Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

OTL Log


  • This topic is locked This topic is locked
4 replies to this topic

#1 glenforder

glenforder

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:49 AM

Posted 02 July 2010 - 02:32 PM

OTL logfile created on: 7/2/2010 3:29:40 PM - Run 1
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 86.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 148.80 Gb Total Space | 6.58 Gb Free Space | 4.42% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 1.89 Gb Total Space | 0.51 Gb Free Space | 27.01% Space Free | Partition Type: FAT
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: GLEN
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: SafeMode with Networking
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/07/03 03:20:56 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
PRC - [2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2010/07/03 03:20:56 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
MOD - [2007/04/18 12:12:23 | 002,854,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msi.dll
MOD - [2006/08/25 12:45:56 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2004/08/10 08:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2001/02/07 03:17:02 | 000,364,607 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\INK\SKCHUI.DLL


========== Win32 Services (SafeList) ==========

SRV - [2007/12/18 14:40:02 | 000,181,784 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildTangent\Apps\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2007/10/25 15:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc)
SRV - [2007/01/19 12:54:14 | 000,097,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\MSN Messenger\usnsvc.exe -- (usnjsvc)
SRV - [2006/09/14 01:00:46 | 000,241,737 | ---- | M] (Trend Micro Incorporated.) [Auto | Stopped] -- C:\Program Files\Trend Micro\Antivirus\Tmntsrv.exe -- (Tmntsrv)
SRV - [2006/09/14 01:00:46 | 000,204,873 | ---- | M] (Trend Micro Incorporated.) [Auto | Stopped] -- C:\Program Files\Trend Micro\Antivirus\tmproxy.exe -- (tmproxy)
SRV - [2005/12/20 15:22:14 | 000,035,328 | ---- | M] (TOSHIBA Corp.) [Auto | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe -- (TAPPSRV)
SRV - [2005/11/28 15:31:32 | 000,540,745 | ---- | M] (Intel Corporation ) [Auto | Stopped] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor) Intel®
SRV - [2005/11/28 15:29:00 | 000,114,753 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel®
SRV - [2005/11/28 15:28:14 | 000,217,164 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel®
SRV - [2005/07/12 21:14:42 | 000,040,960 | ---- | M] () [Auto | Stopped] -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe -- (Swupdtmr)
SRV - [2005/01/17 20:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2004/09/29 12:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2004/08/28 04:33:00 | 000,110,592 | ---- | M] (Matsubleepa Electric Industrial Co., Ltd.) [Auto | Stopped] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service)


========== Driver Services (SafeList) ==========

DRV - [2008/12/28 01:48:10 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2008/06/10 06:37:10 | 001,169,240 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\VsapiNT.sys -- (Vsapint)
DRV - [2008/06/10 06:37:10 | 000,204,816 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\tmxpflt.sys -- (Tmfilter)
DRV - [2008/06/10 06:37:10 | 000,036,368 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\tmpreflt.sys -- (Tmpreflt)
DRV - [2006/09/14 01:00:48 | 000,014,976 | ---- | M] (Trend Micro Inc.) [Kernel | System | Stopped] -- C:\WINDOWS\System32\Drivers\tmtdi.sys -- (tmtdi)
DRV - [2005/12/16 04:15:06 | 000,191,936 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2005/12/09 20:48:40 | 004,123,136 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005/12/04 13:55:30 | 001,428,096 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel®
DRV - [2005/11/30 15:01:02 | 000,043,392 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tvs.sys -- (Tvs)
DRV - [2005/11/30 14:12:00 | 000,162,560 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2005/11/28 16:09:26 | 000,013,568 | ---- | M] (Intel Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2005/11/25 06:38:00 | 000,028,800 | ---- | M] (UPEK Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tcusb.sys -- (TcUsb)
DRV - [2005/11/15 13:00:22 | 001,122,656 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2005/10/20 18:03:42 | 000,006,144 | ---- | M] (Toshiba Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NBSMI.sys -- (TVALD)
DRV - [2005/10/06 09:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005/10/06 09:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005/10/06 09:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005/10/06 09:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005/10/06 09:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005/10/06 09:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005/10/06 09:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005/09/14 06:24:08 | 000,179,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel®
DRV - [2005/09/12 07:30:00 | 000,089,264 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS -- (DRVMCDB)
DRV - [2005/08/25 16:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005/08/25 16:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005/08/24 19:20:28 | 000,009,472 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tbiosdrv.sys -- (tbiosdrv)
DRV - [2005/08/12 09:20:00 | 000,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM)
DRV - [2005/06/02 07:33:00 | 000,102,384 | ---- | M] (Matsubleepa Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf)
DRV - [2005/01/12 04:05:46 | 000,204,160 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\KR10N.sys -- (KR10N)
DRV - [2005/01/07 21:07:18 | 000,138,752 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004/08/04 00:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2003/09/19 05:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)
DRV - [2003/09/11 03:36:54 | 000,021,060 | ---- | M] (InterVideo, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iviaspi.sys -- (Iviaspi)
DRV - [2003/03/27 16:12:36 | 000,015,360 | R--- | M] (CEntrance, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ceusbaud.sys -- (CEUSBAUD)
DRV - [2003/01/29 18:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)
DRV - [2003/01/10 16:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2001/07/13 03:26:08 | 000,005,317 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfec.sys -- (tosrfec)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.toshibadirect.com/dpdstart
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.toshibadirect.com/dpdstart
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.toshibadirect.com/dpdstart

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.toshibadirect.com/dpdstart

IE - HKU\S-1-5-21-150929562-2421574482-4148046166-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-150929562-2421574482-4148046166-500\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-150929562-2421574482-4148046166-500\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerm...tf8&oe=utf8
IE - HKU\S-1-5-21-150929562-2421574482-4148046166-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.toshibadirect.com/dpdstart
IE - HKU\S-1-5-21-150929562-2421574482-4148046166-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========


FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/29 07:35:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/29 07:35:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/29 07:35:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/29 07:35:19 | 000,000,000 | ---D | M]

[2008/03/02 02:55:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\moi7dj1c.default\extensions
[2010/06/29 07:45:28 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008/06/12 02:13:32 | 000,075,184 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll
[2007/07/10 09:18:10 | 000,069,632 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npitunes.dll

O1 HOSTS File: ([2007/03/21 15:15:09 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-150929562-2421574482-4148046166-500\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [C2K] C:\WINDOWS\Cyb2k.exe (Solid Oak Software, Inc.)
O4 - HKLM..\Run: [dla] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\imekrmig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [OM2_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe (OLYMPUS IMAGING CORP.)
O4 - HKLM..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe File not found
O4 - HKLM..\Run: [pccguide.exe] C:\Program Files\Trend Micro\Antivirus\pccguide.exe (Trend Micro Incorporated.)
O4 - HKLM..\Run: [PCClient.exe] C:\Program Files\Trend Micro\Antivirus\PCClient.exe (Trend Micro Incorporated.)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TDispVol] C:\WINDOWS\System32\TDispVol.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TFncKy] File not found
O4 - HKLM..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe (TOSHIBA)
O4 - HKLM..\Run: [TM Outbreak Agent] C:\Program Files\Trend Micro\Antivirus\TMOAgent.exe (Trend Micro Incorporated.)
O4 - HKLM..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe (TOSHIBA Corporation)
O4 - HKU\S-1-5-21-150929562-2421574482-4148046166-500..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth Monitor.lnk = C:\Program Files\TOSHIBA\Bluetooth Monitor\BtMon2.exe (TOSHIBA)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\Glen Sr\Start Menu\Programs\Startup\Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Owner\Start Menu\Programs\Startup\Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-150929562-2421574482-4148046166-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\lspcs.dll (Solid Oak)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\lspcs.dll (Solid Oak)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\lspcs.dll (Solid Oak)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\lspcs.dll (Solid Oak)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\lspcs.dll (Solid Oak)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\WINDOWS\System32\lspcs.dll (Solid Oak)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab (Solitaire Showdown Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab (Minesweeper Flags Class)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\WRNotifier: DllName - WRLogonNTF.dll - File not found
O24 - Desktop WallPaper: C:\WINDOWS\Toshiba.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Toshiba.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/02/15 11:38:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/07/02 15:21:31 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2010/07/02 15:13:01 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/07/02 15:12:59 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/07/02 15:12:59 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/07/02 14:40:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
[2010/07/02 14:40:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/07/02 14:40:11 | 006,153,376 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator\Desktop\mbam-setup.exe
[2006/02/15 12:25:00 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\DLLVGA.dll
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/07/03 03:20:56 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2010/07/03 03:10:02 | 000,059,664 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\mbam-clean.exe
[2010/07/03 02:16:32 | 006,153,376 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator\Desktop\mbam-setup.exe
[2010/07/02 15:13:04 | 000,000,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/07/02 15:12:26 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/07/02 15:11:42 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/07/02 15:11:03 | 002,097,152 | -H-- | M] () -- C:\Documents and Settings\Administrator\ntuser.dat
[2010/07/02 15:10:55 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010/07/02 15:10:53 | 005,296,656 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2010/07/02 14:38:13 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/07/02 14:34:39 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/07/02 14:34:34 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/07/02 14:33:50 | 000,000,770 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/07/02 12:26:23 | 000,000,025 | ---- | M] () -- C:\WINDOWS\liccyval.dat
[2010/07/02 12:13:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/07/01 11:39:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/06/30 18:00:00 | 000,000,558 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for Owner.job
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/07/02 15:13:04 | 000,000,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/07/02 15:10:37 | 000,059,664 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\mbam-clean.exe
[2009/06/30 22:39:51 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\TosBthSupport.dll
[2008/11/06 12:37:32 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/11/06 12:34:00 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/11/06 12:34:00 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/11/06 12:33:02 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/09/29 00:46:26 | 000,139,430 | ---- | C] () -- C:\WINDOWS\System32\urifil.dll
[2008/09/29 00:46:26 | 000,000,782 | ---- | C] () -- C:\WINDOWS\System32\snetbonly.dll
[2008/09/29 00:46:23 | 000,039,360 | ---- | C] () -- C:\WINDOWS\System32\bugreport.dll
[2007/10/12 21:00:35 | 000,000,040 | ---- | C] () -- C:\WINDOWS\System32\usrgfil.dll
[2007/10/11 21:55:30 | 000,000,036 | ---- | C] () -- C:\WINDOWS\System32\usrfil.dll
[2007/09/29 12:15:51 | 000,000,409 | ---- | C] () -- C:\WINDOWS\Trpmaker.INI
[2007/09/29 12:15:11 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2007/09/29 12:15:11 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\PlugFile.dll
[2007/09/29 12:15:09 | 000,038,688 | ---- | C] () -- C:\WINDOWS\System32\LEADDIB.DRV
[2007/09/29 12:15:09 | 000,011,136 | ---- | C] () -- C:\WINDOWS\System32\FPRUN300.DLL
[2007/08/07 03:52:31 | 000,158,856 | ---- | C] () -- C:\WINDOWS\System32\pxyfil.dll
