Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Slow Startup After Uninstalling CleanMem


  • This topic is locked This topic is locked
2 replies to this topic

#1 BrandonH

BrandonH

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:01:24 PM

Posted 11 August 2009 - 04:55 PM

I installed CleanMem but it was causing display problems with the explorer windows, so I uninstalled it using Revo. Windows seemed to start up normally afterward. Then, I believe I started having issues, so I did a System Restore. The problems persisted. I uninstalled it again, and cleaned up the files I found in the Windows directory that were not uninstalled. Also around this time, I uninstalled Zonealarm and installed Online Armor doing all the necessary restarts. I had two accounts on this computer, one LUA with SuRun installed so I could use administrative rights when needed. And the other one was an Administrator account. Windows itself seems to hang when starting. Then when I log in the LUA, log in takes a few minutes. Then when the account loads, the hourglass appears by the mouse and then it disappears. It does this repeatedly. When I move it over the taskbar, it remains in constant busy mode. After several minutes, at least 10, the mouse returns to normal and programs begin loading and I'm given my SuRun login. After several more minutes, I'm able to run programs normally. At one point, a message pops up saying To help protect your computer, Data Execution Prevention has closed Windows Explorer. But it continues running normally. I turned off System Restore since none of them worked and scanned using Avira, Prevx, and SAS, none of them finding any infection. Still running MBAM.

However, when I log in on my Administrator account, it loads normally. The only problems I've noticed is that Avira takes a long time scanning for updates. So I updated it manually. And Tuneup Utilities crashes seconds after starting it. Says it encountered a problem and needed to close. I've always done regular virus/malware scans and chkdsk (which found no errors) and defragmenting. But must learn to back up registry before every install apparently.

Update: MBAM found nothing. Forgot to mention OS is Microsoft XP Media Center Edition 2005 SP3, installed latest updates. I've got the following errors in Event Viewer: 10005 DCOM error - ntmssvc service didn't start, Saskutil service failed to start because the device is not ready, and Tuneup Program Statistics service stopped unexpectedly. I've also found some Application Errors Event ID 1000 for integrator.exe faulting module tupsapi.dll (Tuneup Utilities related), TUProgSt.exe faulting module TUProgSt.exe (TuneUp Utilities related), explorer.exe faulting module unknown, and Event IDs 7 - failed to load the plug-in module for VzCdbSvc (Sony Vaio related) and 1001 - Fault bucket 881199291. Wondering if I just have to reinstall TuneUp to fix those errors. But would I need to have a CD burned to run System File Check Utility. I ran it once and it needed the CD to complete. But I will look further into it while waiting for assistance.


DDS (Ver_09-07-30.01) - NTFSx86
Run by Brandon Holthaus at 19:39:43.03 on Tue 08/11/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_15
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.222 [GMT -5:00]

AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
FW: Online Armor Firewall *enabled* {B797DAA0-7E2E-4711-8BB3-D12744F1922A}
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
svchost.exe
svchost.exe
C:\Program Files\Tall Emu\Online Armor\OAcat.exe
C:\Program Files\Tall Emu\Online Armor\oasrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
svchost.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Prevx\prevx.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Prevx\prevx.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40ST7.EXE
C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\MozyHome\mozybackup.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Everything\Everything.exe
C:\Program Files\Tall Emu\Online Armor\oaui.exe
C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
C:\Program Files\Tall Emu\Online Armor\OAhlp.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DesktopCoral\DesktopCoral.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Rainmeter\Rainmeter.exe
C:\Program Files\PeerGuardian2\pg2.exe
C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\TeamViewer\Version4\TeamViewer.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Launchy\Launchy.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Update Notifier\updatenotifier.exe
C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Stardock\ObjectDockPlus\ObjectDock\ObjectDock.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Hotspot Shield\bin\openvpntray.exe
C:\Program Files\Hotspot Shield\bin\openvpntray.exe
C:\Program Files\Hotspot Shield\bin\openvpntray.exe
C:\Program Files\Hotspot Shield\bin\openvpntray.exe
C:\Program Files\Hotspot Shield\bin\openvpntray.exe
C:\Program Files\Hotspot Shield\bin\openvpntray.exe
C:\Program Files\Hotspot Shield\bin\openvpntray.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Brandon Holthaus\Desktop\dds.scr

