Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Two IEs is one too many


  • This topic is locked This topic is locked
2 replies to this topic

#1 eternalwytch

eternalwytch

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:04 AM

Posted 20 October 2009 - 01:59 PM

What will be below this is all I could get to run. I followed all the procedures and nothing else would run. (Neither DDS / HJT would run)

OTL logfile created on: 10/20/2009 1:52:02 PM - Run 1
OTL by OldTimer - Version 3.0.21.0 Folder = C:\Users\Eternalwytch\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18828)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.96 Gb Total Physical Memory | 2.32 Gb Available Physical Memory | 58.57% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.40 Gb Total Space | 177.91 Gb Free Space | 62.78% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 14.65 Gb Total Space | 6.08 Gb Free Space | 41.52% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ETERNALWYTCH-PC
Current User Name: Eternalwytch
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/10/20 13:49:55 | 00,521,216 | ---- | M] (OldTimer Tools) -- C:\Users\Eternalwytch\Desktop\OTL.exe
PRC - [2009/07/17 23:12:12 | 00,257,440 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWow64\Macromed\Flash\FlashUtil10c.exe
PRC - [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008/12/18 14:05:28 | 00,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2008/05/07 18:41:14 | 00,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2008/05/07 18:41:12 | 00,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007/07/24 11:15:14 | 00,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007/06/05 13:20:32 | 00,177,704 | ---- | M] () -- C:\Windows\SysWOW64\PSIService.exe

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009/05/25 11:09:57 | 00,565,512 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe -- (TMBMServer [Auto | Running])
SRV:64bit: - [2009/03/31 23:25:32 | 00,900,360 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe -- (TmProxy [Auto | Running])
SRV:64bit: - [2009/03/31 23:25:06 | 00,833,872 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe -- (SfCtlCom [Auto | Running])
SRV:64bit: - [2008/12/22 06:35:16 | 00,032,768 | ---- | M] () -- C:\Windows\SysNative\WLTRYSVC.EXE -- (wltrysvc [Auto | Running])
SRV:64bit: - [2008/12/18 14:05:28 | 00,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService [Auto | Running])
SRV:64bit: - [2008/12/15 00:13:46 | 00,281,600 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_cce24a4c\STacSV64.exe -- (STacSV [Auto | Running])
SRV:64bit: - [2008/12/15 00:13:30 | 00,088,576 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_cce24a4c\AESTSr64.exe -- (AESTFilters [Auto | Running])
SRV:64bit: - [2008/01/20 22:47:32 | 00,383,544 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Stopped])
SRV:64bit: - [2006/11/02 07:16:05 | 00,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RUNDLL32.EXE -- (yksvc [Disabled | Stopped])
SRV - [2009/10/19 09:45:59 | 00,348,824 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe -- (sdAuxService [On_Demand | Stopped])
SRV - [2009/08/28 09:24:32 | 00,609,792 | ---- | M] () -- C:\Program Files (x86)\iolo\common\lib\ioloServiceManager.exe -- (ioloSystemService [Auto | Stopped])
SRV - [2009/08/28 09:24:32 | 00,609,792 | ---- | M] () -- C:\Program Files (x86)\iolo\common\lib\ioloServiceManager.exe -- (ioloFileInfoList [Auto | Stopped])
SRV - [2009/08/07 12:43:04 | 00,045,816 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll -- (getPlusHelper [On_Demand | Stopped])
SRV - [2009/07/22 22:44:48 | 01,097,096 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe -- (sdCoreService [On_Demand | Stopped])
SRV - [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort [Auto | Running])
SRV - [2009/04/11 02:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\netlogon.dll -- (Netlogon [On_Demand | Stopped])
SRV - [2009/03/30 00:42:14 | 00,066,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2009/03/30 00:39:54 | 00,089,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64 [On_Demand | Stopped])
SRV - [2009/02/18 14:40:04 | 00,042,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2009/02/18 14:39:11 | 00,857,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008/11/04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2008/11/03 19:15:32 | 00,242,424 | ---- | M] (WildTangent, Inc.) -- C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe -- (GameConsoleService [Disabled | Stopped])
SRV - [2008/05/07 18:41:14 | 00,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON [Auto | Running])
SRV - [2008/03/24 08:35:22 | 00,074,384 | R--- | M] (MicroVision Development, Inc.) -- C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr [Disabled | Stopped])
SRV - [2008/01/20 22:51:36 | 00,344,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])
SRV - [2008/01/20 22:51:36 | 00,153,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
SRV - [2007/07/24 11:15:14 | 00,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2 [Auto | Running])
SRV - [2007/06/05 13:20:32 | 00,177,704 | ---- | M] () -- C:\Windows\SysWOW64\PSIService.exe -- (ProtexisLicensing [Auto | Running])
SRV - [2006/11/02 11:03:48 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped])
SRV - [2006/11/02 09:34:14 | 00,000,000 | ---D | M] -- C:\Windows\SysWow64\Msdtc -- (MSDTC [Unknown | Stopped])
SRV - [2006/11/02 05:46:05 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\keyiso.dll -- (KeyIso [On_Demand | Running])
SRV - [2006/11/02 02:35:15 | 00,060,994 | ---- | M] () -- C:\Windows\SysWow64\Wbem\vds.mof -- (vds [On_Demand | Stopped])
SRV - [2006/11/02 02:35:15 | 00,055,846 | ---- | M] () -- C:\Windows\SysWow64\Wbem\vss.mof -- (VSS [On_Demand | Stopped])
SRV - [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])

