Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer Freezing Up


  • This topic is locked This topic is locked
7 replies to this topic

#1 Bobbert

Bobbert

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:10:16 PM

Posted 28 July 2010 - 02:49 PM

DDS

CODE
DDS (Ver_10-03-17.01) - NTFSX64  
Run by home at 15:04:42.95 on Wed 07/28/2010
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.1.1033.18.1918.904 [GMT -4:00]

SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Program Files (x86)\AVG\AVG9\avgchsva.exe
C:\Program Files (x86)\AVG\AVG9\avgrsa.exe
C:\Windows\system32\lsm.exe
C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\LSI SoftModem\agr64svc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\Comcast\Desktop Doctor\bin\sprtsvc.exe
C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\RealVNC\VNC4\winvnc4.exe
C:\Program Files (x86)\AVG\AVG9\avgemc.exe
C:\Program Files (x86)\AVG\AVG9\avgnsa.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\GamesBar\SearchEngineProtection.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
C:\Program Files (x86)\AVG\AVG9\avgtray.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\taskeng.exe
C:\Users\home\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\home\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Users\home\Desktop\dds (1).scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uSearch Bar = Preserve
uStart Page = about:blank
mStart Page = hxxp://www.comcast.net/
mWindow Title = Windows Internet Explorer provided by Comcast
uInternet Settings,ProxyOverride = *.local
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files (x86)\avg\avg9\avgssie.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2010\ievkbd.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files (x86)\microsoft office\office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: GamesBarBHO Class: {cb0d163c-e9f4-4236-9496-0597e24b23a5} - c:\program files (x86)\gamesbar\2.0.1.53\oberontb.dll
BHO: MSN Toolbar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files (x86)\msn toolbar\platform\4.0.0379.0\npwinext.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2010\klwtbbho.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: MSN Toolbar: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files (x86)\msn toolbar\platform\4.0.0379.0\npwinext.dll
TB: GamesBar: {6f282b65-56bf-4bd1-a8b2-a4449a05863d} - c:\program files (x86)\gamesbar\2.0.1.53\oberontb.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [SearchEngineProtection] c:\program files (x86)\gamesbar\SearchEngineProtection.exe
mRun: [avp] "c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2010\avp.exe"
mRun: [AVG9_TRAY] c:\progra~2\avg\avg9\avgtray.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {1A93C934-025B-4c3a-B38E-9654A7003239} - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - c:\program files (x86)\gamesbar\2.0.1.53\oberontb.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files (x86)\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~2\micros~2\office12\ONBttnIE.dll
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2010\klwtbbho.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~2\micros~2\office12\REFIEBAR.DLL
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2010\klwtbbho.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files (x86)\microsoft office\office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files (x86)\avg\avg9\avgpp.dll
AppInit_DLLs: c:\progra~2\kasper~1\kasper~1\mzvkbd3.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files (x86)\microsoft office\office12\GrooveShellExtensions.dll
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files (x86)\avg\avg9\avgssiea.dll
BHO-X64:     WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2010\x64\ievkbd.dll
BHO-X64:     IEVkbdBHO - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO-X64: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2010\x64\klwtbbho.dll
BHO-X64:     link filter bho - No File
TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
AppInit_DLLs-X64: avgrssta.dll
Hosts: 127.0.0.1    www.spywareinfo.com

============= SERVICES / DRIVERS ===============

R0 KLBG;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2009-10-14 40464]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-7-22 69152]
R1 AvgLdx64;AVG Free AVI Loader Driver x64;c:\windows\system32\drivers\avgldx64.sys [2010-2-16 269904]
R1 AvgMfx64;AVG Free On-access Scanner Minifilter Driver x64;c:\windows\system32\drivers\avgmfx64.sys [2010-2-16 35536]
R1 AvgTdiA;AVG Free Network Redirector x64;c:\windows\system32\drivers\avgtdia.sys [2010-2-16 317520]
R1 bckd;bckd;c:\windows\system32\drivers\bckd.sys [2009-12-4 93808]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\drivers\klim6.sys [2009-9-14 27152]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files (x86)\avg\avg9\avgemc.exe [2010-7-17 921952]
R2 avg9wd;AVG Free WatchDog;c:\program files (x86)\avg\avg9\avgwdsvc.exe [2010-7-17 308136]
R2 AVP;Kaspersky Anti-Virus;c:\program files (x86)\kaspersky lab\kaspersky anti-virus 2010\avp.exe [2009-10-20 340456]
R2 bckwfs;Blue Coat K9 Web Protection;c:\program files\blue coat k9 web protection\k9filter.exe [2009-12-4 3505264]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\lavasoft\ad-aware\AAWService.exe [2010-7-12 1352832]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\spybot - search & destroy\SDWinSec.exe [2010-4-19 1153368]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\tuneup utilities 2010\TuneUpUtilitiesService64.exe [2009-10-16 1341256]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009-10-2 21008]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\tuneup utilities 2010\TuneUpUtilitiesDriver64.sys [2009-10-14 11856]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0;PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [2009-9-17 23536]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-3-8 1255736]