============== Pseudo HJT Report ===============

uSearch Bar = hxxp://www.yahoo.com/search/ie.html
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = local
uSearchAssistant = hxxp://www.google.com/ie
mSearchAssistant = hxxp://www.searchgateway.net/search/
uURLSearchHooks: AOLSearchHook Class: {54eb34ea-e6be-4cfd-9f4f-c4a0c2eafa22} - c:\program files\aol\aol search enhancement\AOLSearch.dll
uURLSearchHooks: Hotspot Shield Toolbar: {c95a4e8e-816d-4655-8c79-d736da1adb6d} - c:\program files\hotspot_shield\tbHots.dll
mWinlogon: UIHost=c:\documents and settings\all users\application data\tuneup software\tuneup utilities\winstyler\tu_logonui.exe
BHO: Octh Class: {000123b4-9b42-4900-b3f7-f4b073efc214} - c:\program files\orbitdownloader\orbitcth.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: AOLSearchHook Class: {54eb34ea-e6be-4cfd-9f4f-c4a0c2eafa22} - c:\program files\aol\aol search enhancement\AOLSearch.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Hotspot Shield Toolbar: {c95a4e8e-816d-4655-8c79-d736da1adb6d} - c:\program files\hotspot_shield\tbHots.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: ZoneAlarm Spy Blocker BHO: {f0d4b231-da4b-4daf-81e4-dfee4931a4aa} - c:\program files\zonealarmsb\bar\1.bin\SPYBLOCK.DLL
BHO: Hotspot Shield Class: {f9e4a054-e9b1-4bc3-83a3-76a1ae736170} - c:\program files\hotspot shield\hssie\HssIE.dll
TB: ZoneAlarm Spy Blocker: {f0d4b239-da4b-4daf-81e4-dfee4931a4aa} - c:\program files\zonealarmsb\bar\1.bin\SPYBLOCK.DLL
TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
TB: Veoh Web Player Video Finder: {0fbb9689-d3d7-4f7a-a2e2-585b10099bfc} - c:\program files\veoh networks\veohwebplayer\VeohIEToolbar.dll
TB: StylerToolBar: {d2f8f919-690b-4ea2-9fa7-a203d1e04f75} - c:\program files\styler\tb\StylerTB.dll
TB: Hotspot Shield Toolbar: {c95a4e8e-816d-4655-8c79-d736da1adb6d} - c:\program files\hotspot_shield\tbHots.dll
TB: Grab Pro: {c55bbcd6-41ad-48ad-9953-3609c48eacc7} - c:\program files\orbitdownloader\GrabPro.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
TB: {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - No File
TB: {AD55C869-668E-457C-B270-0CFB2F61116F} - No File
EB: &Research: {ff059e31-cc5a-4e2e-bf3b-96e929d65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Desktop Coral] "c:\program files\desktopcoral\DesktopCoral.exe" /autorun
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [Rainmeter] c:\program files\rainmeter\Rainmeter.exe
uRun: [PeerGuardian] c:\program files\peerguardian2\pg2.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [SkyTel] SkyTel.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [AzMixerSel] c:\program files\realtek\installshield\AzMixerSel.exe
mRun: [SonyPowerCfg] "c:\program files\sony\vaio power management\SPMgr.exe"
mRun: [Switcher.exe] c:\program files\sony\wireless switch setting utility\Switcher.exe
mRun: [VAIO Recovery] c:\windows\sonysys\vaio recovery\PartSeal.exe
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [VAIO Update 3] "c:\program files\sony\vaio update 3\VAIOUpdt.exe" /Stationary
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot
mRun: [Everything] "c:\program files\everything\Everything.exe" -startup
mRun: [@OnlineArmor GUI] "c:\program files\tall emu\online armor\oaui.exe"
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
StartupFolder: c:\docume~1\brando~1\startm~1\programs\startup\stardo~1.lnk - c:\program files\stardock\objectdockplus\objectdock\ObjectDock.exe
StartupFolder: c:\docume~1\brando~1\startm~1\programs\startup\update~1.lnk - c:\program files\update notifier\updatenotifier.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\launchy.lnk - c:\program files\launchy\Launchy.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\servic~1.lnk - c:\program files\microsoft sql server\80\tools\binn\sqlmangr.exe
mPolicies-explorer: EnableShellExecuteHooks = 1 (0x1)
IE: &Download by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/204
IE: Build LinkLister List from Selected Url(s) - c:\program files\linklister\build_from_sel.html
IE: Customize Menu - file://c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