[2007/04/24 18:13:30 | 000,014,412 | ---- | C] () -- C:\WINDOWS\System32\tafil.dll
[2007/04/24 18:13:30 | 000,006,830 | ---- | C] () -- C:\WINDOWS\System32\swfil.dll
[2007/04/24 18:13:30 | 000,005,394 | ---- | C] () -- C:\WINDOWS\System32\wrestfil.dll
[2007/04/24 18:13:30 | 000,002,164 | ---- | C] () -- C:\WINDOWS\System32\wzfil.dll
[2007/04/24 18:13:30 | 000,001,656 | ---- | C] () -- C:\WINDOWS\System32\tapfil.dll
[2007/04/24 18:13:29 | 000,022,384 | ---- | C] () -- C:\WINDOWS\System32\perfil.dll
[2007/04/24 18:13:29 | 000,017,672 | ---- | C] () -- C:\WINDOWS\System32\nvgamfil.dll
[2007/04/24 18:13:29 | 000,016,732 | ---- | C] () -- C:\WINDOWS\System32\popfil.dll
[2007/04/24 18:13:29 | 000,013,112 | ---- | C] () -- C:\WINDOWS\System32\finfil.dll
[2007/04/24 18:13:29 | 000,012,486 | ---- | C] () -- C:\WINDOWS\System32\psyfil.dll
[2007/04/24 18:13:29 | 000,012,114 | ---- | C] () -- C:\WINDOWS\System32\sporfil.dll
[2007/04/24 18:13:29 | 000,011,164 | ---- | C] () -- C:\WINDOWS\System32\fmfil.dll
[2007/04/24 18:13:29 | 000,009,636 | ---- | C] () -- C:\WINDOWS\System32\gnfil.dll
[2007/04/24 18:13:29 | 000,008,652 | ---- | C] () -- C:\WINDOWS\System32\jbfil.dll
[2007/04/24 18:13:29 | 000,007,638 | ---- | C] () -- C:\WINDOWS\System32\movfil.dll
[2007/04/24 18:13:29 | 000,007,446 | ---- | C] () -- C:\WINDOWS\System32\pkmon.dll
[2007/04/24 18:13:29 | 000,001,816 | ---- | C] () -- C:\WINDOWS\System32\fshrfil.dll
[2007/04/24 18:13:29 | 000,000,724 | ---- | C] () -- C:\WINDOWS\System32\spmfil.dll
[2007/04/24 18:13:29 | 000,000,670 | ---- | C] () -- C:\WINDOWS\System32\mp3fil.dll
[2007/04/24 18:13:29 | 000,000,540 | ---- | C] () -- C:\WINDOWS\System32\srchfrgn.dll
[2007/04/24 18:13:29 | 000,000,194 | ---- | C] () -- C:\WINDOWS\System32\igefil.dll
[2007/04/24 18:13:29 | 000,000,116 | ---- | C] () -- C:\WINDOWS\System32\nfil.dll
[2007/04/24 18:13:29 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\macfil.dll
[2007/04/24 18:13:29 | 000,000,018 | ---- | C] () -- C:\WINDOWS\System32\lastupdate.dll
[2007/04/24 18:13:28 | 000,012,350 | ---- | C] () -- C:\WINDOWS\System32\entfil.dll
[2007/04/24 18:13:28 | 000,007,504 | ---- | C] () -- C:\WINDOWS\System32\auctfil.dll
[2007/04/24 18:13:28 | 000,001,790 | ---- | C] () -- C:\WINDOWS\System32\csnews.dll
[2007/04/24 18:13:28 | 000,000,400 | ---- | C] () -- C:\WINDOWS\System32\bsnlst.dll
[2007/04/24 18:13:28 | 000,000,100 | ---- | C] () -- C:\WINDOWS\System32\bnrfil.dll
[2007/04/04 21:08:29 | 000,095,588 | ---- | C] () -- C:\WINDOWS\System32\adwfil.dll
[2007/04/04 21:08:29 | 000,013,034 | ---- | C] () -- C:\WINDOWS\System32\gblfil.dll
[2007/04/04 21:08:29 | 000,010,862 | ---- | C] () -- C:\WINDOWS\System32\chtfil.dll
[2007/04/04 21:08:29 | 000,005,880 | ---- | C] () -- C:\WINDOWS\System32\wfileu.drv
[2007/04/04 21:08:29 | 000,005,260 | ---- | C] () -- C:\WINDOWS\System32\iawfil.dll
[2007/04/04 21:08:29 | 000,004,826 | ---- | C] () -- C:\WINDOWS\System32\vgamfil.dll
[2007/04/04 21:08:29 | 000,004,442 | ---- | C] () -- C:\WINDOWS\System32\hatfil.dll
[2007/04/04 21:08:29 | 000,003,818 | ---- | C] () -- C:\WINDOWS\System32\viofil.dll
[2007/04/04 21:08:29 | 000,003,444 | ---- | C] () -- C:\WINDOWS\System32\srchin.dll
[2007/04/04 21:08:29 | 000,003,360 | ---- | C] () -- C:\WINDOWS\System32\lgwfil.dll
[2007/04/04 21:08:29 | 000,001,830 | ---- | C] () -- C:\WINDOWS\System32\cultfil.dll
[2007/04/04 21:08:29 | 000,001,468 | ---- | C] () -- C:\WINDOWS\System32\gdwfil.dll
[2007/04/04 21:08:29 | 000,001,100 | ---- | C] () -- C:\WINDOWS\System32\imgfil.dll
[2007/04/04 21:08:29 | 000,000,652 | ---- | C] () -- C:\WINDOWS\System32\snetfil.dll
[2007/04/04 21:08:29 | 000,000,400 | ---- | C] () -- C:\WINDOWS\bsnlst.dll
[2007/04/04 21:08:29 | 000,000,306 | ---- | C] () -- C:\WINDOWS\System32\picsfil.dll
[2007/04/04 21:08:29 | 000,000,258 | ---- | C] () -- C:\WINDOWS\System32\srchout.dll
[2007/04/04 21:08:26 | 000,334,174 | ---- | C] () -- C:\WINDOWS\sqlite3.dll
[2007/01/22 14:29:08 | 000,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini
[2007/01/22 14:28:56 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2007/01/22 14:26:30 | 000,000,234 | ---- | C] () -- C:\WINDOWS\PrnHlpLogConfig.ini
[2007/01/22 14:25:20 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_InstantSHareJPG.ini
[2007/01/22 14:25:02 | 000,000,217 | ---- | C] () -- C:\WINDOWS\HP_IZClosingDiscErrorPatch.ini
[2007/01/22 14:23:51 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2007/01/13 15:27:44 | 000,684,032 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2007/01/13 15:27:44 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2006/09/28 19:45:11 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/05/13 18:56:11 | 000,000,004 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/02/25 00:28:54 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\TDispVol.dll
[2006/02/16 11:07:58 | 000,000,012 | ---- | C] () -- C:\WINDOWS\dirsaver.ini
[2006/02/16 05:50:52 | 000,000,222 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/02/16 05:25:21 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006/02/16 05:25:21 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006/02/16 05:25:21 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006/02/16 05:25:21 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006/02/16 05:25:21 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006/02/16 05:25:21 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006/02/15 12:41:53 | 000,036,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\CSIIDecoder_kern_i386.sys
[2006/02/15 12:41:53 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSXT_kern_i386.sys
[2006/02/15 12:40:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2006/02/15 12:28:50 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2006/02/15 12:28:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2006/02/15 12:28:50 | 000,010,165 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2006/02/15 12:28:50 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2006/02/15 12:25:00 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll
[2006/02/15 12:21:53 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2006/02/15 11:44:19 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/02/15 11:34:07 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2006/02/15 10:09:00 | 000,000,341 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/11/29 00:33:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/08/24 19:20:28 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\tbiosdrv.sys
[2005/08/05 18:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2003/01/07 19:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/07/06 16:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
< End of report >