=============== Created Last 30 ================

2010-07-26 21:59:40    14336    ----a-w-    c:\windows\system32\drivers\sffp_sd.sys
2010-07-26 21:50:49    411368    ----a-w-    c:\windows\syswow64\deployJava1.dll
2010-07-26 21:50:49    153376    ----a-w-    c:\windows\syswow64\javaws.exe
2010-07-26 21:50:49    145184    ----a-w-    c:\windows\syswow64\javaw.exe
2010-07-26 21:50:49    145184    ----a-w-    c:\windows\syswow64\java.exe
2010-07-25 22:37:51    0    d-----w-    c:\programdata\GamesBar
2010-07-25 22:37:43    0    d-----w-    c:\program files (x86)\GamesBar
2010-07-25 22:37:24    0    d-----w-    c:\program files (x86)\Oberon Media
2010-07-23 02:44:03    15880    ----a-w-    c:\windows\system32\lsdelete.exe
2010-07-23 02:33:08    69152    ----a-w-    c:\windows\system32\drivers\Lbd.sys
2010-07-23 02:12:03    0    dc-h--w-    c:\programdata\{BD986C1B-72EC-4B82-B47B-6CAC4E6F494E}
2010-07-23 02:11:44    0    d-----w-    c:\programdata\Lavasoft
2010-07-23 02:11:44    0    d-----w-    c:\program files (x86)\Lavasoft
2010-07-22 02:33:52    149773    ----a-w-    c:\windows\system32\drivers\klin.dat
2010-07-22 02:33:52    106765    ----a-w-    c:\windows\system32\drivers\klick.dat
2010-07-22 02:24:31    0    d-----w-    c:\programdata\Kaspersky Lab
2010-07-22 02:24:31    0    d-----w-    c:\program files (x86)\Kaspersky Lab
2010-07-20 00:13:11    0    d-----w-    c:\programdata\Kaspersky Lab Setup Files
2010-07-19 23:56:45    77312    ----a-w-    c:\windows\syswow64\ztvunace26.dll
2010-07-19 23:56:45    75264    ----a-w-    c:\windows\syswow64\unacev2.dll
2010-07-19 23:56:45    69632    ----a-w-    c:\windows\syswow64\ztvcabinet.dll
2010-07-19 23:56:45    162304    ----a-w-    c:\windows\syswow64\ztvunrar36.dll
2010-07-19 23:56:45    153088    ----a-w-    c:\windows\syswow64\unrar3.dll
2010-07-19 23:56:40    0    d-----w-    c:\users\home\appdata\roaming\Simply Super Software
2010-07-17 14:56:43    13048    ----a-w-    c:\windows\system32\avgrssta.dll
2010-07-16 17:14:21    65536    --sha-w-    C:\ntuser.dat{9034305e-90f9-11df-9f6f-ccdf69f58418}.TM.blf
2010-07-16 17:14:21    65536    --sha-w-    C:\ntuser.dat{9034305a-90f9-11df-9f6f-ccdf69f58418}.TM.blf
2010-07-16 17:14:21    524288    --sha-w-    C:\ntuser.dat{9034305e-90f9-11df-9f6f-ccdf69f58418}.TMContainer00000000000000000002.regtrans-ms
2010-07-16 17:14:21    524288    --sha-w-    C:\ntuser.dat{9034305e-90f9-11df-9f6f-ccdf69f58418}.TMContainer00000000000000000001.regtrans-ms
2010-07-16 17:14:21    524288    --sha-w-    C:\ntuser.dat{9034305a-90f9-11df-9f6f-ccdf69f58418}.TMContainer00000000000000000002.regtrans-ms
2010-07-16 17:14:21    524288    --sha-w-    C:\ntuser.dat{9034305a-90f9-11df-9f6f-ccdf69f58418}.TMContainer00000000000000000001.regtrans-ms
2010-07-16 17:14:21    5120    --sha-w-    C:\ntuser.dat.LOG1
2010-07-16 17:14:21    262144    ----a-w-    C:\ntuser.dat
2010-07-16 17:14:21    0    --sha-w-    C:\ntuser.dat.LOG2
2010-07-16 01:34:10    0    d-----w-    c:\programdata\Windows Genuine Advantage
2010-07-16 01:27:05    34045896    ----a-w-    c:\windows\syswow64\MRT.exe
2010-07-15 00:20:59    144384    ----a-w-    c:\windows\system32\cdd.dll
2010-07-14 17:45:46    0    d-----w-    c:\program files (x86)\Trend Micro
2010-07-14 06:44:15    7088    ------w-    C:\bootsqm.dat
2010-07-13 22:10:05    0    d-----w-    c:\program files (x86)\ESET
2010-07-13 22:09:55    0    d--h--w-    c:\windows\AxInstSV
2010-07-12 17:13:33    0    d-----w-    c:\users\home\appdata\roaming\Malwarebytes
2010-07-12 17:13:22    24664    ----a-w-    c:\windows\system32\drivers\mbam.sys
2010-07-12 17:13:22    0    d-----w-    c:\programdata\Malwarebytes
2010-07-12 17:13:22    0    d-----w-    c:\program files (x86)\Malwarebytes' Anti-Malware
2010-07-11 21:10:13    32584    ----a-w-    c:\windows\system32\TURegOpt.exe
2010-07-11 21:10:10    36168    ----a-w-    c:\windows\system32\uxtuneup.dll
2010-07-11 21:10:10    30024    ----a-w-    c:\windows\syswow64\uxtuneup.dll
2010-07-11 21:10:10    25928    ----a-w-    c:\windows\system32\authuitu.dll
2010-07-11 21:10:09    21320    ----a-w-    c:\windows\syswow64\authuitu.dll
2010-07-11 21:08:19    0    d-----w-    c:\program files (x86)\TuneUp Utilities 2010
2010-07-10 20:26:39    0    d-----w-    c:\program files (x86)\common files\Wise Installation Wizard
2010-07-10 15:57:09    0    d-----w-    c:\programdata\{DA06AA03-DF24-4ECE-939E-1B0939235C66}
2010-07-10 15:56:03    0    d-----w-    c:\users\home\appdata\roaming\hpqLog
2010-07-10 15:54:30    0    d-----w-    c:\users\home\appdata\roaming\WinBatch
2010-07-10 15:51:56    0    d-----w-    c:\programdata\Recovery
2010-07-09 12:09:17    524288    --sha-w-    c:\users\home\ntuser.dat{ab7bca5d-8b52-11df-ba39-e0cb4e1dbbf6}.TMContainer00000000000000000002.regtrans-ms
2010-07-09 12:09:16    524288    --sha-w-    c:\users\home\ntuser.dat{ab7bca5d-8b52-11df-ba39-e0cb4e1dbbf6}.TMContainer00000000000000000001.regtrans-ms
2010-07-09 12:09:15    65536    --sha-w-    c:\users\home\ntuser.dat{ab7bca5d-8b52-11df-ba39-e0cb4e1dbbf6}.TM.blf
2010-07-08 23:16:29    0    d-----w-    c:\programdata\PopCap Games
2010-07-08 23:16:29    0    d-----w-    c:\program files (x86)\PopCap Games
2010-07-08 17:07:34    0    d-----w-    c:\users\home\appdata\roaming\Oberon Media
2010-07-08 17:07:17    0    d-----w-    c:\programdata\Oberon Media
2010-07-08 17:07:16    0    d-----w-    c:\program files (x86)\MSN Games
2010-07-06 21:00:26    0    d-----w-    c:\programdata\Wild Tangent
2010-07-02 22:00:40    0    d-----w-    c:\programdata\Blizzard
2010-07-01 01:09:55    0    d-----w-    c:\users\home\appdata\roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