IE: Do&wnload selected by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/202
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000
IE: Fill Forms - file://c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: RoboForm Toolbar - file://c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: Save Forms - file://c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: Send To &Bluetooth - c:\program files\iogear\bluetooth software\btsendto_ie_ctx.htm
IE: Send to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL
IE: {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - {552781AF-37E4-4FEE-920A-CED9E648EADD} - c:\program files\common files\microsoft shared\encarta search bar\ENCSBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Trusted Zone: google.com\www
Trusted Zone: microsoft.com\update
Trusted Zone: sticktv.net\www
Trusted Zone: webs.com\www.dwert2
DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} - hxxp://dl.tvunetworks.com/TVUAx.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
TCP: {98CE96B4-FACE-4B85-B40A-2F732982704F} = 208.67.222.222,208.67.220.220
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: igfxcui - igfxdev.dll
Notify: MCPClient - c:\progra~1\common~1\stardock\mcpstub.dll
Notify: VESWinlogon - VESWinlogon.dll
Notify: WBSrv - c:\program files\stardock\object desktop\windowblinds\wbsrv.dll
AppInit_DLLs: c:\program,files\permissionresearch\prai.dll,c:\program files\permissionresearch\prai.dll,wbsys.dll
SSODL: 0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} - c:\progra~1\common~1\stardock\mcpcore.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - c:\program files\stardock\object desktop\iconpackager\iprepair.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
SEH: OA Shell Helper: {4f07da45-8170-4859-9b5f-037ef2970034} - c:\progra~1\tallem~1\online~1\oaevent.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\brando~1\applic~1\mozilla\firefox\profiles\f1p4hrf1.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnI=I%27m+Feeling+Lucky&q=
FF - prefs.js: network.proxy.ftp - 127.0.0.1
FF - prefs.js: network.proxy.ftp_port - 4001
FF - prefs.js: network.proxy.gopher - 127.0.0.1
FF - prefs.js: network.proxy.gopher_port - 4001
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 4001
FF - prefs.js: network.proxy.socks - 127.0.0.1
FF - prefs.js: network.proxy.socks_port - 4001
FF - prefs.js: network.proxy.ssl - 127.0.0.1
FF - prefs.js: network.proxy.ssl_port - 4001
FF - prefs.js: network.proxy.type - 4
FF - component: c:\documents and settings\brandon holthaus\application data\mozilla\firefox\profiles\f1p4hrf1.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\brandon holthaus\application data\mozilla\firefox\profiles\f1p4hrf1.default\extensions\lazarus@interclue.com\platform\winnt_x86-msvc\components\WeaveCrypto.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPTURNMED.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPTURNMED.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npyaxmpb.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npyaxmpb.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPZoneSB.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPZoneSB.dll
FF - plugin: c:\program files\opera\program\plugins\npdivx32.dll
FF - plugin: c:\program files\opera\program\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\opera\program\plugins\nporbit.dll
FF - plugin: c:\program files\opera\program\plugins\nppl3260.dll
FF - plugin: c:\program files\opera\program\plugins\nprpjplug.dll
FF - plugin: c:\program files\spiralfrog\wmp\np-mswmp.dll
FF - plugin: c:\program files\veetle\player\npvlc.dll
FF - plugin: c:\program files\veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\veoh networks\veohwebplayer\NPVeohTVPlugin.dll
FF - plugin: c:\program files\veoh networks\veohwebplayer\npWebPlayerVideoPluginATL.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\program files\mozilla firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\mozilla firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\mozilla firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");