BC AdBot (Login to Remove)

 


#2 glenforder

glenforder
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:49 AM

Posted 02 July 2010 - 03:07 PM

OTL logfile created on: 7/2/2010 4:02:58 PM - Run 2
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 77.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 92.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 148.80 Gb Total Space | 4.57 Gb Free Space | 3.07% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 1.89 Gb Total Space | 0.51 Gb Free Space | 26.99% Space Free | Partition Type: FAT
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: GLEN
Current User Name: Owner
NOT logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/07/03 03:45:14 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTH.scr
PRC - [2010/07/03 03:20:56 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2010/07/02 08:42:59 | 000,288,512 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\wticuwtue\ultwsrptssd.exe
PRC - [2010/05/18 22:59:51 | 001,238,352 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2008/06/10 04:27:04 | 000,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
PRC - [2008/01/11 23:16:38 | 000,039,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
PRC - [2007/06/17 01:25:42 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/01/21 01:28:46 | 003,342,336 | ---- | M] (Solid Oak Software, Inc.) -- C:\WINDOWS\Cyb2k.exe
PRC - [2006/09/14 01:00:46 | 000,290,816 | ---- | M] (Trend Micro Incorporated.) -- C:\Program Files\Trend Micro\Antivirus\TMOAgent.exe
PRC - [2006/09/14 01:00:44 | 000,950,337 | ---- | M] (Trend Micro Incorporated.) -- C:\Program Files\Trend Micro\Antivirus\pccguide.exe
PRC - [2006/09/14 01:00:44 | 000,634,949 | ---- | M] (Trend Micro Incorporated.) -- C:\Program Files\Trend Micro\Antivirus\PCClient.exe
PRC - [2006/01/05 18:02:24 | 000,352,256 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSHIBA Applet\THotkey.exe
PRC - [2005/12/16 04:34:16 | 000,082,009 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2005/12/16 04:21:00 | 000,151,552 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\Toshiba.exe
PRC - [2005/12/05 16:37:40 | 000,667,718 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2005/11/30 16:25:22 | 000,073,728 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
PRC - [2005/11/28 15:41:50 | 000,602,182 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2005/10/06 09:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE
PRC - [2005/08/16 15:23:12 | 000,188,416 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
PRC - [2005/04/26 20:13:20 | 000,122,880 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
PRC - [2005/03/11 19:03:16 | 000,073,728 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TDispVol.exe
PRC - [2004/09/29 12:14:36 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe


========== Modules (SafeList) ==========

MOD - [2010/07/03 03:20:56 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
MOD - [2007/04/18 12:12:23 | 002,854,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msi.dll
MOD - [2006/08/25 12:45:56 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2004/08/10 08:00:00 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2004/08/10 08:00:00 | 000,250,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ime\SPTIP.dll
MOD - [2004/08/10 08:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2004/08/10 08:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ime\SPGRMR.dll
MOD - [2002/03/03 08:40:00 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\TDispVol.dll
MOD - [2001/02/07 01:48:22 | 000,372,802 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\INK\PENUSA.DLL