==================== Find3M  ====================

2010-07-17 14:56:45    317520    ----a-w-    c:\windows\system32\drivers\avgtdia.sys
2010-07-17 14:56:06    269904    ----a-w-    c:\windows\system32\drivers\avgldx64.sys
2010-06-02 13:29:58    35536    ----a-w-    c:\windows\system32\drivers\avgmfx64.sys
2010-05-27 07:24:13    34304    ----a-w-    c:\windows\syswow64\atmlib.dll
2010-05-27 06:34:09    46080    ----a-w-    c:\windows\system32\atmlib.dll
2010-05-27 04:11:32    366080    ----a-w-    c:\windows\system32\atmfd.dll
2010-05-27 03:49:37    293888    ----a-w-    c:\windows\syswow64\atmfd.dll
2010-05-21 18:14:28    270208    ------w-    c:\windows\system32\MpSigStub.exe
2010-05-21 05:52:30    1192960    ----a-w-    c:\windows\system32\wininet.dll
2010-05-21 05:18:06    977920    ----a-w-    c:\windows\syswow64\wininet.dll
2010-05-21 05:14:50    48128    ----a-w-    c:\windows\syswow64\jsproxy.dll
2010-05-09 09:46:00    961024    ----a-w-    c:\windows\system32\CPFilters.dll
2010-05-09 09:45:57    552960    ----a-w-    c:\windows\system32\msdri.dll
2010-05-09 09:14:55    641536    ----a-w-    c:\windows\syswow64\CPFilters.dll
2010-05-06 12:42:05    1225216    ----a-w-    c:\windows\syswow64\urlmon.dll
2010-05-06 12:41:55    606208    ----a-w-    c:\windows\syswow64\mstime.dll
2010-05-06 12:41:53    64512    ----a-w-    c:\windows\syswow64\msfeedsbs.dll
2010-05-06 12:41:53    5970944    ----a-w-    c:\windows\syswow64\mshtml.dll
2010-05-06 12:41:49    381440    ----a-w-    c:\windows\syswow64\iedkcs32.dll
2010-05-06 12:41:49    10984448    ----a-w-    c:\windows\syswow64\ieframe.dll
2010-05-01 15:07:05    3122176    ----a-w-    c:\windows\system32\win32k.sys
2009-07-14 05:37:38    31548    ----a-w-    c:\windows\inf\perflib\0409\perfd.dat
2009-07-14 05:37:38    31548    ----a-w-    c:\windows\inf\perflib\0409\perfc.dat
2009-07-14 05:37:38    291294    ----a-w-    c:\windows\inf\perflib\0409\perfi.dat
2009-07-14 05:37:38    291294    ----a-w-    c:\windows\inf\perflib\0409\perfh.dat
2009-07-14 04:54:24    174    --sha-w-    c:\program files\desktop.ini
2009-07-14 04:54:24    174    --sha-w-    c:\program files (x86)\desktop.ini
2009-07-14 01:00:34    291294    ----a-w-    c:\windows\inf\perflib\0000\perfi.dat
2009-07-14 01:00:34    291294    ----a-w-    c:\windows\inf\perflib\0000\perfh.dat
2009-07-14 01:00:32    31548    ----a-w-    c:\windows\inf\perflib\0000\perfd.dat
2009-07-14 01:00:32    31548    ----a-w-    c:\windows\inf\perflib\0000\perfc.dat
2009-06-10 20:44:08    9633792    --sha-r-    c:\windows\fonts\StaticCache.dat
2009-07-14 01:39:53    398848    --sha-w-    c:\windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f696639a2\WinMail.exe
2009-07-14 01:14:45    396800    --sha-w-    c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

============= FINISH: 15:06:23.97 ===============


HijackThis Log

CODE
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:48:33 PM, on 7/28/2010
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
C:\Program Files (x86)\AVG\AVG9\avgtray.exe
C:\Users\home\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\home\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\home\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\home\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\home\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\home\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Users\home\Desktop\HijackThis (1).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/CQDSK/1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/CQDSK/1
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: GamesBarBHO Class - {CB0D163C-E9F4-4236-9496-0597E24B23A5} - C:\Program Files (x86)\GamesBar\2.0.1.53\oberontb.dll
O2 - BHO: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll
O3 - Toolbar: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files (x86)\GamesBar\2.0.1.53\oberontb.dll
O4 - HKLM\..\Run: [avp] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe
O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files (x86)\GamesBar\2.0.1.53\oberontb.dll
O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files (x86)\GamesBar\2.0.1.53\oberontb.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
O23 - Service: Blue Coat K9 Web Protection (bckwfs) - Blue Coat Systems, Inc. - C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SupportSoft Sprocket Service (ddoctorv2) (sprtsvc_ddoctorv2) - SupportSoft, Inc. - C:\Program Files (x86)\Comcast\Desktop Doctor\bin\sprtsvc.exe
O23 - Service: @C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10812 bytes



Computer keeps freezing, have to reboot manually. Im running Windows 7 x64 I think. Ran every scan I possibly could, any help at all would be seriously appreciated. Thanks in advance guys!

- Bobbert

Attached Files



BC AdBot (Login to Remove)

 


#2 Bobbert

Bobbert
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:10:16 PM

Posted 30 July 2010 - 06:01 PM

=\

EDIT: Please be patient. There are over 450 unanswered topics in this forum at present and the current average wait time to receive help is 7 days. ~BP

Edited by Budapest, 01 August 2010 - 05:56 PM.


#3 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:10:16 PM

Posted 07 August 2010 - 11:18 AM

Hello Bobbert

Welcome to BleepingComputer smile.gif
==========================
Hi please uninstall one of the Antivirus programs you have.
Kaspersky Internet security suite or AVG I personally would loose AVG over Kaspersky.
Reboot after doing that and see if the problem is fixed.
Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image

#4 Bobbert

Bobbert
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:10:16 PM

Posted 13 August 2010 - 07:11 PM

Didn't work, I uninstalled both and replaced it with McAfee -- thanks to my mom. Anyway since its been awhile the computer has been a little more laggy, here is an updated HijackThis Log:

CODE
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:11:15 PM, on 8/13/2010
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Users\home\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\home\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/CQDSK/1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/CQDSK/1
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20100810183629.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Blue Coat K9 Web Protection (bckwfs) - Blue Coat Systems, Inc. - C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee OOBE Service (McOobeSv) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SupportSoft Sprocket Service (ddoctorv2) (sprtsvc_ddoctorv2) - SupportSoft, Inc. - C:\Program Files (x86)\Comcast\Desktop Doctor\bin\sprtsvc.exe
O23 - Service: @C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10481 bytes



#5 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:10:16 PM

Posted 14 August 2010 - 05:48 AM

Ok I will take a deeper look see what is going on then.
  • Download OTL to your desktop.
  • Double click on OTL to run it.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Standard Registry box change it to All.
  • Under Custom scan's and fixes section paste in the below in bold

    netsvcs
    %SYSTEMDRIVE%\*.*
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\drivers\*.sys /90
    %systemroot%\system32\Spool\prtprocs\w32x86\*.dll

  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image

#6 Bobbert

Bobbert
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:10:16 PM

Posted 14 August 2010 - 10:37 AM

So I was checking out my processes running and found one that takes about 1.3m K I dont remember exactly but it was something like wmpntwk it loads at 1, 250, 000 K memory which makes the computer laggy like crazy but regardless it still not the same after ending that process. Anyway here are the results of the scan

OTL. txt

OTL logfile created on: 8/14/2010 11:20:16 AM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\home\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 64.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 288.27 Gb Total Space | 237.15 Gb Free Space | 82.27% Space Free | Partition Type: NTFS
Drive D: | 9.72 Gb Total Space | 1.42 Gb Free Space | 14.66% Space Free | Partition Type: NTFS
Drive E: | 683.29 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HOME-PC
Current User Name: home
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\home\Desktop\OTL (1).exe (OldTimer Tools)
PRC - C:\Users\home\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft\Office Live\OfficeLiveSignIn.exe (Microsoft Corp.)
PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\Comcast\Desktop Doctor\bin\sprtsvc.exe (SupportSoft, Inc.)