============= SERVICES / DRIVERS ===============

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-4-16 28544]
R0 pxscan;pxscan;c:\windows\system32\drivers\pxscan.sys [2009-7-23 22024]
R0 pxsec;pxsec;c:\windows\system32\drivers\pxsec.sys [2009-7-23 27656]
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2009-8-11 11608]
R1 mozyFilter;mozyFilter;c:\windows\system32\drivers\mozy.sys [2009-5-9 53752]
R1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [2009-8-10 200784]
R1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [2009-8-10 24656]
R1 OAnet;OAnet;c:\windows\system32\drivers\OAnet.sys [2009-8-10 29776]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-7-28 9968]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2009-8-11 108289]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2009-8-11 185089]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-8-11 55656]
R2 CSIScanner;CSIScanner;c:\program files\prevx\prevx.exe [2009-7-23 4368952]
R2 HssSrv;Hotspot Shield Helper Service;c:\program files\hotspot shield\hsswpr\hsssrv.exe [2009-6-15 331312]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 MSSQL$VAIO_VEDB;MSSQL$VAIO_VEDB;c:\program files\microsoft sql server\mssql$vaio_vedb\binn\sqlservr.exe -svaio_vedb --> c:\program files\microsoft sql server\mssql$vaio_vedb\binn\sqlservr.exe -sVAIO_VEDB [?]
R2 NwSapAgent;SAP Agent;c:\windows\system32\svchost.exe -k netsvcs [2006-9-1 14336]
R2 OAcat;Online Armor Helper Service;c:\program files\tall emu\online armor\oacat.exe [2009-8-10 362184]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032]
R2 SvcOnlineArmor;Online Armor;c:\program files\tall emu\online armor\oasrv.exe [2009-8-10 3285704]
R2 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2006-11-28 1120960]
R2 TeamViewer4;TeamViewer 4;c:\program files\teamviewer\version4\TeamViewer_Service.exe [2009-7-30 185640]
R3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-7-28 7408]
R3 tap0901;TAP-Win32 Adapter V9;c:\windows\system32\drivers\tap0901.sys [2009-7-14 25472]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2006-9-1 812544]
S0 ntcdrdrv;ntcdrdrv;c:\windows\system32\drivers\ntcdrdrv.sys --> c:\windows\system32\drivers\ntcdrdrv.sys [?]
S0 tclondrv;tclondrv;c:\windows\system32\drivers\tclondrv.sys --> c:\windows\system32\drivers\tclondrv.sys [?]
S1 SASKUTIL;SASKUTIL;\??\g:\superantispyware\saskutil.sys --> g:\superantispyware\SASKUTIL.sys [?]
S2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [2009-7-27 604488]
S3 HssTrayService;Hotspot Shield Tray Service;c:\program files\hotspot shield\bin\HssTrayService.exe [2009-7-14 57640]
S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [2008-7-10 42112]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-6 34064]
S3 SQLAgent$VAIO_VEDB;SQLAgent$VAIO_VEDB;c:\program files\microsoft sql server\mssql$vaio_vedb\binn\sqlagent.exe -i vaio_vedb --> c:\program files\microsoft sql server\mssql$vaio_vedb\binn\sqlagent.EXE -i VAIO_VEDB [?]