========== Driver Services (SafeList) ==========

DRV:64bit: - [2009/05/25 11:10:04 | 00,096,784 | ---- | M] (Trend Micro Inc.) -- C:\Windows\SysNative\DRIVERS\tmtdi.sys -- (tmtdi [System | Running])
DRV:64bit: - [2009/05/22 04:06:36 | 00,257,552 | ---- | M] (Trend Micro Inc.) -- C:\Windows\SysNative\DRIVERS\tmxpflt.sys -- (tmxpflt [Auto | Running])
DRV:64bit: - [2009/05/22 04:05:20 | 00,042,000 | ---- | M] (Trend Micro Inc.) -- C:\Windows\SysNative\DRIVERS\tmpreflt.sys -- (tmpreflt [Auto | Running])
DRV:64bit: - [2009/05/22 03:57:04 | 01,878,544 | ---- | M] (Trend Micro Inc.) -- C:\Windows\SysNative\DRIVERS\vsapint.sys -- (vsapint [Auto | Running])
DRV:64bit: - [2009/05/05 16:46:08 | 00,018,432 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr [On_Demand | Running])
DRV:64bit: - [2009/05/05 16:46:08 | 00,016,896 | ---- | M] (NewTech Infosystems Corporation) -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper [On_Demand | Running])
DRV:64bit: - [2009/04/11 01:39:35 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\WinUSB.SYS -- (winusb [On_Demand | Stopped])
DRV:64bit: - [2009/03/26 08:00:16 | 00,071,168 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RTSTOR64.SYS -- (RTSTOR [On_Demand | Stopped])
DRV:64bit: - [2009/03/19 17:02:00 | 00,311,296 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\SysNative\DRIVERS\OA009Vid.sys -- (OA009Vid [On_Demand | Running])
DRV:64bit: - [2009/03/06 07:33:58 | 00,159,840 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\SysNative\DRIVERS\OA009Ufd.sys -- (OA009Ufd [On_Demand | Running])
DRV:64bit: - [2008/12/22 06:34:48 | 00,022,520 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\BCM42RLY.sys -- (BCM42RLY [On_Demand | Running])
DRV:64bit: - [2008/12/17 05:22:04 | 01,526,776 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys -- (BCM43XX [On_Demand | Running])
DRV:64bit: - [2008/12/15 00:13:56 | 00,472,064 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\DRIVERS\stwrt64.sys -- (STHDA [On_Demand | Running])
DRV:64bit: - [2008/12/09 15:26:50 | 00,023,464 | ---- | M] (EldoS Corporation) -- C:\Windows\SysNative\drivers\elrawdsk.sys -- (ElRawDisk [System | Running])
DRV:64bit: - [2008/12/09 01:12:36 | 08,036,160 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx [On_Demand | Running])
DRV:64bit: - [2008/09/04 01:29:22 | 00,199,728 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Windows\SysNative\DRIVERS\Apfiltr.sys -- (ApfiltrService [On_Demand | Running])
DRV:64bit: - [2008/09/01 06:19:24 | 00,392,192 | ---- | M] (Marvell) -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64 [On_Demand | Running])
DRV:64bit: - [2008/09/01 06:15:58 | 00,395,288 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\iastor.sys -- (iaStor [Boot | Running])
DRV:64bit: - [2008/01/20 22:46:55 | 00,317,952 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys -- (e1express [On_Demand | Stopped])
DRV:64bit: - [2008/01/20 22:46:51 | 00,017,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\CmBatt.sys -- (CmBatt [On_Demand | Running])
DRV:64bit: - [2007/11/14 04:00:00 | 00,053,488 | ---- | M] (Sonic Solutions) -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64 [Boot | Running])
DRV:64bit: - [2006/11/02 03:48:50 | 02,488,320 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (R300 [On_Demand | Stopped])
DRV - [2008/01/20 22:49:57 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\winusb.dll -- (winusb [On_Demand | Stopped])
DRV - [2006/09/18 17:36:40 | 00,003,066 | ---- | M] () -- C:\Windows\SysWow64\Wbem\tcpip.mof -- (Tcpip [Boot | Running])
DRV - [2006/09/18 17:35:23 | 00,001,088 | ---- | M] () -- C:\Windows\SysWow64\Wbem\mpsdrv.mof -- (mpsdrv [On_Demand | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\..\URLSearchHook: {400b24ad-bf1e-4d57-b5a6-75b96c236661} - C:\Program Files (x86)\PaganRadio\tbPag0.dll (Conduit Ltd.)


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3358342653-3288095622-3730743688-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKU\S-1-5-21-3358342653-3288095622-3730743688-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-3358342653-3288095622-3730743688-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\S-1-5-21-3358342653-3288095622-3730743688-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-3358342653-3288095622-3730743688-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://m.www.yahoo.com/ [binary data]
IE - HKU\S-1-5-21-3358342653-3288095622-3730743688-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig
IE - HKU\S-1-5-21-3358342653-3288095622-3730743688-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKU\S-1-5-21-3358342653-3288095622-3730743688-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-3358342653-3288095622-3730743688-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 00 B1 CF 35 AC 4E CA 01 [binary data]
IE - HKU\S-1-5-21-3358342653-3288095622-3730743688-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3358342653-3288095622-3730743688-1000\S-1-5-21-3358342653-3288095622-3730743688-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/06/23 16:45:16 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord\firefox\ext [2009/09/20 11:49:41 | 00,000,000 | ---D | M]


