychronous Pluggable Protocol Handler])
[08/22/2008 06:09:30 | 05,699,584 | ---- | M] (Microsoft Corporation) C:\Windows\System32\mshtml.dll (mailto:{3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} (HKLM) [Microsoft HTML Mailto Pluggable Protocol])
[08/22/2008 06:08:20 | 01,206,784 | ---- | M] (Microsoft Corporation) C:\Windows\System32\urlmon.dll (mk:{79eac9e6-baf9-11ce-8c82-00aa004ba90b} (HKLM) [mk: Asychronous Pluggable Protocol Handler])
[08/22/2008 06:09:30 | 05,699,584 | ---- | M] (Microsoft Corporation) C:\Windows\System32\mshtml.dll (res:{3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} (HKLM) [Microsoft HTML Resource Pluggable Protocol])
[08/22/2008 06:09:30 | 05,699,584 | ---- | M] (Microsoft Corporation) C:\Windows\System32\mshtml.dll (vbscript:{3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} (HKLM) [Microsoft HTML Javascript Pluggable Protocol])

========== (O18) Protocol Filters ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\] - Protocol Filters
[08/22/2008 06:08:20 | 01,206,784 | ---- | M] (Microsoft Corporation) C:\Windows\System32\urlmon.dll deflate:{8f6b0360-b80d-11d0-a9b3-006097942311} (HKLM) [AP encoding/decoding Filters]
[08/22/2008 06:08:20 | 01,206,784 | ---- | M] (Microsoft Corporation) C:\Windows\System32\urlmon.dll gzip:{8f6b0360-b80d-11d0-a9b3-006097942311} (HKLM) [AP encoding/decoding Filters]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}"=Adobe AIR
"{003B5184-F3DF-AF76-CB17-D35B7BB46B81}"=CCC Help Japanese
"{008D69EB-70FF-46AB-9C75-924620DF191A}"=TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{03EDED24-8375-407D-A721-4643D9768BE1}"=kgchlwn
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}"=Battlefield 2: Deluxe Edition
"{073F22CE-9A5B-4A40-A604-C7270AC6BF34}"=ESSSONIC
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}"=OpenOffice.org Installer 1.0
"{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}"=Security Update for CAPICOM (KB931906)
"{0F6932CF-E642-5A7A-8194-3F7443188287}"=CCC Help Turkish
"{103A43D9-9ED8-E78D-7BF1-E536DFE6FC9F}"=Catalyst Control Center Localization Greek
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP1700"=Canon iP1700
"{11F3F858-4131-4FFA-A560-3FE282933B6E}"=kgchday
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}"=Utility Common Driver
"{12887AF2-AE16-34CC-E85C-637DF6911C8C}"=Catalyst Control Center Localization Turkish
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}"=TOSHIBA Assist
"{13614186-B0A0-AA21-F75A-2097F9167DB8}"=CCC Help Portuguese
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}"=ESSPCD
"{177B615E-47B1-C1C4-6F3B-7D6FEB8D4564}"=CCC Help Thai
"{184E7118-0295-43C4-B72C-1D54AA75AAF7}"=Windows Live Mail
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=Google Toolbar for Internet Explorer
"{26210745-925C-8AE4-F3B9-5FA737A1F6F2}"=CCC Help Russian
"{2768CDA5-57DA-59D4-884F-A0F8A5B36D3E}"=CCC Help Finnish
"{28006915-2739-4EBE-B5E8-49B25D32EB33}"=Atheros Driver Installation Program
"{29DC966A-DA3E-3ED4-68E7-6D3D9A055B42}"=Catalyst Control Center Localization Korean
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}"=essvatgt
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}"=Rhapsody Player Engine
"{2E7A9DDC-E062-0074-08AB-DE7D1B431F75}"=Catalyst Control Center Localization Chinese Traditional
"{2FAE3800-CC47-C556-C57F-A91851BF7854}"=CCC Help French
"{3248F0A8-6813-11D6-A77B-00B0D0160070}"=Java™ 6 Update 7
"{33824DAC-3F98-0BB6-56D5-7DE1A3CCC068}"=Catalyst Control Center Localization German
"{3621A2DF-0870-FE7E-674F-1DBCB18C5D22}"=ccc-utility
"{37477865-A3F1-4772-AD43-AAFC6BCFF99F}"=MSXML 4.0 SP2 (KB927978)
"{37C866E4-AA67-4725-9E95-A39968DD7960}"=Camera Assistant Software for Toshiba
"{3F11CE8A-388B-0D3A-DF6F-061F23A13D26}"=CCC Help Korean
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}"=TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}"=ATI Catalyst Install Manager
"{41B9E2CF-0B3F-442A-B5B3-592A4A355634}"=iTunes