=============== Created Last 30 ================

2009-08-11 19:32 20,006 a------- c:\windows\system32\TUProgSt_20090812-003229.dmp
2009-08-11 18:05 116,224 ac------ c:\windows\system32\dllcache\xrxwiadr.dll
2009-08-11 18:05 23,040 ac------ c:\windows\system32\dllcache\xrxwbtmp.dll
2009-08-11 18:05 18,944 ac------ c:\windows\system32\dllcache\xrxscnui.dll
2009-08-11 18:05 27,648 ac------ c:\windows\system32\dllcache\xrxftplt.exe
2009-08-11 18:05 4,608 ac------ c:\windows\system32\dllcache\xrxflnch.exe
2009-08-11 18:04 99,865 ac------ c:\windows\system32\dllcache\xlog.exe
2009-08-11 18:04 16,970 ac------ c:\windows\system32\dllcache\xem336n5.sys
2009-08-11 18:04 19,455 ac------ c:\windows\system32\dllcache\wvchntxx.sys
2009-08-11 18:04 12,063 ac------ c:\windows\system32\dllcache\wsiintxx.sys
2009-08-11 17:31 29,311 ac------ c:\windows\system32\dllcache\watv01nt.sys
2009-08-11 17:30 113,762 ac------ c:\windows\system32\dllcache\usrpda.sys
2009-08-11 17:29 50,176 ac------ c:\windows\system32\dllcache\umaxp60.dll
2009-08-11 17:28 82,944 ac------ c:\windows\system32\dllcache\tp4mon.exe
2009-08-11 17:27 30,464 ac------ c:\windows\system32\dllcache\tbatm155.sys
2009-08-11 17:26 41,472 ac------ c:\windows\system32\dllcache\sw_effct.dll
2009-08-11 17:25 37,040 ac------ c:\windows\system32\dllcache\sonypi.sys
2009-08-11 17:24 30,208 ac------ c:\windows\system32\dllcache\sm87w.dll
2009-08-11 17:23 98,080 ac------ c:\windows\system32\dllcache\sgiulnt5.sys
2009-08-11 17:22 245,632 ac------ c:\windows\system32\dllcache\s3savmx.dll
2009-08-11 17:21 9,216 ac------ c:\windows\system32\dllcache\rsmgrstr.dll
2009-08-11 17:20 33,152 ac------ c:\windows\system32\dllcache\ql10wnt.sys
2009-08-11 17:19 92,416 ac------ c:\windows\system32\dllcache\phildec.sys
2009-08-11 17:18 41,984 ac------ c:\windows\system32\dllcache\ovui2rc.dll
2009-08-11 17:17 198,144 ac------ c:\windows\system32\dllcache\nv3.sys
2009-08-11 17:16 15,872 ac------ c:\windows\system32\dllcache\ne2000.sys
2009-08-11 17:15 49,024 ac------ c:\windows\system32\dllcache\mstape.sys
2009-08-11 17:15 12,416 ac------ c:\windows\system32\dllcache\msriffwv.sys
2009-08-11 17:15 2,944 ac------ c:\windows\system32\dllcache\msmpu401.sys
2009-08-11 17:15 22,016 ac------ c:\windows\system32\dllcache\msircomm.sys
2009-08-11 17:15 35,200 ac------ c:\windows\system32\dllcache\msgame.sys
2009-08-11 17:15 51,200 ac------ c:\windows\system32\dllcache\msdv.sys
2009-08-11 17:15 6,016 ac------ c:\windows\system32\dllcache\msfsio.sys