O1 HOSTS File: (743 bytes) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (PaganRadio Toolbar) - {400b24ad-bf1e-4d57-b5a6-75b96c236661} - C:\Program Files (x86)\PaganRadio\tbPag0.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm.dll (Siber Systems Inc.)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (PaganRadio Toolbar) - {400b24ad-bf1e-4d57-b5a6-75b96c236661} - C:\Program Files (x86)\PaganRadio\tbPag0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm.dll (Siber Systems Inc.)
O3 - HKU\S-1-5-21-3358342653-3288095622-3730743688-1000\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-3358342653-3288095622-3730743688-1000\..\Toolbar\WebBrowser: (PaganRadio Toolbar) - {400B24AD-BF1E-4D57-B5A6-75B96C236661} - C:\Program Files (x86)\PaganRadio\tbPag0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-3358342653-3288095622-3730743688-1000\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm.dll (Siber Systems Inc.)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Windows\SysNative\WLTRAY.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [UfSeAgnt.exe] C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe (Trend Micro Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [iolo Startup] C:\Program Files (x86)\iolo\Common\Lib\ioloLManager.exe (iolo technologies, LLC)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.DLL (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.DLL (Microsoft Corporation)
O4 - HKU\S-1-5-21-3358342653-3288095622-3730743688-1000..\Run: [ISUSPM Startup] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKU\S-1-5-21-3358342653-3288095622-3730743688-1000..\Run: [ISUSScheduler] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files (x86)\Dell\DellDock\DellDock.exe File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files (x86)\Dell\DellDock\DellDock.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8:64bit: - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8:64bit: - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8:64bit: - Extra context menu item: RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8:64bit: - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/co...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {75A6AEA3-F26E-4608-AE9B-8DA78C87576E} https://kingsisle.hs.llnwd.net/e1/static/th...ameLauncher.CAB (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.64.150 68.87.75.198
O18:64bit: - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files (x86)\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4be94b93-b1ca-11de-92fe-0023ae3118a6}\Shell\AutoRun\command - "" = restore\restorestarter.exe
O33 - MountPoints2\D\Shell\AutoRun\command - "" = restore\restorestarter.exe
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\SysWow64\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
64bit: O35 - comfile [open] -- "%1" %* File not found
64bit: O35 - exefile [open] -- "%1" %* File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