"{41DD15BE-811D-7DEF-19A9-30AF18F75EFF}"=Catalyst Control Center Localization Thai
"{425A2BC2-AA64-4107-9C29-484245BBEA05}"=TOSHIBA Software Upgrades
"{42938595-0D83-404D-9F73-F8177FDD531A}"=ESScore
"{4537EA4B-F603-4181-89FB-2953FC695AB1}"=netbrdg
"{508CE775-4BA4-4748-82DF-FE28DA9F03B0}"=Windows Live Messenger
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}"=TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}"=TOSHIBA Hardware Setup
"{52F368DE-06BD-E116-9233-D1DE207BDFE6}"=CCC Help Dutch
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}"=skin0001
"{53BABC75-1DC1-479B-224B-1EB9E18A799B}"=CCC Help German
"{56797214-1A4C-052E-1ECE-B00308BF3362}"=CCC Help Chinese Standard
"{56DF5C9E-6392-46D3-B366-297B14E1DAAF}"=Bonjour Core for Windows
"{572D71E9-5102-74B3-5D22-DEDF911F7FE5}"=CCC Help Italian
"{5BA0C9F0-3B01-91A3-6922-4DCF943D9CBE}"=CCC Help English
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}"=TOSHIBA Disc Creator
"{605A4E39-613C-4A12-B56F-DEFBE6757237}"=SHASTA
"{6080CE3C-2CB3-2FA3-1CE2-3350B06664BC}"=CCC Help Swedish
"{608D2A3C-6889-4C11-9B54-A42F45ACBFDB}"=fflink
"{611E35B8-7F46-DDBB-CC4F-FAAED6C054FF}"=Catalyst Control Center Localization Spanish
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}"=TOSHIBA Extended Tiles for Windows Mobility Center
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}"=TOSHIBA Flash Cards Support Utility
"{621FCD24-4498-4324-A81E-07D331376EDF}"=PixiePack Codec Pack
"{643EAE81-920C-4931-9F0B-4B343B225CA6}"=ESSBrwr
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}"=Activation Assistant for the 2007 Microsoft Office suites
"{678F1F2D-F214-08D4-67FB-AC04316C4940}"=ccc-core-static
"{693C08A7-9E76-43FF-B11E-9A58175474C4}"=kgckids
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}"=Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}"=Windows Media Player Firefox Plugin
"{6A0B868C-89BE-ACF1-8C0A-CC88878A9E46}"=Catalyst Control Center Localization Russian
"{6C4734CF-A10C-DFF4-5565-457F33849862}"=Catalyst Control Center Localization Swedish
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}"=TOSHIBA DVD PLAYER
"{6D52C408-B09A-4520-9B18-475B81D393F1}"=Microsoft Works
"{6DA9102E-199F-43A0-A36B-6EF48081A658}"=MobileMe Control Panel
"{6DECCD60-782D-7B14-22DE-FB8D6EA46433}"=CCC Help Polish
"{715044AC-B95E-4CD0-9B0C-CEDDB422F93B}"=CCC Help Czech
"{718D791F-F4E8-4aa7-98A6-15FDED17BDD0}"=Trend Micro Internet Security
"{724A8BEC-B350-1C76-C580-959AEA487108}"=Catalyst Control Center Localization Japanese
"{7299052b-02a4-4627-81f2-1818da5d550d}"=Microsoft Visual C++ 2005 Redistributable
"{77DCDCE3-2DED-62F3-8154-05E745472D07}"=Acrobat.com
"{789289CA-F73A-4A16-A331-54D498CE069F}"=Ventrilo Client
"{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}"=TOSHIBA ConfigFree
"{7994AA46-4BA6-4349-1606-1DF4148CE05B}"=CCC Help Hungarian
"{7AFBAC39-F6A8-9F8D-6A6D-F134F7E34B6E}"=Catalyst Control Center Localization Danish
"{8154ADFC-B51E-493A-BDF5-2866B5B81279}"=Live Search Club Toolbar
"{845D19A7-0BBF-12DF-87CF-F5D468930EA6}"=Catalyst Control Center Localization Czech
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}"=Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{8943CE61-53BD-475E-90E1-A580869E98A2}"=staticcr
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}"=Microsoft Silverlight
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}"=Bonjour
"{8A502E38-29C9-49FA-BCFA-D727CA062589}"=ESSTOOLS
"{8A8664E1-84C8-4936-891C-BC1F07797549}"=kgcvday
"{8DC42D05-680B-41B0-8878-6C14D24602DB}"=QuickTime
"{8E92D746-CD9F-4B90-9668-42B74C14F765}"=ESSini