========== Win32 Services (SafeList) ==========


========== Driver Services (SafeList) ==========


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.toshibadirect.com/dpdstart
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.toshibadirect.com/dpdstart
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-150929562-2421574482-4148046166-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-150929562-2421574482-4148046166-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-150929562-2421574482-4148046166-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerm...tf8&oe=utf8
IE - HKU\S-1-5-21-150929562-2421574482-4148046166-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://webmail.fuse.net/
IE - HKU\S-1-5-21-150929562-2421574482-4148046166-1005\Software\Microsoft\Internet Explorer\SearchURL\CNNSI, = search.sportsillustrated.cnn.com/pages/search.jsp?query=%s
IE - HKU\S-1-5-21-150929562-2421574482-4148046166-1005\Software\Microsoft\Internet Explorer\SearchURL\Dictionary, = dictionary.reference.com/search?q=%s
IE - HKU\S-1-5-21-150929562-2421574482-4148046166-1005\Software\Microsoft\Internet Explorer\SearchURL\Google, = google.com/search?q=%s
IE - HKU\S-1-5-21-150929562-2421574482-4148046166-1005\Software\Microsoft\Internet Explorer\SearchURL\GoogleGroups, = groups-beta.google.com/groups?q=%s
IE - HKU\S-1-5-21-150929562-2421574482-4148046166-1005\Software\Microsoft\Internet Explorer\SearchURL\GoogleImages, = . .com/images?hl=en&lr=&q=%s
IE - HKU\S-1-5-21-150929562-2421574482-4148046166-1005\Software\Microsoft\Internet Explorer\SearchURL\GoogleNews, = news.google.com/news?tab=gn&hl=en&ie=UTF-8&q=%s&btnG=Search+News
IE - HKU\S-1-5-21-150929562-2421574482-4148046166-1005\Software\Microsoft\Internet Explorer\SearchURL\KB, = support.microsoft.com/search/default.aspx?query=%s
IE - HKU\S-1-5-21-150929562-2421574482-4148046166-1005\Software\Microsoft\Internet Explorer\SearchURL\KBDLL, = support.microsoft.com/dllhelp/default.aspx?dlltype=file&l=55&alpha=%s&S=1
IE - HKU\S-1-5-21-150929562-2421574482-4148046166-1005\Software\Microsoft\Internet Explorer\SearchURL\Movies, = fandango.com/my_box_office.asp?searchby=2&txtCityZip=%s
IE - HKU\S-1-5-21-150929562-2421574482-4148046166-1005\Software\Microsoft\Internet Explorer\SearchURL\MSN, = search.msn.com/results.asp?q=%s
IE - HKU\S-1-5-21-150929562-2421574482-4148046166-1005\Software\Microsoft\Internet Explorer\SearchURL\Thesaurus, = thesaurus.reference.com/search?q=%s
IE - HKU\S-1-5-21-150929562-2421574482-4148046166-1005\Software\Microsoft\Internet Explorer\SearchURL\Weather, = weather.com/weather/local/%s
IE - HKU\S-1-5-21-150929562-2421574482-4148046166-1005\Software\Microsoft\Internet Explorer\SearchURL\Yahoo, = search.yahoo.com/search?p=%s
IE - HKU\S-1-5-21-150929562-2421574482-4148046166-1005\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-150929562-2421574482-4148046166-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-150929562-2421574482-4148046166-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-150929562-2421574482-4148046166-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5577

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 44
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.07103010
FF - prefs.js..extensions.enabledItems: NPDyyno@dyyno.com:1.0.0.24

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/29 07:35:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/29 07:35:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/29 07:35:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/29 07:35:19 | 000,000,000 | ---D | M]

[2008/08/27 05:49:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2010/06/29 07:45:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ohy4z0m.default\extensions
[2010/02/14 20:51:17 | 000,000,000 | ---D | M] (Rikaichan) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ohy4z0m.default\extensions\{0AA9101C-D3C1-4129-A9B7-D778C6A17F82}
[2010/02/16 15:55:11 | 000,000,000 | ---D | M] (Japanese-English Dictionary for rikaichan) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ohy4z0m.default\extensions\{6D898772-AD34-4c16-86BB-9DE787A5DEA0}
[2009/09/10 16:00:33 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ohy4z0m.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2008/09/27 06:52:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ohy4z0m.default\extensions\moveplayer@movenetworks.com
[2009/05/30 20:19:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ohy4z0m.default\extensions\NPDyyno@dyyno.com
[2008/08/01 10:27:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ohy4z0m.default\extensions\SolidStateION@solidstatenetworks.com
[2010/06/29 07:45:28 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008/06/12 02:13:32 | 000,075,184 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll
[2007/07/10 09:18:10 | 000,069,632 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npitunes.dll