========== Modules (SafeList) ==========

MOD - C:\Users\home\Desktop\OTL (1).exe (OldTimer Tools)
MOD - c:\Program Files (x86)\McAfee\SiteAdvisor\sahook.dll (McAfee, Inc.)
MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
SRV:64bit: - (mfevtp) -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe (McAfee, Inc.)
SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McOobeSv) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNASvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (mcmscsvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McAfee SiteAdvisor Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV:64bit: - (bckwfs) -- C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe (Blue Coat Systems, Inc.)
SRV:64bit: - (wlidsvc) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV:64bit: - (WinVNC4) -- C:\Program Files\RealVNC\VNC4\WinVNC4.exe (RealVNC Ltd.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AgereModemAudio) -- C:\Program Files\LSI SoftModem\agr64svc.exe (LSI Corporation)
SRV - (TuneUp.Defrag) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (GameConsoleService) -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (Apple Mobile Device) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (clr_optimization_v4.0.30319_64) -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (Microsoft Office Groove Audit Service) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (sprtsvc_ddoctorv2) SupportSoft Sprocket Service (ddoctorv2) -- C:\Program Files (x86)\Comcast\Desktop Doctor\bin\sprtsvc.exe (SupportSoft, Inc.)


========== Driver Services (SafeList) ==========

DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.)
DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\drivers\mferkdet.sys (McAfee, Inc.)
DRV:64bit: - (mfenlfk) -- C:\Windows\SysNative\drivers\mfenlfk.sys (McAfee, Inc.)
DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.)
DRV:64bit: - (bckd) -- C:\Windows\SysNative\drivers\bckd.sys (Blue Coat Systems, Inc.)
DRV:64bit: - (PCDSRVC{F36B3A4C-F95654BD-06000000}_0) -- c:\Program Files\PC-Doctor for Windows\pcdsrvc_x64.pkms (PC-Doctor, Inc.)
DRV:64bit: - (kl1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab)
DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corporation)
DRV:64bit: - (NVNET) -- C:\Windows\SysNative\drivers\nvmf6264.sys (NVIDIA Corporation)
DRV:64bit: - (vncmirror) -- C:\Windows\SysNative\drivers\vncmirror.sys (RealVNC Ltd.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys (TuneUp Software)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/CQDSK/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/CQDSK/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/CQDSK/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18
FF - prefs.js..extensions.enabledItems: {27182e60-b5f3-411c-b545-b44205977502}:1.0
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.5
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.736
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.8


FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/02/22 12:34:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\Firefox [2010/06/24 13:46:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/06/25 23:26:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2010/08/12 02:31:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/08/10 18:36:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/08/02 20:01:11 | 000,000,000 | ---D | M]

[2010/08/02 19:32:37 | 000,000,000 | ---D | M] -- C:\Users\home\AppData\Roaming\Mozilla\Extensions
[2010/08/02 19:32:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\home\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010/08/02 20:02:42 | 000,000,000 | ---D | M] -- C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\wmdtga5e.default\extensions
[2010/08/02 20:00:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/08/02 19:30:59 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010/03/07 02:02:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
[2010/08/02 20:00:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2010/07/22 22:07:09 | 000,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browserdirprovider.dll
[2010/07/22 22:07:10 | 000,138,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\brwsrcmp.dll
[2010/05/31 20:32:58 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\components\Scriptff.dll
[2010/03/07 02:02:28 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeploytk.dll
[2010/07/22 22:07:11 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npnul32.dll
[2006/10/27 00:12:16 | 000,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
[2010/06/19 15:34:11 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
[2010/04/04 23:44:51 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
[2010/04/04 23:44:51 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
[2010/04/04 23:44:52 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
[2010/04/04 23:44:52 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
[2010/04/04 23:44:52 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
[2010/04/04 23:44:52 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
[2010/04/04 23:44:52 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
[2010/07/22 19:41:04 | 000,001,394 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazondotcom.xml
[2010/07/22 19:41:04 | 000,002,193 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\answers.xml
[2010/07/22 19:41:04 | 000,001,534 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\creativecommons.xml
[2010/07/22 19:41:04 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay.xml
[2010/07/22 19:41:04 | 000,002,371 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\google.xml
[2010/07/22 19:41:04 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia.xml
[2010/07/22 19:41:04 | 000,001,096 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo.xml

O1 HOSTS File: ([2010/08/12 18:45:54 | 000,416,709 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 14380 more lines...
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100810183629.dll (McAfee, Inc.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\hp\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20100810183629.dll (McAfee, Inc.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (MSN Toolbar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\hp\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClearRecentDocsOnExit = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\hp\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.71.230 68.87.73.246
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2003/09/16 16:16:49 | 000,000,000 | ---D | M] - E:\Autorun -- [ CDFS ]
O32 - AutoRun File - [2003/09/15 15:05:12 | 000,151,552 | R--- | M] () - E:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2003/07/18 12:24:36 | 000,000,044 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{8acb07cf-e9a9-11de-a01a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{8acb07cf-e9a9-11de-a01a-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe -- [2003/09/15 15:05:12 | 000,151,552 | R--- | M] ()
O33 - MountPoints2\{da39d358-455a-11df-ab2f-e0cb4e1dbbf6}\Shell - "" = AutoRun
O33 - MountPoints2\{da39d358-455a-11df-ab2f-e0cb4e1dbbf6}\Shell\AutoRun\command - "" = F:\Arcade.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)