"{90120000-0015-0409-0000-0000000FF1CE}"=Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUSR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-0409-0000-0000000FF1CE}"=Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUSR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0409-0000-0000000FF1CE}"=Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0409-0000-0000000FF1CE}_PROPLUSR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-0409-0000-0000000FF1CE}"=Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUSR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-0409-0000-0000000FF1CE}"=Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUSR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0409-0000-0000000FF1CE}"=Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUSR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}"=Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUSR_{3EC77D26-799B-4CD8-914F-C1565E796173}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}"=Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{430971B1-C31E-45DA-81E0-72C095BAB72C}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUSR_{430971B1-C31E-45DA-81E0-72C095BAB72C}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}"=Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUSR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0409-0000-0000000FF1CE}"=Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}"=Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUSR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-006E-0409-0000-0000000FF1CE}"=Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUSR_{FAD8A83E-9BAC-4179-9268-A35948034D85}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0409-0000-0000000FF1CE}"=Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0115-0409-0000-0000000FF1CE}"=Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0115-0409-0000-0000000FF1CE}_PROPLUSR_{FAD8A83E-9BAC-4179-9268-A35948034D85}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0117-0409-0000-0000000FF1CE}"=Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROPLUSR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90BF970B-3335-CFD5-711C-9FE0310A97C0}"=CCC Help Greek
"{91120000-0011-0000-0000-0000000FF1CE}"=Microsoft Office Professional Plus 2007
"{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{1AFF2298-CC00-4A3B-866A-C62B8373794E}"=Security Update for 2007 Microsoft Office System (KB951596)
"{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{4AD3A076-427C-491F-A5B7-7D1DE788A756}"=Update for Microsoft Office Outlook 2007 (KB952142)
"{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{558B709B-821B-4FC5-90FC-9A8890641E77}"=Security Update for Microsoft Office PowerPoint 2007 (KB951338)
"{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{5F7F6FFF-395D-480E-8450-64F385D82C5F}"=Security Update for Microsoft Office system 2007 (KB954326)
"{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{6BAD036C-261F-4BEF-96CF-C20678D07A41}"=Security Update for Visio 2007 (KB947590)
"{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{7399DD71-8E24-4E60-B6A8-6CED89C0AC26}"=Security Update for Microsoft Office Excel 2007 (KB951546)
"{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{797AE457-BA17-4BBC-B501-25FB3A0103C7}"=Security Update for 2007 Microsoft Office System (KB951944)
"{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{8F375E11-4FD6-4B89-9E2B-A76D48B51E00}"=Security Update for Microsoft Office system 2007 (KB951808)
"{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{96CC215F-3F22-4E1E-A101-F0041934A456}"=Update for Outlook 2007 Junk Email Filter (kb956080)
"{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{A420F522-7395-4872-9882-C591B4B92278}"=Update for Office 2007 (KB946691)
"{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{AD72BABE-C733-4FCF-9674-4314466191B9}"=Security Update for Microsoft Office Word 2007 (KB950113)
"{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}"=Security Update for Microsoft Office Publisher 2007 (KB950114)