O1 HOSTS File: ([2007/03/21 15:15:09 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-150929562-2421574482-4148046166-1005\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [C2K] C:\WINDOWS\Cyb2k.exe (Solid Oak Software, Inc.)
O4 - HKLM..\Run: [dla] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\imekrmig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [OM2_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe (OLYMPUS IMAGING CORP.)
O4 - HKLM..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe File not found
O4 - HKLM..\Run: [pccguide.exe] C:\Program Files\Trend Micro\Antivirus\pccguide.exe (Trend Micro Incorporated.)
O4 - HKLM..\Run: [PCClient.exe] C:\Program Files\Trend Micro\Antivirus\PCClient.exe (Trend Micro Incorporated.)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TDispVol] C:\WINDOWS\System32\TDispVol.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TFncKy] File not found
O4 - HKLM..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe (TOSHIBA)
O4 - HKLM..\Run: [TM Outbreak Agent] C:\Program Files\Trend Micro\Antivirus\TMOAgent.exe (Trend Micro Incorporated.)
O4 - HKLM..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe (TOSHIBA Corporation)
O4 - HKU\S-1-5-21-150929562-2421574482-4148046166-1005..\Run: [OM2_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe (OLYMPUS IMAGING CORP.)
O4 - HKU\S-1-5-21-150929562-2421574482-4148046166-1005..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-150929562-2421574482-4148046166-1005..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-150929562-2421574482-4148046166-1005..\Run: [ustqkdbl] C:\Documents and Settings\Owner\Local Settings\Application Data\wticuwtue\ultwsrptssd.exe ()
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth Monitor.lnk = C:\Program Files\TOSHIBA\Bluetooth Monitor\BtMon2.exe (TOSHIBA)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\Owner\Start Menu\Programs\Startup\Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-150929562-2421574482-4148046166-1005\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-150929562-2421574482-4148046166-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-150929562-2421574482-4148046166-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-150929562-2421574482-4148046166-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\lspcs.dll (Solid Oak)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\lspcs.dll (Solid Oak)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\lspcs.dll (Solid Oak)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\lspcs.dll (Solid Oak)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\lspcs.dll (Solid Oak)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\WINDOWS\System32\lspcs.dll (Solid Oak)
O15 - HKU\S-1-5-21-150929562-2421574482-4148046166-1005\..Trusted Domains: turbotax.com ([]https in Trusted sites)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab (Solitaire Showdown Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 216.68.4.10 216.68.5.10
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - Explorer.exe ()
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\WRNotifier: DllName - WRLogonNTF.dll - File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/02/15 11:38:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{c6c15dba-abef-11db-b525-0018de2aeab0}\Shell - "" = AutoRun
O33 - MountPoints2\{c6c15dba-abef-11db-b525-0018de2aeab0}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c6c15dba-abef-11db-b525-0018de2aeab0}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/07/02 15:46:26 | 000,258,560 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTH.scr
[2010/07/02 15:41:19 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2010/07/02 15:13:01 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/07/02 15:12:59 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/07/02 15:12:59 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/07/02 14:40:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/07/02 14:37:26 | 006,153,376 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Owner\Desktop\mbam-setup.exe
[2010/07/02 08:43:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\wticuwtue
[2006/02/15 12:25:00 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\DLLVGA.dll
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/07/03 03:45:14 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTH.scr
[2010/07/03 03:20:56 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2010/07/03 02:20:24 | 000,363,520 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\eXplorer.exe
[2010/07/03 02:16:32 | 006,153,376 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Owner\Desktop\mbam-setup.exe
[2010/07/03 02:11:00 | 000,363,520 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\iExplore.exe
[2010/07/02 16:03:07 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/07/02 16:02:25 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/07/02 16:02:17 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/07/02 16:02:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/07/02 16:01:59 | 2137,051,136 | -HS- | M] () -- C:\hiberfil.sys
[2010/07/02 16:01:28 | 006,815,744 | ---- | M] () -- C:\Documents and Settings\Owner\ntuser.dat
[2010/07/02 16:01:19 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Owner\ntuser.ini
[2010/07/02 15:13:04 | 000,000,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/07/02 15:12:26 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/07/02 14:38:02 | 007,501,620 | -H-- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\IconCache.db
[2010/07/02 14:33:50 | 000,000,770 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/07/02 12:26:23 | 000,000,025 | ---- | M] () -- C:\WINDOWS\liccyval.dat
[2010/07/02 12:13:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/07/01 11:39:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/06/30 18:00:00 | 000,000,558 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for Owner.job
[2010/06/30 12:03:52 | 009,654,882 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\ec_patch_353-356.cup
[2010/06/23 02:15:03 | 002,504,196 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\The Wallflowers - One Headlight.mp3
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/07/03 02:10:58 | 000,363,520 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\iExplore.exe
[2010/07/02 15:38:47 | 2137,051,136 | -HS- | C] () -- C:\hiberfil.sys
[2010/07/02 15:13:04 | 000,000,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/07/02 14:21:00 | 000,363,520 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\eXplorer.exe
[2010/07/02 02:22:17 | 000,007,479 | RH-- | C] () -- C:\Documents and Settings\Owner\20100702.log
[2010/07/01 01:17:37 | 000,019,707 | RH-- | C] () -- C:\Documents and Settings\Owner\20100701.log
[2010/06/30 12:03:18 | 009,654,882 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\ec_patch_353-356.cup
[2010/06/30 00:11:30 | 000,008,361 | RH-- | C] () -- C:\Documents and Settings\Owner\20100630.log
[2010/06/29 00:45:03 | 000,075,425 | RH-- | C] () -- C:\Documents and Settings\Owner\20100629.log
[2010/06/28 00:00:14 | 000,019,902 | RH-- | C] () -- C:\Documents and Settings\Owner\20100628.log
[2010/06/27 00:02:10 | 000,031,188 | RH-- | C] () -- C:\Documents and Settings\Owner\20100627.log
[2010/06/26 00:08:39 | 000,013,361 | RH-- | C] () -- C:\Documents and Settings\Owner\20100626.log
[2010/06/25 00:02:35 | 000,106,218 | RH-- | C] () -- C:\Documents and Settings\Owner\20100625.log
[2010/06/24 00:03:02 | 000,011,704 | RH-- | C] () -- C:\Documents and Settings\Owner\20100624.log
[2010/06/23 02:12:29 | 002,504,196 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\The Wallflowers - One Headlight.mp3
[2010/06/23 00:20:36 | 000,050,634 | RH-- | C] () -- C:\Documents and Settings\Owner\20100623.log
[2010/06/22 00:03:14 | 000,017,258 | RH-- | C] () -- C:\Documents and Settings\Owner\20100622.log
[2010/06/21 00:20:05 | 000,060,019 | RH-- | C] () -- C:\Documents and Settings\Owner\20100621.log
[2010/06/20 00:48:27 | 000,372,161 | RH-- | C] () -- C:\Documents and Settings\Owner\20100620.log
[2010/06/19 00:11:33 | 000,009,218 | RH-- | C] () -- C:\Documents and Settings\Owner\20100619.log
[2010/06/18 02:17:18 | 000,013,347 | RH-- | C] () -- C:\Documents and Settings\Owner\20100618.log
[2010/06/17 00:12:40 | 000,064,473 | RH-- | C] () -- C:\Documents and Settings\Owner\20100617.log
[2010/06/16 00:43:44 | 000,022,611 | RH-- | C] () -- C:\Documents and Settings\Owner\20100616.log
[2010/06/15 00:41:33 | 000,067,902 | RH-- | C] () -- C:\Documents and Settings\Owner\20100615.log
[2010/06/14 01:58:30 | 000,041,059 | RH-- | C] () -- C:\Documents and Settings\Owner\20100614.log
[2010/06/13 02:01:37 | 000,025,815 | RH-- | C] () -- C:\Documents and Settings\Owner\20100613.log
[2010/06/12 00:25:22 | 000,014,506 | RH-- | C] () -- C:\Documents and Settings\Owner\20100612.log