2009-08-11 17:15 17,280 ac------ c:\windows\system32\dllcache\mraid35x.sys
2009-08-11 17:15 15,232 ac------ c:\windows\system32\dllcache\mpe.sys
2009-08-11 17:13 802,683 ac------ c:\windows\system32\dllcache\ltsm.sys
2009-08-11 17:12 26,624 ac------ c:\windows\system32\dllcache\irstusb.sys
2009-08-11 17:11 61,952 ac------ c:\windows\system32\dllcache\icam4ext.dll
2009-08-11 17:10 73,279 ac------ c:\windows\system32\dllcache\hsf_spkp.sys
2009-08-11 17:09 48,128 ac------ c:\windows\system32\dllcache\hpgt33tk.dll
2009-08-11 17:08 455,296 ac------ c:\windows\system32\dllcache\fusbbase.sys
2009-08-11 17:07 347,550 ac------ c:\windows\system32\dllcache\es56tpi.sys
2009-08-11 17:06 55,999 ac------ c:\windows\system32\dllcache\el556nd5.sys
2009-08-11 17:05 229,462 ac------ c:\windows\system32\dllcache\digifwrk.dll
2009-08-11 17:04 175,104 ac------ c:\windows\system32\dllcache\csamsp.dll
2009-08-11 17:03 187,938 ac------ c:\windows\system32\dllcache\c_20005.nls
2009-08-11 17:02 45,056 ac------ c:\windows\system32\dllcache\EXCH_aqadmin.dll
2009-08-11 17:00 7,168 ac------ c:\windows\system32\dllcache\wamregps.dll
2009-08-11 16:59 66,048 ac------ c:\windows\system32\dllcache\s3legacy.dll
2009-08-11 16:59 19,968 ac------ c:\windows\system32\dllcache\inetsloc.dll
2009-08-11 16:59 169,984 ac------ c:\windows\system32\dllcache\iisui.dll
2009-08-11 16:59 7,680 ac------ c:\windows\system32\dllcache\inetmgr.exe
2009-08-11 16:59 14,336 ac------ c:\windows\system32\dllcache\iisreset.exe
2009-08-11 16:59 5,632 ac------ c:\windows\system32\dllcache\iisrstap.dll
2009-08-11 16:59 6,144 ac------ c:\windows\system32\dllcache\ftpsapi2.dll
2009-08-11 16:58 94,720 ac------ c:\windows\system32\dllcache\certmap.ocx
2009-08-11 16:54 17,920 a------- c:\windows\system32\TUProgSt_20090811-215417.dmp
2009-08-11 09:16 22,937 a------- c:\windows\system32\TUProgSt_20090811-141606.dmp
2009-08-11 00:43 <DIR> --d----- c:\program files\Avira
2009-08-11 00:43 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Avira
2009-08-10 23:06 <DIR> --d----- c:\docume~1\brando~1\applic~1\OnlineArmor
2009-08-10 23:06 <DIR> --d----- c:\docume~1\alluse~1\applic~1\OnlineArmor
2009-08-10 22:18 <DIR> --d----- c:\windows\system32\wbem\Repository
2009-08-10 21:20 <DIR> --d----- c:\program files\Tall Emu
2009-08-10 01:21 <DIR> --d----- c:\program files\TeamViewer
2009-08-09 18:59 <DIR> --d----- c:\program files\The KMPlayer