========== Files/Folders - Created Within 30 Days ==========

[2009/10/05 20:44:20 | 00,000,000 | ---D | C] -- C:\ProgramData\Apple
[2009/10/05 20:45:01 | 00,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2009/10/05 17:50:18 | 00,000,000 | ---D | C] -- C:\ProgramData\GameHouse
[2009/10/19 09:35:57 | 00,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2009/10/05 17:50:12 | 00,000,000 | ---D | C] -- C:\ProgramData\Trymedia
[2009/09/22 15:00:33 | 00,000,000 | ---D | C] -- C:\Users\Eternalwytch\AppData\Roaming\Eyeblaster
[2009/10/19 09:35:57 | 00,000,000 | ---D | C] -- C:\Users\Eternalwytch\AppData\Roaming\PC Tools
[2009/10/05 20:44:23 | 00,000,000 | ---D | C] -- C:\Users\Eternalwytch\AppData\Local\Apple
[2009/10/20 13:49:07 | 00,000,000 | ---D | C] -- C:\Users\Eternalwytch\AppData\Local\Runscanner.net
[2009/10/19 09:36:35 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2009/10/05 20:44:21 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2009/10/16 17:44:19 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Enigma Software Group
[2009/10/05 12:41:15 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\NewTech Infosystems
[2009/09/29 15:33:05 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Oberon Media
[2009/10/05 20:39:19 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2009/10/19 09:35:57 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Spyware Doctor
[2009/10/19 10:01:07 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2009/10/20 13:49:46 | 00,521,216 | ---- | C] (OldTimer Tools) -- C:\Users\Eternalwytch\Desktop\OTL.exe
[2009/10/14 22:57:02 | 00,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMSPDMOD.DLL
[2009/10/14 22:57:02 | 00,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMSPDMOD.DLL
[2009/10/14 22:56:59 | 05,940,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.dll
[2009/10/14 22:56:57 | 09,236,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtml.dll
[2009/10/14 22:56:56 | 12,461,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieframe.dll
[2009/10/14 22:56:55 | 11,069,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieframe.dll
[2009/10/14 22:56:54 | 02,334,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll
[2009/10/14 22:56:54 | 01,985,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iertutil.dll
[2009/10/14 22:56:54 | 01,484,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\urlmon.dll
[2009/10/14 22:56:54 | 01,208,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\urlmon.dll
[2009/10/14 22:56:54 | 01,147,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wininet.dll
[2009/10/14 22:56:54 | 00,916,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll
[2009/10/14 22:56:53 | 01,538,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2009/10/14 22:56:53 | 01,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2009/10/14 22:56:53 | 00,700,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2009/10/14 22:56:53 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2009/10/14 22:56:53 | 00,459,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iedkcs32.dll
[2009/10/14 22:56:53 | 00,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iedkcs32.dll
[2009/10/14 22:56:53 | 00,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2009/10/14 22:56:53 | 00,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2009/10/14 22:56:53 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2009/10/14 22:56:53 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2009/10/14 22:56:53 | 00,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2009/10/14 22:56:53 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2009/10/14 22:56:53 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2009/10/14 22:56:53 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedsbs.dll
[2009/10/14 22:56:52 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.tlb
[2009/10/14 22:56:52 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtml.tlb