[2010/06/11 00:50:37 | 000,028,358 | RH-- | C] () -- C:\Documents and Settings\Owner\20100611.log
[2010/06/10 01:42:28 | 000,013,588 | RH-- | C] () -- C:\Documents and Settings\Owner\20100610.log
[2010/06/09 00:18:16 | 000,015,265 | RH-- | C] () -- C:\Documents and Settings\Owner\20100609.log
[2010/06/08 00:00:05 | 000,102,330 | RH-- | C] () -- C:\Documents and Settings\Owner\20100608.log
[2010/06/07 00:53:24 | 000,029,222 | RH-- | C] () -- C:\Documents and Settings\Owner\20100607.log
[2010/06/06 00:11:44 | 000,013,750 | RH-- | C] () -- C:\Documents and Settings\Owner\20100606.log
[2010/06/05 09:00:01 | 000,001,860 | RH-- | C] () -- C:\Documents and Settings\Owner\20100605.log
[2010/06/04 00:01:31 | 000,016,581 | RH-- | C] () -- C:\Documents and Settings\Owner\20100604.log
[2010/06/03 00:01:58 | 000,024,698 | RH-- | C] () -- C:\Documents and Settings\Owner\20100603.log
[2009/06/30 22:39:51 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\TosBthSupport.dll
[2008/11/06 12:37:32 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/11/06 12:34:00 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/11/06 12:34:00 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/11/06 12:33:02 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/09/29 00:46:26 | 000,139,430 | ---- | C] () -- C:\WINDOWS\System32\urifil.dll
[2008/09/29 00:46:26 | 000,000,782 | ---- | C] () -- C:\WINDOWS\System32\snetbonly.dll
[2008/09/29 00:46:23 | 000,039,360 | ---- | C] () -- C:\WINDOWS\System32\bugreport.dll
[2007/10/12 21:00:35 | 000,000,040 | ---- | C] () -- C:\WINDOWS\System32\usrgfil.dll
[2007/10/11 21:55:30 | 000,000,036 | ---- | C] () -- C:\WINDOWS\System32\usrfil.dll
[2007/09/29 12:15:51 | 000,000,409 | ---- | C] () -- C:\WINDOWS\Trpmaker.INI
[2007/09/29 12:15:11 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2007/09/29 12:15:11 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\PlugFile.dll
[2007/09/29 12:15:09 | 000,038,688 | ---- | C] () -- C:\WINDOWS\System32\LEADDIB.DRV
[2007/09/29 12:15:09 | 000,011,136 | ---- | C] () -- C:\WINDOWS\System32\FPRUN300.DLL
[2007/08/07 03:52:31 | 000,158,856 | ---- | C] () -- C:\WINDOWS\System32\pxyfil.dll
[2007/04/24 18:13:30 | 000,014,412 | ---- | C] () -- C:\WINDOWS\System32\tafil.dll
[2007/04/24 18:13:30 | 000,006,830 | ---- | C] () -- C:\WINDOWS\System32\swfil.dll
[2007/04/24 18:13:30 | 000,005,394 | ---- | C] () -- C:\WINDOWS\System32\wrestfil.dll
[2007/04/24 18:13:30 | 000,002,164 | ---- | C] () -- C:\WINDOWS\System32\wzfil.dll
[2007/04/24 18:13:30 | 000,001,656 | ---- | C] () -- C:\WINDOWS\System32\tapfil.dll
[2007/04/24 18:13:29 | 000,022,384 | ---- | C] () -- C:\WINDOWS\System32\perfil.dll
[2007/04/24 18:13:29 | 000,017,672 | ---- | C] () -- C:\WINDOWS\System32\nvgamfil.dll
[2007/04/24 18:13:29 | 000,016,732 | ---- | C] () -- C:\WINDOWS\System32\popfil.dll
[2007/04/24 18:13:29 | 000,013,112 | ---- | C] () -- C:\WINDOWS\System32\finfil.dll
[2007/04/24 18:13:29 | 000,012,486 | ---- | C] () -- C:\WINDOWS\System32\psyfil.dll
[2007/04/24 18:13:29 | 000,012,114 | ---- | C] () -- C:\WINDOWS\System32\sporfil.dll
[2007/04/24 18:13:29 | 000,011,164 | ---- | C] () -- C:\WINDOWS\System32\fmfil.dll
[2007/04/24 18:13:29 | 000,009,636 | ---- | C] () -- C:\WINDOWS\System32\gnfil.dll
[2007/04/24 18:13:29 | 000,008,652 | ---- | C] () -- C:\WINDOWS\System32\jbfil.dll
[2007/04/24 18:13:29 | 000,007,638 | ---- | C] () -- C:\WINDOWS\System32\movfil.dll
[2007/04/24 18:13:29 | 000,007,446 | ---- | C] () -- C:\WINDOWS\System32\pkmon.dll
[2007/04/24 18:13:29 | 000,001,816 | ---- | C] () -- C:\WINDOWS\System32\fshrfil.dll
[2007/04/24 18:13:29 | 000,000,724 | ---- | C] () -- C:\WINDOWS\System32\spmfil.dll
[2007/04/24 18:13:29 | 000,000,670 | ---- | C] () -- C:\WINDOWS\System32\mp3fil.dll
[2007/04/24 18:13:29 | 000,000,540 | ---- | C] () -- C:\WINDOWS\System32\srchfrgn.dll
[2007/04/24 18:13:29 | 000,000,194 | ---- | C] () -- C:\WINDOWS\System32\igefil.dll
[2007/04/24 18:13:29 | 000,000,116 | ---- | C] () -- C:\WINDOWS\System32\nfil.dll
[2007/04/24 18:13:29 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\macfil.dll
[2007/04/24 18:13:29 | 000,000,018 | ---- | C] () -- C:\WINDOWS\System32\lastupdate.dll
[2007/04/24 18:13:28 | 000,012,350 | ---- | C] () -- C:\WINDOWS\System32\entfil.dll
[2007/04/24 18:13:28 | 000,007,504 | ---- | C] () -- C:\WINDOWS\System32\auctfil.dll
[2007/04/24 18:13:28 | 000,001,790 | ---- | C] () -- C:\WINDOWS\System32\csnews.dll
[2007/04/24 18:13:28 | 000,000,400 | ---- | C] () -- C:\WINDOWS\System32\bsnlst.dll
[2007/04/24 18:13:28 | 000,000,100 | ---- | C] () -- C:\WINDOWS\System32\bnrfil.dll
[2007/04/04 21:08:29 | 000,095,588 | ---- | C] () -- C:\WINDOWS\System32\adwfil.dll
[2007/04/04 21:08:29 | 000,013,034 | ---- | C] () -- C:\WINDOWS\System32\gblfil.dll
[2007/04/04 21:08:29 | 000,010,862 | ---- | C] () -- C:\WINDOWS\System32\chtfil.dll
[2007/04/04 21:08:29 | 000,005,880 | ---- | C] () -- C:\WINDOWS\System32\wfileu.drv
[2007/04/04 21:08:29 | 000,005,260 | ---- | C] () -- C:\WINDOWS\System32\iawfil.dll
[2007/04/04 21:08:29 | 000,004,826 | ---- | C] () -- C:\WINDOWS\System32\vgamfil.dll
[2007/04/04 21:08:29 | 000,004,442 | ---- | C] () -- C:\WINDOWS\System32\hatfil.dll
[2007/04/04 21:08:29 | 000,003,818 | ---- | C] () -- C:\WINDOWS\System32\viofil.dll
[2007/04/04 21:08:29 | 000,003,444 | ---- | C] () -- C:\WINDOWS\System32\srchin.dll
[2007/04/04 21:08:29 | 000,003,360 | ---- | C] () -- C:\WINDOWS\System32\lgwfil.dll
[2007/04/04 21:08:29 | 000,001,830 | ---- | C] () -- C:\WINDOWS\System32\cultfil.dll
[2007/04/04 21:08:29 | 000,001,468 | ---- | C] () -- C:\WINDOWS\System32\gdwfil.dll
[2007/04/04 21:08:29 | 000,001,100 | ---- | C] () -- C:\WINDOWS\System32\imgfil.dll
[2007/04/04 21:08:29 | 000,000,652 | ---- | C] () -- C:\WINDOWS\System32\snetfil.dll
[2007/04/04 21:08:29 | 000,000,400 | ---- | C] () -- C:\WINDOWS\bsnlst.dll
[2007/04/04 21:08:29 | 000,000,306 | ---- | C] () -- C:\WINDOWS\System32\picsfil.dll
[2007/04/04 21:08:29 | 000,000,258 | ---- | C] () -- C:\WINDOWS\System32\srchout.dll
[2007/04/04 21:08:26 | 000,334,174 | ---- | C] () -- C:\WINDOWS\sqlite3.dll
[2007/01/22 14:29:08 | 000,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini
[2007/01/22 14:28:56 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2007/01/22 14:26:30 | 000,000,234 | ---- | C] () -- C:\WINDOWS\PrnHlpLogConfig.ini
[2007/01/22 14:25:20 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_InstantSHareJPG.ini
[2007/01/22 14:25:02 | 000,000,217 | ---- | C] () -- C:\WINDOWS\HP_IZClosingDiscErrorPatch.ini
[2007/01/22 14:23:51 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2007/01/13 15:27:44 | 000,684,032 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2007/01/13 15:27:44 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2006/09/28 19:45:11 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/05/13 18:56:11 | 000,000,004 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/02/25 00:28:54 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\TDispVol.dll
[2006/02/16 11:07:58 | 000,000,012 | ---- | C] () -- C:\WINDOWS\dirsaver.ini
[2006/02/16 05:50:52 | 000,000,222 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/02/16 05:25:21 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006/02/16 05:25:21 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006/02/16 05:25:21 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006/02/16 05:25:21 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006/02/16 05:25:21 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006/02/16 05:25:21 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006/02/15 12:41:53 | 000,036,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\CSIIDecoder_kern_i386.sys
[2006/02/15 12:41:53 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSXT_kern_i386.sys
[2006/02/15 12:40:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2006/02/15 12:28:50 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2006/02/15 12:28:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2006/02/15 12:28:50 | 000,010,165 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2006/02/15 12:28:50 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2006/02/15 12:25:00 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll
[2006/02/15 12:21:53 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2006/02/15 11:44:19 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/02/15 11:34:07 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2006/02/15 10:09:00 | 000,000,341 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/11/29 00:33:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/08/24 19:20:28 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\tbiosdrv.sys
[2005/08/05 18:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2003/01/07 19:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/07/06 16:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
< End of report >