========== Files/Folders - Created Within 30 Days ==========

[2010/08/14 11:19:50 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\home\Desktop\OTL (1).exe
[2010/08/13 17:04:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\THQ
[2010/08/11 22:51:15 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA%
[2010/08/11 22:49:21 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2010/08/11 22:48:40 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010/08/11 22:48:40 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010/08/11 22:48:39 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010/08/11 22:48:39 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010/08/11 22:48:38 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010/08/11 22:48:38 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010/08/11 22:48:30 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2010/08/11 22:48:30 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[2010/08/11 22:48:08 | 005,507,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010/08/11 22:48:07 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2010/08/11 22:48:07 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2010/08/10 18:20:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee.com
[2010/08/10 18:19:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\McAfee
[2010/08/10 18:19:55 | 000,009,984 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeclnk.sys
[2010/08/10 18:19:12 | 000,440,688 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfefirek.sys
[2010/08/10 18:19:12 | 000,279,752 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfewfpk.sys
[2010/08/10 18:19:12 | 000,189,880 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeavfk.sys
[2010/08/10 18:19:12 | 000,093,840 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mferkdet.sys
[2010/08/10 18:19:12 | 000,075,288 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfenlfk.sys
[2010/08/10 18:19:12 | 000,062,416 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\cfwids.sys
[2010/08/10 18:19:01 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2010/08/10 18:19:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2010/08/10 18:18:59 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2010/08/10 18:18:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee
[2010/08/10 17:59:11 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2010/08/02 19:24:28 | 000,036,168 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2010/08/02 19:24:28 | 000,030,024 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2010/08/02 19:24:28 | 000,025,928 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2010/08/02 19:24:28 | 000,021,320 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2010/07/30 16:09:57 | 000,000,000 | ---D | C] -- C:\Users\home\Documents\Sony PMB
[2010/07/30 16:09:57 | 000,000,000 | ---D | C] -- C:\Users\home\AppData\Roaming\Sony Corporation
[2010/07/30 15:58:59 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2010/07/30 15:58:59 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2010/07/30 15:58:54 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2010/07/30 15:58:54 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2010/07/30 15:53:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
[2010/07/30 15:53:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Corporation
[2010/07/28 15:17:35 | 000,000,000 | ---D | C] -- C:\Users\home\Desktop\gmer (2)
[2010/07/26 17:50:49 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2010/07/26 17:50:49 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010/07/26 17:50:49 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010/07/26 17:50:49 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010/07/25 18:37:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oberon Media
[2010/07/22 22:12:36 | 000,000,000 | ---D | C] -- C:\Users\home\AppData\Local\Sunbelt Software
[2010/07/22 22:12:03 | 000,000,000 | -H-D | C] -- C:\ProgramData\{BD986C1B-72EC-4B82-B47B-6CAC4E6F494E}
[2010/07/22 22:11:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2010/07/22 22:11:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft
[2010/07/21 22:24:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010/07/19 19:56:45 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ztvcabinet.dll
[2010/07/19 19:56:40 | 000,000,000 | ---D | C] -- C:\Users\home\AppData\Roaming\Simply Super Software
[2010/07/15 21:34:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows Genuine Advantage
[4 C:\Users\home\Documents\*.tmp files -> C:\Users\home\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/08/14 11:22:42 | 006,815,744 | -HS- | M] () -- C:\Users\home\ntuser.dat
[2010/08/14 11:19:51 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\home\Desktop\OTL (1).exe
[2010/08/14 11:18:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2063440997-2226474314-879837972-1001UA.job
[2010/08/14 11:04:32 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2063440997-2226474314-879837972-1000UA.job
[2010/08/14 10:24:09 | 000,012,996 | ---- | M] () -- C:\Users\home\Documents\Vegetarian Menu.docx
[2010/08/14 10:24:09 | 000,000,162 | -H-- | M] () -- C:\Users\home\Documents\~$getarian Menu.docx
[2010/08/14 09:41:46 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/08/14 09:41:46 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/08/14 09:36:08 | 000,001,834 | ---- | M] () -- C:\Users\Public\Desktop\McAfee AntiVirus Plus.lnk
[2010/08/14 09:33:43 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/08/14 09:33:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/08/14 09:33:34 | 1508,761,600 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/14 01:57:08 | 001,810,115 | -H-- | M] () -- C:\Users\home\AppData\Local\IconCache.db
[2010/08/13 20:05:23 | 000,002,971 | ---- | M] () -- C:\Users\home\Desktop\HiJackThis.lnk
[2010/08/13 20:04:13 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2063440997-2226474314-879837972-1000Core.job
[2010/08/13 17:10:47 | 000,002,525 | ---- | M] () -- C:\Users\Public\Desktop\SpongeBob SquarePants - Battle for Bikini Bottom.lnk
[2010/08/12 18:45:54 | 000,416,709 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2010/08/12 12:18:01 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2063440997-2226474314-879837972-1001Core.job
[2010/08/11 23:00:19 | 000,432,336 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/08/10 19:05:40 | 000,002,399 | ---- | M] () -- C:\Users\home\Desktop\Google Chrome.lnk
[2010/08/10 18:21:22 | 000,000,510 | ---- | M] () -- C:\Windows\win.ini
[2010/08/09 18:44:49 | 000,414,782 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20100812-184554.backup
[2010/08/09 16:22:37 | 000,014,720 | ---- | M] () -- C:\Users\home\Documents\resumeandcoverletter.docx
[2010/08/06 17:35:52 | 000,732,510 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/08/06 17:35:52 | 000,628,082 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/08/06 17:35:52 | 000,108,260 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/08/05 12:55:43 | 000,030,143 | ---- | M] () -- C:\Users\home\Documents\commteen.docx