[2009/10/14 22:56:52 | 00,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2009/10/14 22:56:52 | 00,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2009/10/14 22:56:52 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2009/10/14 22:56:52 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2009/10/14 22:56:52 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2009/10/14 22:56:52 | 00,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2009/10/14 22:56:52 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2009/10/14 22:56:52 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2009/10/14 22:56:52 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedsbs.dll
[2009/10/14 22:56:52 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2009/10/14 22:56:52 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsproxy.dll
[2009/10/14 22:56:52 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsproxy.dll
[2009/10/14 22:56:52 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2009/10/14 22:56:52 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2009/10/14 22:56:51 | 00,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\srv2.sys
[2009/10/14 22:55:35 | 00,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msv1_0.dll
[2009/10/14 22:55:35 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msv1_0.dll
[2009/10/14 22:55:31 | 04,698,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2009/10/14 22:54:46 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
[2009/10/14 22:54:46 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msasn1.dll
[2009/10/05 12:41:45 | 00,018,432 | ---- | C] (NewTech Infosystems, Inc.) -- C:\Windows\SysNative\drivers\NTIDrvr.sys
[2009/10/05 12:41:44 | 00,016,896 | ---- | C] (NewTech Infosystems Corporation) -- C:\Windows\SysNative\drivers\UBHelper.sys
[2009/10/05 12:41:32 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\nti\Xp_x86
[2009/10/05 12:41:32 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\nti\w2k_x86
[2009/10/05 12:41:32 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\nti\Vista_x86
[2009/10/05 12:41:32 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\nti\Vista_ia64
[2009/10/05 12:41:32 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\nti\Vista_amd64
[2009/10/05 12:41:32 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\nti\2003_x86
[2009/10/05 12:41:32 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\nti\2003_ia64
[2009/10/05 12:41:32 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\nti\2003_amd64
[2009/10/05 12:41:16 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\nti
[2009/10/05 12:40:18 | 00,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2009/10/03 11:49:03 | 02,621,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2009/10/03 11:49:03 | 02,424,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuaueng.dll
[2009/10/03 11:49:03 | 00,057,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2009/10/03 11:49:03 | 00,043,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2009/10/03 11:48:47 | 00,700,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2009/10/03 11:48:47 | 00,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2009/10/03 11:48:47 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2009/10/03 11:48:47 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2009/10/03 11:48:47 | 00,038,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2009/10/03 11:48:47 | 00,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2009/10/03 11:48:39 | 00,185,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2009/10/03 11:48:39 | 00,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2009/10/03 11:48:39 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2009/10/03 11:48:39 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2009/09/27 12:09:54 | 00,000,000 | ---D | C] -- C:\Users\Eternalwytch\Documents\My Received Files
[2009/09/22 14:21:05 | 00,000,000 | ---D | C] -- C:\Users\Eternalwytch\Documents\Pamela Call Recordings
[2009/09/22 14:17:40 | 00,000,000 | ---D | C] -- C:\Users\Eternalwytch\Documents\Skypestuff