2009-08-09 18:53 <DIR> --d----- c:\docume~1\brando~1\applic~1\TeamViewer
2009-08-09 18:53 <DIR> --d----- c:\documents and settings\brandon holthaus\temp
2009-08-07 11:46 <DIR> --d----- c:\program files\OpenDNS Updater
2009-08-05 13:38 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2009-08-05 13:37 <DIR> --d----- c:\program files\SUPERAntiSpyware
2009-08-05 13:37 <DIR> --d----- c:\program files\common files\Wise Installation Wizard
2009-08-04 15:21 <DIR> --d----- c:\program files\Amazon
2009-08-03 13:19 861,184 a------- c:\windows\system32\MyDefragScreenSaver.exe
2009-08-03 13:19 95,232 a------- c:\windows\system32\MyDefragScreenSaver.scr
2009-08-03 13:19 <DIR> --d----- c:\program files\MyDefrag v4.1.2
2009-08-02 01:16 25,992 a------- c:\windows\system32\pgdfgsvc.exe
2009-08-01 16:58 21,183 a------- c:\windows\system32\TUProgSt_20090801-215818.dmp
2009-08-01 15:47 21,183 a------- c:\windows\system32\TUProgSt_20090801-204704.dmp
2009-07-30 04:00 <DIR> --d----- c:\program files\Xilisoft
2009-07-30 02:32 <DIR> --d----- c:\program files\BurnAware Free
2009-07-30 00:58 21,183 a------- c:\windows\system32\TUProgSt_20090730-055836.dmp
2009-07-30 00:24 <DIR> --d----- c:\docume~1\brando~1\applic~1\URSoft
2009-07-29 00:35 21,183 a------- c:\windows\system32\TUProgSt_20090729-053555.dmp
2009-07-28 23:32 21,504 ac------ c:\windows\system32\dllcache\hidserv.dll
2009-07-28 23:32 21,504 a------- c:\windows\system32\hidserv.dll
2009-07-28 23:30 <DIR> --d----- c:\program files\WIDCOMM
2009-07-28 14:06 187,392 a------- c:\windows\system32\JPGUtils.dll
2009-07-28 14:06 <DIR> --d----- c:\program files\WinCustomize
2009-07-27 14:14 21,183 a------- c:\windows\system32\TUProgSt_20090727-191425.dmp
2009-07-27 13:14 604,488 a------- c:\windows\system32\TUProgSt.exe
2009-07-27 13:14 29,000 a------- c:\windows\system32\uxtuneup.dll
2009-07-27 13:13 361,288 a------- c:\windows\system32\TuneUpDefragService.exe
2009-07-25 23:46 <DIR> --d----- c:\program files\YPOPs
2009-07-25 23:46 <DIR> --d----- c:\documents and settings\brandon holthaus\YPOPs
2009-07-25 15:40 <DIR> --d----- c:\program files\Secunia
2009-07-23 01:28 <DIR> --d----- c:\program files\Prevx
2009-07-23 01:28 <DIR> --d----- c:\docume~1\alluse~1\applic~1\PrevxCSI
2009-07-22 00:07 56 a---h--- c:\windows\system32\ezsidmv.dat
2009-07-21 02:36 <DIR> --d----- c:\program files\PicPick
2009-07-17 10:22 <DIR> --d----- c:\docume~1\brando~1\applic~1\Canneverbe_Limited
2009-07-16 22:33 <DIR> --d----- c:\program files\iPod