"{91120000-002F-0000-0000-0000000FF1CE}"=Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{1AFF2298-CC00-4A3B-866A-C62B8373794E}"=Security Update for 2007 Microsoft Office System (KB951596)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{558B709B-821B-4FC5-90FC-9A8890641E77}"=Security Update for Microsoft Office PowerPoint 2007 (KB951338)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5F7F6FFF-395D-480E-8450-64F385D82C5F}"=Security Update for Microsoft Office system 2007 (KB954326)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6BAD036C-261F-4BEF-96CF-C20678D07A41}"=Security Update for Visio 2007 (KB947590)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7399DD71-8E24-4E60-B6A8-6CED89C0AC26}"=Security Update for Microsoft Office Excel 2007 (KB951546)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{797AE457-BA17-4BBC-B501-25FB3A0103C7}"=Security Update for 2007 Microsoft Office System (KB951944)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8F375E11-4FD6-4B89-9E2B-A76D48B51E00}"=Security Update for Microsoft Office system 2007 (KB951808)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A420F522-7395-4872-9882-C591B4B92278}"=Update for Office 2007 (KB946691)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{AD72BABE-C733-4FCF-9674-4314466191B9}"=Security Update for Microsoft Office Word 2007 (KB950113)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}"=2007 Microsoft Office Suite Service Pack 1 (SP1)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{F1B2401C-B610-4BF2-AA1C-52C55827A8F4}"=Security Update for Microsoft Office OneNote 2007 (KB950130)
"{91517631-A9F3-4B7C-B482-43E0068FD55A}"=ESSgui
"{926593ED-3962-4630-7CE3-34FF1B4ACCF3}"=Catalyst Control Center Localization Finnish
"{95120000-00B9-0409-0000-0000000FF1CE}"=Microsoft Application Error Reporting
"{999D43F4-9709-4887-9B1A-83EBB15A8370}"=VPRINTOL
"{9BD54685-1496-46A5-AB62-357CD140ED8B}"=kgcinvt
"{9EB0D4D4-87A5-52F5-C59C-159F81BED0E6}"=Catalyst Control Center Graphics Previews Vista
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}"=ALPS Touch Pad Driver
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}"=CD/DVD Drive Acoustic Silencer
"{A1588373-1D86-4D44-86C9-78ABD190F9CC}"=kgcmove
"{A621B45A-D138-4A95-BE10-7CABA05EF94E}"=Trend Micro Internet Security
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}"=Windows Live installer
"{A91383E9-0311-DB40-6AF6-3F9E80F83E84}"=Catalyst Control Center Localization Portuguese
"{AA9768AA-FF0B-4C66-A085-31E934F77841}"=Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A90000000001}"=Adobe Reader 9
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}"=ESSCDBK
"{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}"=Windows Live Sign-in Assistant
"{B1211E68-4DA2-7942-BE75-14272A8C1EA9}"=Catalyst Control Center Localization Dutch
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}"=OfotoXMI
"{B1F8FA80-EFA5-EC12-AD36-F5266EF90B61}"=CCC Help Danish
"{B4369E44-8703-E769-A711-40EE5000AC2C}"=Catalyst Control Center Core Implementation
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}"=CCScore
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}"=Microsoft XML Parser
"{B7DE7B5E-4A2B-B709-E133-EC74C81E654A}"=Catalyst Control Center Graphics Full New
"{B87A3B9F-7632-E053-2148-8EDD1A787B78}"=Catalyst Control Center Localization Chinese Standard
"{C04E32E0-0416-434D-AFB9-6969D703A9EF}"=MSXML 4.0 SP2 (KB936181)
"{C523D256-313D-4866-B36A-F3DE528246EF}"=MSXML 4.0 SP2 (KB941833)
"{C7EA6173-A2B8-D45E-A0EE-74F8D2C58D30}"=Catalyst Control Center Localization Hungarian
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}"=Bluetooth Stack for Windows by Toshiba
"{D1C3920F-1DC3-A2FA-BF5E-7497B5EF072E}"=Catalyst Control Center Localization Norwegian
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}"=Kodak EasyShare software
"{D5462C8A-D08C-4163-8293-82F2E11A2760}"=Trend Micro TrendProtect for Internet Explorer
"{D5A145FC-D00C-4F1A-9119-EB4D9D659750}"=Windows Live Toolbar
"{D95AAA04-9BEF-54B3-CD70-348AC1155DAB}"=Catalyst Control Center Graphics Full Existing
"{D9C7C58C-AC51-EDBF-CF22-E4E1B93ED50D}"=Skins
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}"=SFR