#3 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,824 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:12:49 PM

Posted 02 July 2010 - 03:22 PM

Hello there,

OTL FIX
------------
We need to run an OTL Fix
  1. Please reopen on your desktop.
  2. Copy and Paste the following code into the textbox. Do not include the word "Code"
    CODE
    :otl
    IE - HKU\S-1-5-21-150929562-2421574482-4148046166-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
    IE - HKU\S-1-5-21-150929562-2421574482-4148046166-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
    IE - HKU\S-1-5-21-150929562-2421574482-4148046166-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5577
    O4 - HKU\S-1-5-21-150929562-2421574482-4148046166-1005..\Run: [ustqkdbl] C:\Documents and Settings\Owner\Local Settings\Application Data\wticuwtue\ultwsrptssd.exe ()
    O7 - HKU\S-1-5-21-150929562-2421574482-4148046166-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
    O7 - HKU\S-1-5-21-150929562-2421574482-4148046166-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0

    :files
    C:\Documents and Settings\Owner\Local Settings\Application Data\wticuwtue

    :commands
    [emptytemp]
  3. Push
  4. OTL may ask to reboot the machine. Please do so if asked.
  5. Click .
  6. A report will open. Copy and Paste that report in your next reply.


regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#4 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,824 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:12:49 PM

Posted 02 July 2010 - 04:14 PM

Good to hear things run fine now, please let me know if you need any more help or if this can be closed.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#5 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,824 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:12:49 PM

Posted 07 July 2010 - 06:01 AM

Since this issue seems to be resolved, this topic will now be closed.

If you are the original topic starter and you need this topic reopened, please send me a PM.

Everyone else, please start a new topic.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users