========== Files - Modified Within 30 Days ==========

[2009/10/20 13:52:27 | 00,000,743 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfud.bin
[2009/10/20 13:52:27 | 00,000,743 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfss.bin
[2009/10/20 13:51:13 | 00,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/10/20 13:51:13 | 00,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/10/20 13:49:55 | 00,521,216 | ---- | M] (OldTimer Tools) -- C:\Users\Eternalwytch\Desktop\OTL.exe
[2009/10/20 11:51:16 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/10/20 11:51:11 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/10/20 11:51:08 | 42,555,02336 | -HS- | M] () -- C:\hiberfil.sys
[2009/10/19 21:46:36 | 02,425,803 | -H-- | M] () -- C:\Users\Eternalwytch\AppData\Local\IconCache.db
[2009/10/19 15:38:35 | 00,002,828 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2009/10/19 10:01:07 | 00,001,930 | ---- | M] () -- C:\Users\Eternalwytch\Documents\HijackThis.lnk
[2009/10/19 09:36:04 | 00,001,815 | ---- | M] () -- C:\Users\Eternalwytch\Documents\Spyware Doctor.lnk
[2009/10/19 07:22:53 | 01,083,704 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2009/10/19 06:48:59 | 00,000,732 | ---- | M] () -- C:\Users\Eternalwytch\AppData\Local\d3d9caps64.dat
[2009/10/16 17:44:47 | 00,000,743 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2009/10/05 12:41:40 | 00,608,884 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2009/10/05 12:41:39 | 00,709,154 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2009/10/05 12:41:39 | 00,105,952 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2009/10/02 14:40:19 | 26,575,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mrt.exe
[2009/09/23 15:48:27 | 00,000,680 | ---- | M] () -- C:\Users\Eternalwytch\AppData\Local\d3d9caps.dat