"{DB780B85-B4B5-4864-A49C-9B706B169C93}"=TIPCI
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}"=Google Toolbar for Internet Explorer
"{DDC4619D-1DC8-C2A7-4968-45586F237131}"=CCC Help Norwegian
"{E015B7D9-01AD-FE29-052A-489F4F29ED7F}"=Catalyst Control Center Graphics Light
"{E18B549C-5D15-45DA-8D8F-8FD2BD946344}"=kgcbaby
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}"=Windows Media Encoder 9 Series
"{E7511B20-2857-3F50-1B84-F0F32C519FE1}"=CCC Help Chinese Traditional
"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}"=tooltips
"{EB5BE9DE-6025-6227-0C25-AE5C852EC479}"=Catalyst Control Center Localization Polish
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}"=TOSHIBA SD Memory Utilities
"{EC28331A-FF2B-6D66-D8A0-32C706AEA120}"=CCC Help Spanish
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}"=TOSHIBA Speech System Applications
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}"=Realtek High Definition Audio Driver
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}"=DVD MovieFactory for TOSHIBA
"{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}"=kgcbase
"{F2B27034-6059-0549-F01A-4BD9865521B1}"=Catalyst Control Center Localization French
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}"=SKINXSDK
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}"=WIRELESS
"{FBE6B550-A93E-AA46-1DBB-421EC319E2DA}"=Catalyst Control Center Localization Italian
"{FCDB1C92-03C6-4C76-8625-371224256091}"=ESSPDock
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}"=TOSHIBA Value Added Package
"Activation Assistant for the 2007 Microsoft Office suites"=Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR"=Adobe AIR
"Adobe Flash Player ActiveX"=Adobe Flash Player ActiveX
"Adobe Flash Player Plugin"=Adobe Flash Player Plugin
"Adobe Shockwave Player"=Adobe Shockwave Player 11
"AIM Broadcaster 1.1.0.0"=AIM Broadcaster 1.1.0.0
"AIM MusicLink 2.1.0.5"=AIM MusicLink 2.1.0.5
"AIM_6"=AIM 6
"ATI Uninstaller"=ATI Uninstaller
"Canon iP1700 User Registration"=Canon iP1700 User Registration
"CanonMyPrinter"=Canon My Printer
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1"=Acrobat.com
"Desktop Dialer"=Desktop Dialer
"Easy-PhotoPrint"=Canon Utilities Easy-PhotoPrint
"Easy-WebPrint"=Easy-WebPrint
"filehippo.com"=filehippo.com Update Checker
"Google Updater"=Google Updater
"HijackThis"=HijackThis 2.0.2
"HOMESTUDENTR"=Microsoft Office Home and Student 2007
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}"=Call of Duty® 4 - Modern Warfare™ 1.4 Patch
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}"=TOSHIBA Supervisor Password
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}"=TOSHIBA Hardware Setup
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}"=TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}"=TOSHIBA Flash Cards Support Utility
"InstallShield_{DB780B85-B4B5-4864-A49C-9B706B169C93}"=Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}"=TOSHIBA Value Added Package
"KB931906"=Security Update for CAPICOM (KB931906)
"KB954156"=Security Update for Windows Media Encoder (KB954156)
"LastFM_is1"=Last.fm 1.5.1.29527
"Mozilla Firefox (3.0.1)"=Mozilla Firefox (3.0.1)
"Music Rescue_is1"=Music Rescue 3.1.6
"Picasa2"=Picasa 2
"PreCast"=Ocucom PreCast 1.5
"PROPLUSR"=Microsoft Office Professional Plus 2007
"SynTPDeinstKey"=Synaptics Pointing Device Driver
"TOSHIBA Game Console"=TOSHIBA Game Console
"TOSHIBA Media Center Game Console"=TOSHIBA Media Center Game Console
"TOSHIBA Software Modem"=TOSHIBA Software Modem
"TwitterMan Widget 3.0"=TwitterMan Widget 3.0
"Windows Live Toolbar"=Windows Live Toolbar
"Windows Media Encoder 9"=Windows Media Encoder 9 Series
"WinRAR archiver"=WinRAR archiver
"World of Warcraft"=World of Warcraft
"WT022084"=Bejeweled 2 Deluxe
"WT022085"=Blackhawk Striker 2
"WT022086"=Blasterball 3
"WT022087"=Diner Dash - Flo on the Go
"WT022089"=FATE
"WT022090"=Mah Jong Quest
"WT022091"=Penguins!
"WT022092"=Polar Bowler
"WT022093"=Polar Golfer