==================== Find3M ====================

2009-08-10 22:24 4,212 a---h--- c:\windows\system32\zllictbl.dat
2009-08-05 12:30 411,368 a------- c:\windows\system32\deploytk.dll
2009-08-05 04:01 204,800 a------- c:\windows\system32\mswebdvd.dll
2009-08-03 13:36 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-03 13:36 19,096 a------- c:\windows\system32\drivers\mbam.sys
2009-07-28 16:33 55,656 a------- c:\windows\system32\drivers\avgntflt.sys
2009-07-26 21:43 58,908 a------- c:\windows\system32\drivers\scdemu.sys
2009-07-23 01:28 27,656 a------- c:\windows\system32\drivers\pxsec.sys
2009-07-23 01:28 22,024 a------- c:\windows\system32\drivers\pxscan.sys
2009-07-17 14:01 58,880 a------- c:\windows\system32\atl.dll
2009-07-14 19:01 25,472 a------- c:\windows\system32\drivers\tap0901.sys
2009-07-13 23:43 286,208 a------- c:\windows\system32\wmpdxm.dll
2009-07-11 05:17 24,656 a------- c:\windows\system32\drivers\OAmon.sys
2009-07-11 05:17 29,776 a------- c:\windows\system32\drivers\OAnet.sys
2009-07-11 05:17 200,784 a------- c:\windows\system32\drivers\OADriver.sys
2009-07-08 14:54 237,568 a------- c:\windows\system32\rmc_rtspdl.dll
2009-07-08 14:54 156,672 a------- c:\windows\system32\rmc_fixasf.exe
2009-07-08 14:54 323,584 a------- c:\windows\system32\AUDIOGENIE2.DLL
2009-07-03 12:09 915,456 a------- c:\windows\system32\wininet.dll
2009-07-01 21:34 33,840 a------- c:\windows\system32\drivers\hssdrv.sys
2009-06-25 03:25 730,112 a------- c:\windows\system32\lsasrv.dll
2009-06-25 03:25 301,568 a------- c:\windows\system32\kerberos.dll
2009-06-25 03:25 147,456 a------- c:\windows\system32\schannel.dll
2009-06-25 03:25 136,192 a------- c:\windows\system32\msv1_0.dll
2009-06-25 03:25 56,832 a------- c:\windows\system32\secur32.dll
2009-06-25 03:25 54,272 a------- c:\windows\system32\wdigest.dll
2009-06-24 06:18 92,928 a------- c:\windows\system32\drivers\ksecdd.sys
2009-06-17 07:20 12,648 a------- c:\windows\system32\drivers\psi_mf.sys
2009-06-16 09:36 119,808 a------- c:\windows\system32\t2embed.dll
2009-06-16 09:36 81,920 a------- c:\windows\system32\fontsub.dll
2009-06-12 07:31 80,896 a------- c:\windows\system32\tlntsess.exe
2009-06-12 07:31 76,288 a------- c:\windows\system32\telnet.exe
2009-06-10 09:19 2,066,432 a------- c:\windows\system32\mstscax.dll
2009-06-10 09:13 84,992 a------- c:\windows\system32\avifil32.dll
2009-06-10 01:14 132,096 a------- c:\windows\system32\wkssvc.dll
2009-06-03 14:09 1,291,264 a------- c:\windows\system32\quartz.dll
2009-05-06 08:56 8,880 a------- c:\docume~1\brando~1\applic~1\wklnhst.dat
2008-07-23 13:57 92,064 a------- c:\documents and settings\brandon holthaus\mqdmmdm.sys
2008-07-23 13:57 79,328 a------- c:\documents and settings\brandon holthaus\mqdmserd.sys
2008-07-23 13:57 9,232 a------- c:\documents and settings\brandon holthaus\mqdmmdfl.sys
2008-07-23 13:57 5,936 a------- c:\documents and settings\brandon holthaus\mqdmwhnt.sys
2008-07-23 13:57 4,048 a------- c:\documents and settings\brandon holthaus\mqdmcr.sys
2008-07-23 13:57 66,656 a------- c:\documents and settings\brandon holthaus\mqdmbus.sys
2008-07-23 13:57 25,600 a------- c:\documents and settings\brandon holthaus\usbsermptxp.sys
2008-07-23 13:57 22,768 a------- c:\documents and settings\brandon holthaus\usbsermpt.sys
2008-07-23 13:57 6,208 a------- c:\documents and settings\brandon holthaus\mqdmcmnt.sys
2008-03-22 13:42 108 a--shr-- c:\windows\neoqaz2.dll
2008-07-08 14:24 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008070820080709\index.dat

============= FINISH: 19:43:29.35 ===============

Attached Files


Edited by BrandonH, 12 August 2009 - 02:13 AM.


BC AdBot (Login to Remove)

 


#2 BrandonH

BrandonH
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:01:24 PM

Posted 19 August 2009 - 02:09 PM

Just wanted to inform you I no longer need assistance; I used the recovery solution provided with this computer. Thanks for your time though.

#3 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,807 posts
  • ONLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:03:24 PM

Posted 21 August 2009 - 10:56 PM

Hello

Thank you for posting back. Sometimes reformatting and reinstalling is the best solution. I'm glad that your computer problems have been fixed. Since this issue seems to be resolved, this thread will now be closed.

In case you experience any problems with the computer, please start a new topic.

Happy computing,

Orange Blossom :thumbup2:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users