========== Files - No Company Name ==========
[2009/10/19 10:01:07 | 00,001,930 | ---- | C] () -- C:\Users\Eternalwytch\Documents\HijackThis.lnk
[2009/10/19 09:51:44 | 02,425,803 | -H-- | C] () -- C:\Users\Eternalwytch\AppData\Local\IconCache.db
[2009/10/19 09:36:04 | 00,001,815 | ---- | C] () -- C:\Users\Eternalwytch\Documents\Spyware Doctor.lnk
[2009/10/19 09:29:30 | 42,555,02336 | -HS- | C] () -- C:\hiberfil.sys
[2009/10/19 06:48:59 | 00,000,732 | ---- | C] () -- C:\Users\Eternalwytch\AppData\Local\d3d9caps64.dat
[2009/09/23 15:46:44 | 00,000,680 | ---- | C] () -- C:\Users\Eternalwytch\AppData\Local\d3d9caps.dat
[2009/09/20 11:50:33 | 00,000,642 | ---- | C] () -- C:\Windows\cdplayer.ini
[2009/08/01 13:02:29 | 00,229,784 | ---- | C] () -- C:\Users\Eternalwytch\AppData\Local\dd_ATL90SP1_KB973924MSI6F4F.txt
[2009/08/01 13:02:27 | 00,011,716 | ---- | C] () -- C:\Users\Eternalwytch\AppData\Local\dd_ATL90SP1_KB973924UI6F4F.txt
[2009/08/01 13:02:11 | 00,545,020 | ---- | C] () -- C:\Users\Eternalwytch\AppData\Local\dd_ATL80SP1_KB973923MSI6F14.txt
[2009/08/01 13:02:09 | 00,011,780 | ---- | C] () -- C:\Users\Eternalwytch\AppData\Local\dd_ATL80SP1_KB973923UI6F14.txt
[2009/08/01 13:01:27 | 00,544,642 | ---- | C] () -- C:\Users\Eternalwytch\AppData\Local\dd_ATL80SP1_KB973923MSI6E81.txt
[2009/08/01 13:01:24 | 00,011,780 | ---- | C] () -- C:\Users\Eternalwytch\AppData\Local\dd_ATL80SP1_KB973923UI6E81.txt
[2009/08/01 12:19:31 | 00,001,954 | ---- | C] () -- C:\Users\Eternalwytch\AppData\Roaming\SAS7_000.DAT
[2009/07/22 17:32:23 | 00,031,049 | ---- | C] () -- C:\Users\Eternalwytch\AppData\Roaming\UserTile.png
[2009/06/11 18:20:49 | 00,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/06/05 21:01:33 | 00,001,152 | ---- | C] () -- C:\Windows\SysWow64\windrv.sys
[2009/05/31 17:45:06 | 00,002,828 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2009/05/31 17:45:06 | 00,000,088 | RHS- | C] () -- C:\Windows\SysWow64\19B76B223D.sys
[2009/05/30 00:25:05 | 00,010,752 | ---- | C] () -- C:\Users\Eternalwytch\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/05/30 00:22:50 | 00,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2009/05/30 00:22:50 | 00,000,088 | RHS- | C] () -- C:\ProgramData\38E9C1C82D.sys
[2009/05/29 23:41:33 | 00,000,271 | ---- | C] () -- C:\Windows\SysMech.INI
[2009/05/27 16:53:06 | 00,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/05/27 16:52:10 | 00,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/05/25 22:16:10 | 00,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/05/24 21:44:56 | 00,000,000 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll
[2009/05/24 20:57:40 | 00,002,518 | ---- | C] () -- C:\Program Files (x86)\INSTALL.LOG
[2009/05/24 20:39:38 | 00,456,488 | ---- | C] () -- C:\Users\Eternalwytch\AppData\Local\GDIPFONTCACHEV1.DAT
[2008/01/20 22:50:05 | 00,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006/11/02 11:25:49 | 00,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini
[2006/11/02 11:25:49 | 00,000,174 | -HS- | C] () -- C:\Program Files (x86)\desktop.ini
[2006/11/02 08:34:27 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 08:34:27 | 00,000,166 | ---- | C] () -- C:\Windows\win.ini

========== Alternate Data Streams ==========

@Alternate Data Stream - 222 bytes -> C:\ProgramData\TEMP:F35A93AD
@Alternate Data Stream - 193 bytes -> C:\ProgramData\TEMP:1E66EE85
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report >


======================================
OTL Extras logfile created on: 10/20/2009 1:52:02 PM - Run 1
OTL by OldTimer - Version 3.0.21.0 Folder = C:\Users\Eternalwytch\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18828)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.96 Gb Total Physical Memory | 2.32 Gb Available Physical Memory | 58.57% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.40 Gb Total Space | 177.91 Gb Free Space | 62.78% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 14.65 Gb Total Space | 6.08 Gb Free Space | 41.52% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ETERNALWYTCH-PC
Current User Name: Eternalwytch
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta[@ = htafile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.reg[@ = regfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.scr[@ = scrfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3358342653-3288095622-3730743688-1000\SOFTWARE\Classes\<extension>]
.txt [@ = txtfile] -- C:\Program Files (x86)\JGsoft\EditPadLite\EditPadLite.exe (Just Great Software)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %* File not found
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %* File not found
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- NOTEPAD.EXE %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Mic

BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:06:04 AM

Posted 30 October 2009 - 08:15 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

Please post a new OTL log.

Thanks :(
Posted Image
m0le is a proud member of UNITE

#3 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:06:04 AM

Posted 03 November 2009 - 09:47 AM

Since this issue appears to be resolved ... this topic has been closed. Glad we could help. :(

If you're the topic starter, and need this topic reopened, please contact me via pm with the address of the thread.

Everyone else please begin a New Topic.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users