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 9/7/2008 11:04:14 PM | Computer Name = Blane-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 9/7/2008 11:04:14 PM | Computer Name = Blane-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 9/7/2008 11:04:17 PM | Computer Name = Blane-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 9/7/2008 11:04:17 PM | Computer Name = Blane-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 9/8/2008 12:43:48 AM | Computer Name = Blane-PC | Source = EventSystem | ID = 4621
Description =

Error - 9/9/2008 6:46:09 PM | Computer Name = Blane-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 9/9/2008 6:46:10 PM | Computer Name = Blane-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 9/9/2008 9:06:50 PM | Computer Name = Blane-PC | Source = Application Hang | ID = 1002
Description = The program aim6.exe version 1.4.9.1 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Problem Reports and Solutions control panel. Process
ID: 5b4 Start Time: 01c912deec8e3cf3 Termination Time: 97

Error - 9/9/2008 9:10:27 PM | Computer Name = Blane-PC | Source = Application Hang | ID = 1002
Description = The program aim6.exe version 1.4.9.1 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Problem Reports and Solutions control panel. Process
ID: 1190 Start Time: 01c912e1b60954a3 Termination Time: 21

Error - 9/9/2008 11:14:37 PM | Computer Name = Blane-PC | Source = EventSystem | ID = 4621
Description =

[ Media Center Events ]
Error - 12/9/2007 12:51:32 AM | Computer Name = Blane-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 12/11/2007 4:42:18 PM | Computer Name = Blane-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 12/12/2007 12:58:45 AM | Computer Name = Blane-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 12/16/2007 8:42:23 PM | Computer Name = Blane-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 4/15/2008 8:54:04 PM | Computer Name = Blane-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 4/18/2008 12:06:04 PM | Computer Name = Blane-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 5/22/2008 7:04:53 PM | Computer Name = Blane-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 5/26/2008 3:43:42 PM | Computer Name = Blane-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 5/30/2008 2:52:00 AM | Computer Name = Blane-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 5/31/2008 9:39:03 AM | Computer Name = Blane-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

[ System Events ]
Error - 9/17/2008 11:19:56 PM | Computer Name = Blane-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 9/17/2008 11:19:56 PM | Computer Name = Blane-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 9/17/2008 11:36:02 PM | Computer Name = Blane-PC | Source = BROWSER | ID = 8032
Description =

Error - 9/18/2008 12:12:05 AM | Computer Name = Blane-PC | Source = DCOM | ID = 10010
Description =

Error - 9/18/2008 12:08:52 PM | Computer Name = Blane-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 9/18/2008 12:08:59 PM | Computer Name = Blane-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 9/18/2008 12:09:10 PM | Computer Name = Blane-PC | Source = HTTP | ID = 15021
Description =

Error - 9/18/2008 12:09:10 PM | Computer Name = Blane-PC | Source = HTTP | ID = 15016
Description =

Error - 9/18/2008 12:09:34 PM | Computer Name = Blane-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 9/18/2008 12:09:34 PM | Computer Name = Blane-PC | Source = Service Control Manager | ID = 7026
Description =


< End of report >

Okay, whats been happening is my Windows Explorer keeps not working and it says "Windows Explorer is not responding" This makes it so I cannot change the volume or battery settings. It does it every time I get on my computer. It never used to do this before. Then I keep getting the windows update icon saying "New updates are available." I click it and ive downloaded this update like 10 times and it keeps popping up saying its still available. The update is called "Security Update for Microsoft XML Core Services 4.0 Service Pack 2 (KB936181)" Then I ran a virus scan using trend micro and it said this was a vulnerability and gave me a link to download an update. When I went to download the update, it said I had to install ActiveX Control. When I click to download ActiveX Control, it doesnt download. So i wanted you to look at my HJT log to see if something was stopping me from downloading that or making my Windows Explorer not work. If you have any advice on what to do, please le me know.