[2010/08/05 00:29:21 | 000,000,162 | -H-- | M] () -- C:\Users\home\Documents\~$mmteen.docx
[2010/08/03 09:20:41 | 000,012,314 | ---- | M] () -- C:\Users\home\Documents\Resumecleaning.docx
[2010/08/02 20:48:00 | 000,414,782 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20100809-184449.backup
[2010/08/02 19:51:25 | 000,002,020 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/08/02 19:31:12 | 000,001,945 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/08/02 19:24:23 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk
[2010/08/02 19:24:23 | 000,002,165 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities.lnk
[2010/08/01 09:58:40 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForhome.job
[2010/07/31 21:57:47 | 000,000,061 | ---- | M] () -- C:\Windows\wininit.ini
[2010/07/30 15:55:20 | 000,001,019 | ---- | M] () -- C:\Users\Public\Desktop\PMB.lnk
[2010/07/29 23:46:54 | 000,001,319 | ---- | M] () -- C:\Users\Public\Desktop\Plants vs. Zombies.lnk
[2010/07/29 23:46:54 | 000,000,200 | ---- | M] () -- C:\Users\Public\Desktop\Play More Great Games!.url
[2010/07/29 02:30:34 | 000,082,944 | ---- | M] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2010/07/28 21:03:33 | 000,013,040 | ---- | M] () -- C:\Users\home\Documents\Peer Work Group Evaluation Forms.docx
[2010/07/28 20:52:21 | 000,007,742 | ---- | M] () -- C:\Users\home\Documents\peer2.pdf
[2010/07/28 15:17:04 | 000,284,915 | ---- | M] () -- C:\Users\home\Desktop\gmer (2).zip
[2010/07/28 15:03:57 | 000,525,824 | ---- | M] () -- C:\Users\home\Desktop\dds (1).scr
[2010/07/28 14:58:52 | 000,001,211 | ---- | M] () -- C:\Users\home\Desktop\cmd.exe.lnk
[2010/07/25 23:13:47 | 000,012,882 | ---- | M] () -- C:\Users\home\Documents\resume.docx
[2010/07/25 23:05:37 | 000,012,132 | ---- | M] () -- C:\Users\home\Documents\Position.docx
[2010/07/25 18:38:59 | 000,001,160 | ---- | M] () -- C:\Users\home\Desktop\Pogo Games.lnk
[2010/07/25 18:38:58 | 000,002,051 | ---- | M] () -- C:\Users\home\Desktop\Chuzzle.lnk
[2010/07/23 22:39:45 | 000,414,782 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20100802-204800.backup
[2010/07/23 22:38:46 | 000,414,782 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20100723-223945.backup
[2010/07/19 18:00:00 | 000,412,182 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20100723-223846.backup
[2010/07/18 22:20:01 | 000,412,182 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20100719-180000.backup
[2010/07/16 22:01:57 | 000,412,182 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20100718-222001.backup
[2010/07/16 21:08:51 | 000,001,264 | ---- | M] () -- C:\Users\home\Desktop\Spybot - Search & Destroy.lnk
[2010/07/16 13:14:22 | 000,524,288 | -HS- | M] () -- C:\ntuser.dat{9034305e-90f9-11df-9f6f-ccdf69f58418}.TMContainer00000000000000000002.regtrans-ms
[2010/07/16 13:14:22 | 000,524,288 | -HS- | M] () -- C:\ntuser.dat{9034305e-90f9-11df-9f6f-ccdf69f58418}.TMContainer00000000000000000001.regtrans-ms
[2010/07/16 13:14:22 | 000,262,144 | ---- | M] () -- C:\ntuser.dat
[2010/07/16 13:14:22 | 000,065,536 | -HS- | M] () -- C:\ntuser.dat{9034305e-90f9-11df-9f6f-ccdf69f58418}.TM.blf
[2010/07/16 13:14:21 | 000,524,288 | -HS- | M] () -- C:\ntuser.dat{9034305a-90f9-11df-9f6f-ccdf69f58418}.TMContainer00000000000000000002.regtrans-ms
[2010/07/16 13:14:21 | 000,524,288 | -HS- | M] () -- C:\ntuser.dat{9034305a-90f9-11df-9f6f-ccdf69f58418}.TMContainer00000000000000000001.regtrans-ms
[2010/07/16 13:14:21 | 000,065,536 | -HS- | M] () -- C:\ntuser.dat{9034305a-90f9-11df-9f6f-ccdf69f58418}.TM.blf
[4 C:\Users\home\Documents\*.tmp files -> C:\Users\home\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/08/14 10:24:09 | 000,000,162 | -H-- | C] () -- C:\Users\home\Documents\~$getarian Menu.docx
[2010/08/14 10:24:05 | 000,012,996 | ---- | C] () -- C:\Users\home\Documents\Vegetarian Menu.docx
[2010/08/13 17:10:47 | 000,002,525 | ---- | C] () -- C:\Users\Public\Desktop\SpongeBob SquarePants - Battle for Bikini Bottom.lnk
[2010/08/10 18:21:35 | 000,001,834 | ---- | C] () -- C:\Users\Public\Desktop\McAfee AntiVirus Plus.lnk
[2010/08/05 00:29:21 | 000,000,162 | -H-- | C] () -- C:\Users\home\Documents\~$mmteen.docx
[2010/08/04 23:14:01 | 000,030,143 | ---- | C] () -- C:\Users\home\Documents\commteen.docx
[2010/08/03 09:29:56 | 000,014,720 | ---- | C] () -- C:\Users\home\Documents\resumeandcoverletter.docx
[2010/08/03 09:20:39 | 000,012,314 | ---- | C] () -- C:\Users\home\Documents\Resumecleaning.docx
[2010/08/02 19:31:12 | 000,001,945 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/07/31 21:57:47 | 000,000,061 | ---- | C] () -- C:\Windows\wininit.ini
[2010/07/30 15:55:20 | 000,001,019 | ---- | C] () -- C:\Users\Public\Desktop\PMB.lnk
[2010/07/28 21:01:48 | 000,013,040 | ---- | C] () -- C:\Users\home\Documents\Peer Work Group Evaluation Forms.docx
[2010/07/28 20:52:21 | 000,007,742 | ---- | C] () -- C:\Users\home\Documents\peer2.pdf
[2010/07/28 15:17:04 | 000,284,915 | ---- | C] () -- C:\Users\home\Desktop\gmer (2).zip
[2010/07/28 15:03:57 | 000,525,824 | ---- | C] () -- C:\Users\home\Desktop\dds (1).scr
[2010/07/28 14:58:49 | 000,001,211 | ---- | C] () -- C:\Users\home\Desktop\cmd.exe.lnk
[2010/07/25 23:05:30 | 000,012,132 | ---- | C] () -- C:\Users\home\Documents\Position.docx
[2010/07/25 18:38:59 | 000,001,160 | ---- | C] () -- C:\Users\home\Desktop\Pogo Games.lnk
[2010/07/25 18:38:58 | 000,002,051 | ---- | C] () -- C:\Users\home\Desktop\Chuzzle.lnk
[2010/07/19 19:56:45 | 000,162,304 | ---- | C] () -- C:\Windows\SysWow64\ztvunrar36.dll
[2010/07/19 19:56:45 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\unrar3.dll
[2010/07/19 19:56:45 | 000,077,312 | ---- | C] () -- C:\Windows\SysWow64\ztvunace26.dll
[2010/07/19 19:56:45 | 000,075,264 | ---- | C] () -- C:\Windows\SysWow64\unacev2.dll
[2010/07/16 21:08:51 | 000,001,264 | ---- | C] () -- C:\Users\home\Desktop\Spybot - Search & Destroy.lnk
[2010/07/16 13:14:21 | 000,524,288 | -HS- | C] () -- C:\ntuser.dat{9034305e-90f9-11df-9f6f-ccdf69f58418}.TMContainer00000000000000000002.regtrans-ms
[2010/07/16 13:14:21 | 000,524,288 | -HS- | C] () -- C:\ntuser.dat{9034305e-90f9-11df-9f6f-ccdf69f58418}.TMContainer00000000000000000001.regtrans-ms
[2010/07/16 13:14:21 | 000,524,288 | -HS- | C] () -- C:\ntuser.dat{9034305a-90f9-11df-9f6f-ccdf69f58418}.TMContainer00000000000000000002.regtrans-ms
[2010/07/16 13:14:21 | 000,524,288 | -HS- | C] () -- C:\ntuser.dat{9034305a-90f9-11df-9f6f-ccdf69f58418}.TMContainer00000000000000000001.regtrans-ms
[2010/07/16 13:14:21 | 000,262,144 | ---- | C] () -- C:\ntuser.dat
[2010/07/16 13:14:21 | 000,065,536 | -HS- | C] () -- C:\ntuser.dat{9034305e-90f9-11df-9f6f-ccdf69f58418}.TM.blf
[2010/07/16 13:14:21 | 000,065,536 | -HS- | C] () -- C:\ntuser.dat{9034305a-90f9-11df-9f6f-ccdf69f58418}.TM.blf
[2010/05/06 15:36:23 | 000,000,000 | ---- | C] () -- C:\Windows\Setup32.INI
[2010/04/09 16:12:51 | 000,323,584 | ---- | C] () -- C:\Windows\SysWow64\FoxImager.dll
[2009/09/29 19:25:16 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL
[2009/07/30 21:58:42 | 000,000,326 | ---- | C] () -- C:\Windows\primopdf.ini
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

========== LOP Check ==========

[2010/06/30 21:09:55 | 000,000,000 | ---D | M] -- C:\Users\home\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/04/10 10:35:32 | 000,000,000 | ---D | M] -- C:\Users\home\AppData\Roaming\funkitron
[2010/02/14 23:14:08 | 000,000,000 | ---D | M] -- C:\Users\home\AppData\Roaming\GOL_byHasbro
[2010/02/22 18:15:01 | 000,000,000 | ---D | M] -- C:\Users\home\AppData\Roaming\HorizonWimba
[2010/06/05 20:39:44 | 000,000,000 | ---D | M] -- C:\Users\home\AppData\Roaming\LEGO Company
[2010/02/28 22:55:56 | 000,000,000 | ---D | M] -- C:\Users\home\AppData\Roaming\Nikon
[2010/07/28 15:57:31 | 000,000,000 | ---D | M] -- C:\Users\home\AppData\Roaming\Oberon Media
[2010/02/14 01:31:15 | 000,000,000 | ---D | M] -- C:\Users\home\AppData\Roaming\PictureMover
[2010/02/15 12:48:26 | 000,000,000 | ---D | M] -- C:\Users\home\AppData\Roaming\PlayFirst
[2010/07/09 21:32:43 | 000,000,000 | ---D | M] -- C:\Users\home\AppData\Roaming\PrimoPDF
[2010/06/27 10:09:55 | 000,000,000 | ---D | M] -- C:\Users\home\AppData\Roaming\SBTT
[2010/07/19 21:16:46 | 000,000,000 | ---D | M] -- C:\Users\home\AppData\Roaming\Simply Super Software
[2010/02/16 23:28:06 | 000,000,000 | ---D | M] -- C:\Users\home\AppData\Roaming\Template
[2010/02/15 19:16:25 | 000,000,000 | ---D | M] -- C:\Users\home\AppData\Roaming\Tific
[2010/03/30 09:17:16 | 000,000,000 | ---D | M] -- C:\Users\home\AppData\Roaming\TuneUp Software
[2010/04/28 19:35:16 | 000,000,000 | ---D | M] -- C:\Users\home\AppData\Roaming\Unity
[2010/02/14 01:33:43 | 000,000,000 | ---D | M] -- C:\Users\home\AppData\Roaming\WildTangent
[2010/07/10 11:54:30 | 000,000,000 | ---D | M] -- C:\Users\home\AppData\Roaming\WinBatch
[2010/08/05 09:13:18 | 000,032,636 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2010/08/02 20:22:44 | 000,017,692 | ---- | M] () -- C:\aaw7boot.log
[2010/07/10 12:12:28 | 000,000,125 | ---- | M] () -- C:\FINIS_IT.TXT
[2010/08/14 09:33:34 | 1508,761,600 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/12 18:45:35 | 006,250,002 | ---- | M] () -- C:\immudebug.log
[2006/12/02 03:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll
[2010/02/16 14:33:57 | 000,000,826 | ---- | M] () -- C:\net_save.dna
[2010/07/16 13:14:22 | 000,262,144 | ---- | M] () -- C:\ntuser.dat
[2010/07/16 13:14:22 | 000,005,120 | -HS- | M] () -- C:\ntuser.dat.LOG1
[2010/07/16 13:14:21 | 000,000,000 | -HS- | M] () -- C:\ntuser.dat.LOG2
[2010/07/16 13:14:21 | 000,065,536 | -HS- | M] () -- C:\ntuser.dat{9034305a-90f9-11df-9f6f-ccdf69f58418}.TM.blf
[2010/07/16 13:14:21 | 000,524,288 | -HS- | M] () -- C:\ntuser.dat{9034305a-90f9-11df-9f6f-ccdf69f58418}.TMContainer00000000000000000001.regtrans-ms
[2010/07/16 13:14:21 | 000,524,288 | -HS- | M] () -- C:\ntuser.dat{9034305a-90f9-11df-9f6f-ccdf69f58418}.TMContainer00000000000000000002.regtrans-ms
[2010/07/16 13:14:22 | 000,065,536 | -HS- | M] () -- C:\ntuser.dat{9034305e-90f9-11df-9f6f-ccdf69f58418}.TM.blf
[2010/07/16 13:14:22 | 000,524,288 | -HS- | M] () -- C:\ntuser.dat{9034305e-90f9-11df-9f6f-ccdf69f58418}.TMContainer00000000000000000001.regtrans-ms
[2010/07/16 13:14:22 | 000,524,288 | -HS- | M] () -- C:\ntuser.dat{9034305e-90f9-11df-9f6f-ccdf69f58418}.TMContainer00000000000000000002.regtrans-ms
[2010/08/14 11:13:00 | 2807,554,048 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\drivers\*.sys /90 >

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >

========== Alternate Data Streams ==========

@Alternate Data Stream - 149 bytes -> C:\ProgramData\Temp:4BB26BE9
@Alternate Data Stream - 149 bytes -> C:\ProgramData\Temp:10151AE6
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:38673444
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:D20FFA63
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:F3F95A98
< End of report >
[/code]

Extras.txt

[code=auto:0]OTL Extras logfile created on: 8/14/2010 11:20:16 AM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\home\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 64.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 288.27 Gb Total Space | 237.15 Gb Free Space | 82.27% Space Free | Partition Type: NTFS
Drive D: | 9.72 Gb Total Space | 1.42 Gb Free Space | 14.66% Space Free | Partition Type: NTFS
Drive E: | 683.29 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HOME-PC
Current User Name: home
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\home\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{175731F3-444F-45C3-960B-62692C78E539}" = K9 Web Protection
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{80D3CFFD-4CB5-47A1-8779-11A720A9ADB2}" = HP Deskjet D2600 Printer Driver Software 13.0 Rel .5
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{877924AA-E044-4266-B37D-E974CD799934}" = Bonjour
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{CA4AF936-3312-4AF4-A191-527531490DCD}" = Apple Mobile Device Support
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"LSI Soft Modem" = LSI PCI-SV92EX Soft Modem
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
"OfficeTrial" = Microsoft Office Home and Student 60 day trial
"PC-Doctor for Windows" = Hardware Diagnostic Tools
"RealVNC_is1" = VNC Enterprise Edition E4.5.1
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"VNCMirror_is1" = VNC Mirror Driver 1.8.0
"VNCPrinter_is1" = VNC Printer Driver 1.6.0
"WinRAR archiver" = WinRAR archiver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = MSN Toolbar
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{17B4760F-334B-475D-829F-1A3E94A6A4E6}" = HP Setup
"{1896E712-2B3D-45eb-BCE9-542742A51032}" = PictureMover
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{203E564A-51E6-44E5-9DF9-8D0AD66E401D}" = DJ_SF_05_D2600_Software_Min
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java™ 6 Update 20
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{775290AD-C54E-418C-9564-A10836F42C1C}" = D2600
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}" = Chuzzle
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ULTIMATER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ULTIMATER_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ULTIMATER_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_ULTIMATER_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_ULTIMATER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ULTIMATER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ULTIMATER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_ULTIMATER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002E-0000-0000-0000000FF1CE}" = Microsoft Office Ultimate 2007
"{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A65F7CF8-6F76-40CE-B44D-D5A89D9881C7}" = MSN Toolbar Platform
"{A7E6A962-C086-47E3-BAEC-9C84AF292820}" = SpongeBob SquarePants - Battle for Bikini Bottom
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.3
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C611CF88-969D-43E6-A877-D6D6439DD081}" = HP Remote Solution
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D45E8C45-B601-4A80-AFD8-E16338744DE1}" = ArcSoft Panorama Maker 4
"{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{D87149B3-7A1D-4548-9CBF-032B791E5908}" = Desktop Doctor
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E7C97E98-4C2D-BEAF-5D2F-CC45A2F95D90}" = Acrobat.com
"{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"ClueFinders 5th Grade Adventures" = ClueFinders 5th Grade Adventures
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"ComcastHSI" = Comcast High-Speed Internet Install Wizard
"Disney Toontown Online" = Disney Toontown Online
"HijackThis" = HijackThis 2.0.2
"HP Remote Solution" = HP Remote Solution
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"Konami Arcade" = Konami Arcade 1.1
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"MSC" = McAfee AntiVirus Plus
"New LEGO Digital Designer" = LEGO Digital Designer
"Plants vs. Zombies" = Plants vs. Zombies
"PrimoPDF" = PrimoPDF -- by Nitro PDF Software
"TuneUp Utilities" = TuneUp Utilities
"ULTIMATER" = Microsoft Office Ultimate 2007
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite_Wave3" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f031ef6ac137efc5" = Dell Driver Download Manager
"Google Chrome" = Google Chrome
"UnityWebPlayer" = Unity Web Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 8/7/2010 8:18:35 PM | Computer Name = home-PC | Source = VSS | ID = 13
Description =