#10 Yourhighness

Yourhighness

    The BSG Malware Fighter


  • Malware Response Team
  • 7,943 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Hamburg
  • Local time:03:38 PM

Posted 19 September 2008 - 11:09 AM

hi,

now that helps helping you ;). Seems this problem was wide spread. See here for some more infos. A manual download, can be found here and the known issues section can be found here.

Lets try doing this first, to see if that helps your original problem. Then we will do some minor "finalising" steps before I let you go. The hanging of the explorer could be in connection to the failed update. Microsoft is known for these kinda hickups and annoyances.

Thanks.

Edited by Yourhighness, 19 September 2008 - 11:09 AM.

"How did I get infected?" - "Safe-hex" - Member of UNITE -
Posted Image


#11 shortmantuff

shortmantuff
  • Topic Starter

  • Members
  • 124 posts
  • OFFLINE
  •  
  • Local time:10:38 AM

Posted 21 September 2008 - 01:30 AM

Ok, my internet connection sucks at my apartment (I get it through my apartment complex) so im going to try to download the update through another connection. I'll let you know if that worked once I do it, might not be for a couple of days (just letting you know).

#12 shortmantuff

shortmantuff
  • Topic Starter

  • Members
  • 124 posts
  • OFFLINE
  •  
  • Local time:10:38 AM

Posted 23 September 2008 - 01:47 PM

Ok, it's not my internet connection at my place. Installing the ActiveX Control didn't work at another internet connection. I think something is wrong with my internet explorer. I tried to download the new Internet explorer 8 Beta 2 for windows vista and it says internet explorer is already installed on this computer. Please remove the old version of Internet explorer 8. When I go into my control panel to remove internet explorer, it doesnt show up on my list to remove it. Any suggestions?

#13 Yourhighness

Yourhighness

    The BSG Malware Fighter


  • Malware Response Team
  • 7,943 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Hamburg
  • Local time:03:38 PM

Posted 23 September 2008 - 02:05 PM

hi,

to be honest. not at the moment. i use firefox and have not come across this problem before. let me see if someone of my colleagues have a suggestion to this particular problem. I shall revert soon.

thanks,

yohi

"How did I get infected?" - "Safe-hex" - Member of UNITE -
Posted Image


#14 Yourhighness

Yourhighness

    The BSG Malware Fighter


  • Malware Response Team
  • 7,943 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Hamburg
  • Local time:03:38 PM

Posted 23 September 2008 - 03:21 PM

ok, lets give this a go:
  • Click the "Start Menu" (or Windows Orb)
  • Click "All Programs"
  • Click "Windows Update"
  • On the left, choose "Change Settings"
  • Ensure that the checkbox "Use Microsoft Update" at the bottom of the window is checked.
  • Press OK and accept the UAC prompt.
    Note: You shouldn't need to check this checkbox every single time you update, only the first time.
  • Click "Check for Updates" in the upper left corner.
  • Follow the instructions to install the latest updates.
  • Reboot and repeat the "Check for Updates" until there are no more critical updates to install

"How did I get infected?" - "Safe-hex" - Member of UNITE -
Posted Image


#15 shortmantuff

shortmantuff
  • Topic Starter

  • Members
  • 124 posts
  • OFFLINE
  •  
  • Local time:10:38 AM

Posted 23 September 2008 - 04:15 PM

No, that didnt work. It says it installed, but the "new updates are available" icon still comes up. I tried to download it manually from that site you gave me earlier, but it said "Error opening installation log file. Verify that the specified log file location exists and is writable" I also tried to check for updates on microsoft.com, which I need internet explorer to run. I also use Firefox, but in order to run that update check via microsoft.com, i had to do it through internet explorer. Do you know how I can delete internet explorer from my computer, so I can try to download a newer version of it?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users