Error - 8/7/2010 8:18:36 PM | Computer Name = home-PC | Source = VSS | ID = 8193
Description =

Error - 8/7/2010 8:18:36 PM | Computer Name = home-PC | Source = VSS | ID = 13
Description =

Error - 8/7/2010 8:18:36 PM | Computer Name = home-PC | Source = VSS | ID = 8193
Description =

Error - 8/7/2010 11:05:12 PM | Computer Name = home-PC | Source = SDWinSec.exe | ID = 0
Description =

Error - 8/8/2010 9:41:57 AM | Computer Name = home-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 8/8/2010 12:43:36 PM | Computer Name = home-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 8/8/2010 8:03:11 PM | Computer Name = home-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 15787

Error - 8/8/2010 8:03:11 PM | Computer Name = home-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 15787

Error - 8/8/2010 8:19:48 PM | Computer Name = home-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

[ Hewlett-Packard Events ]
Error - 2/21/2010 11:55:21 PM | Computer Name = home-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)

at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)

at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)

Error - 2/21/2010 11:55:22 PM | Computer Name = home-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)

at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)

at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)

Error - 4/18/2010 4:18:46 PM | Computer Name = home-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)

at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)

at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)

Error - 4/18/2010 4:18:47 PM | Computer Name = home-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)

at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)

at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)

Error - 5/7/2010 7:45:51 AM | Computer Name = home-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)

at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)

at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)

[ Media Center Events ]
Error - 5/30/2010 8:49:51 AM | Computer Name = home-PC | Source = MCUpdate | ID = 0
Description = 8:49:51 AM - Error connecting to the internet. 8:49:51 AM - Unable
to contact server..

Error - 5/30/2010 8:50:04 AM | Computer Name = home-PC | Source = MCUpdate | ID = 0
Description = 8:49:56 AM - Error connecting to the internet. 8:49:56 AM - Unable
to contact server..

Error - 5/30/2010 9:50:08 AM | Computer Name = home-PC | Source = MCUpdate | ID = 0
Description = 9:50:08 AM - Error connecting to the internet. 9:50:08 AM - Unable
to contact server..

Error - 5/30/2010 9:50:14 AM | Computer Name = home-PC | Source = MCUpdate | ID = 0
Description = 9:50:13 AM - Error connecting to the internet. 9:50:13 AM - Unable
to contact server..

Error - 5/30/2010 10:50:19 AM | Computer Name = home-PC | Source = MCUpdate | ID = 0
Description = 10:50:19 AM - Error connecting to the internet. 10:50:19 AM - Unable
to contact server..

Error - 5/30/2010 10:50:25 AM | Computer Name = home-PC | Source = MCUpdate | ID = 0
Description = 10:50:24 AM - Error connecting to the internet. 10:50:24 AM - Unable
to contact server..

Error - 5/30/2010 11:50:30 AM | Computer Name = home-PC | Source = MCUpdate | ID = 0
Description = 11:50:30 AM - Error connecting to the internet. 11:50:30 AM - Unable
to contact server..

Error - 5/30/2010 11:50:36 AM | Computer Name = home-PC | Source = MCUpdate | ID = 0
Description = 11:50:35 AM - Error connecting to the internet. 11:50:35 AM - Unable
to contact server..

Error - 7/9/2010 8:41:39 PM | Computer Name = home-PC | Source = MCUpdate | ID = 0
Description = 8:41:39 PM - Error connecting to the internet. 8:41:39 PM - Unable
to contact server..

Error - 7/9/2010 8:41:50 PM | Computer Name = home-PC | Source = MCUpdate | ID = 0
Description = 8:41:44 PM - Error connecting to the internet. 8:41:44 PM - Unable
to contact server..

[ System Events ]
Error - 6/10/2010 2:31:52 PM | Computer Name = home-PC | Source = Service Control Manager | ID = 7000
Description = The Power service failed to start due to the following error: %%3

Error - 6/11/2010 7:28:28 AM | Computer Name = home-PC | Source = DCOM | ID = 10010
Description =

Error - 6/13/2010 2:09:47 PM | Computer Name = home-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the Netman service.

Error - 6/13/2010 2:09:47 PM | Computer Name = home-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the lmhosts service.

Error - 6/13/2010 2:14:14 PM | Computer Name = home-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the ShellHWDetection service.

Error - 6/13/2010 3:39:08 PM | Computer Name = home-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the Netman service.

Error - 6/14/2010 12:01:48 PM | Computer Name = home-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the Netman service.

Error - 6/14/2010 3:52:14 PM | Computer Name = home-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 3:50:47 PM on ?6/?14/?2010 was unexpected.

Error - 6/14/2010 6:38:38 PM | Computer Name = home-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the Netman service.

Error - 6/14/2010 7:12:21 PM | Computer Name = home-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the ShellHWDetection service.


< End of report >

#7 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:10:16 PM

Posted 14 August 2010 - 11:08 AM

Kaspersky did not uninstall completely.
Please visit this web page > http://support.kaspersky.com/faq/?qid=208279463 and run the removal tool reboot and see if it is any better.
Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image

#8 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:10:16 PM

Posted 22 November 2010 - 07:10 PM

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member with address of this thread. This applies only to the original topic starter. Everyone else please begin a New Topic.
Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users