Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My computer keeps crashing, and won't let me log back on for a while


  • This topic is locked This topic is locked
7 replies to this topic

#1 kdr1080

kdr1080

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:05:10 AM

Posted 05 September 2010 - 02:00 PM

My computer crashes frequently, and won't let me log on for a long time. It was serviced last year or so for the fan heating up. So I've just bought another cool pad, and still it crashes. Since I've bought the chill pad day before yesteday, It has crashed a total of 5 times. So I spray the fan with cleaner duster, cause its cold, and it ususally lets me log right back on. But last nite even this fix didn't work. I hope someone out there nows how I can fix it.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 2/5/2008 1:52:34 PM
System Uptime: 9/4/2010 9:42:46 PM (6 hours ago)

Motherboard: Quanta | | 30CF
Processor: AMD Athlon™ 64 X2 Dual-Core Processor TK-57 | Socket S1 | 1600/200mhz

==== Disk Partitions =========================

plus I used the defrogger thingy to disable my cd

C: is FIXED (NTFS) - 137 GiB total, 20.674 GiB free.
D: is FIXED (NTFS) - 12 GiB total, 1.361 GiB free.
E: is CDROM (UDF)
G: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================


==== Installed Programs ======================

ABBYY FineReader 6.0 Sprint
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3.4
Adobe Shockwave Player
Adobe Shockwave Player 11.5
American National
Atheros Driver Installation Program
Bejeweled Blitz
Cards_Calendar_OrderGift_DoMorePlugout
Cobian Backup 10
Conexant HD Audio
DVD Suite
EA Link
Eclipse Illustration Software
Encoder Pro v5.4.1
EPSON Scan
EPSON Stylus NX400 Series Printer Uninstall
ESU for Microsoft Vista
ForeSight
Free Ride Games Player
GoToMeeting 4.5.0.457
Hauppauge MCE XP/Vista Software Encoder (2.0.25149)
HDAUDIO Soft Data Fax Modem with SmartCP
Hewlett-Packard Active Check
Hewlett-Packard Asset Agent for Health Check
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Customer Experience Enhancements
HP Doc Viewer
HP Easy Setup - Frontend
HP Games
HP Help and Support
HP Photosmart Essential 2.5
HP Quick Launch Buttons 6.30 E1
HP QuickPlay 3.6
HP QuickTouch 1.00 C4
HP Smart Web Printing 4.60
HP Total Care Advisor
HP Update
HP User Guides 0087
HP Wireless Assistant
HPNetworkAssistant
HPPhotoSmartDiscLabel_PaperLabel
HPPhotoSmartDiscLabel_PrintOnDisc
HPPhotoSmartDiscLabel_Tattoo
HPPhotoSmartDiscLabelContent1
hpphotosmartdisclabelplugin
HPPhotoSmartPhotobookHolidayPack1
HPPhotoSmartPhotobookModernPack1
HPPhotoSmartPhotobookPlayfulPack1
HPPhotoSmartPhotobookScrapbookPack1
HPPhotoSmartPhotobookWebPack1
IC Solutions
IDM Flash 4.4.0.468
IIS 15.1
ING Presents
Ingram Media Manager
Java Auto Updater
Java™ 6 Update 2
Java™ 6 Update 20
Jewel Quest Mysteries 2 Trail of the Midnight Heart
Lexmark 2600 Series
Lexmark Fax Solutions
LPES Desktop - ANICO
LPES Desktop - ASR
Medical Terminology for Health Professions
MessageMagic
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Antimalware
Microsoft Calculator Plus
Microsoft Office 2000 Professional
Microsoft Office 2003 Web Components
Microsoft Office Access Runtime (English) 2007
Microsoft Security Essentials
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server Native Client
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Works
MOSS v2.0
MSCU for Microsoft Vista
MSN
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NBC Direct
NetLibrary Download Manager
NetLibrary Media Center
NVIDIA Drivers
OGA Notifier 2.0.0048.0
PdaNet for Windows Mobile 2.0
PSSWCORE
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
Skype™ 4.2
SmartWebPrinting
Synaptics Pointing Device Driver
The Anthem Blue Cross Agent Assistant
the InsMark Datafile Update
TypingMaster Pro
Uniblue RegistryBooster
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
VideoToolkit01
VLC media player 1.0.1
Vuze
Vuze_Remote Toolbar
Wealth Preservation Video
WeatherBug Gadget
Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/11/2009 2.0.0010.00002)
Windows Live ID Sign-in Assistant
Windows Media Player Firefox Plugin

==== End Of File ===========================



DDS (Ver_10-03-17.01) - NTFSx86
Run by Kim at 3:43:31.71 on Sun 09/05/2010
Internet Explorer: 8.0.6001.18943 BrowserJavaVersion: 1.6.0_20
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1982.757 [GMT -7:00]

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\lxdncoms.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k SDRSVC
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
C:\Program Files\PopCap Games\Bejeweled Blitz\BejBlitz.exe
C:\ProgramData\PopCap Games\BejeweledBlitz\popcapgame1.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Cobian Backup 10\cbVSCService.exe
C:\Program Files\Cobian Backup 10\Cobian.exe
C:\Program Files\Cobian Backup 10\cbInterface.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Program Files\Internet Explorer\iexplore.exe
c:\Program Files\Microsoft Security Essentials\MpCmdRun.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\Kim\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = about:blank
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Unknown&pf=laptop
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Unknown&pf=laptop
uURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\tbVuze.dll
mURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\tbVuze.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No File
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\tbVuze.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
TB: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\tbVuze.dll
TB: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [RegistryBooster] "c:\program files\uniblue\registrybooster\launcher.exe" delay 20000
uRun: [Cobian Backup 10] "c:\program files\cobian backup 10\Cobian.exe"
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
dRun: [Exetender] "c:\program files\free ride games\GPlayer.exe" /runonstartup
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
Trusted Zone: experienceretirement.com\www
Trusted Zone: investprogram.com\www
Trusted Zone: nationallife.com\www
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\message magic\messagemagic\Skype4COM.dll

============= SERVICES / DRIVERS ===============

R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-3-25 151216]
R2 X4HSEx;X4HSEx;c:\program files\free ride games\X4HSEx.sys [2010-9-4 56352]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-3-25 42368]
R3 pnetmdm;PdaNet Modem;c:\windows\system32\drivers\pnetmdm.sys [2010-3-24 9472]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 qrkis;Tether Miniport;c:\windows\system32\drivers\qrkis.sys [2010-3-16 45608]

=============== Created Last 30 ================

2010-09-05 10:39:13 0 -c--a-w- c:\users\kim\defogger_reenable
2010-09-05 10:31:51 0 dc----w- C:\c 2010-09-05 03;31;51
2010-09-05 10:04:59 0 dc----w- c:\program files\Cobian Backup 10
2010-09-04 23:24:36 0 dc----w- c:\windows\pss
2010-09-04 23:20:17 65536 -c--a-w- c:\windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx
2010-09-04 23:20:17 196608 -c--a-w- c:\windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf
2010-09-04 23:20:16 3276800 -c--a-w- c:\windows\ocsetup_install_MicrosoftWindowsPowerShell.etl
2010-09-04 23:20:10 0 dc----w- c:\program files\Microsoft ATS
2010-09-04 22:58:37 0 dc----w- c:\users\kim\appdata\roaming\Uniblue
2010-09-04 22:58:29 0 dc----w- c:\program files\Uniblue
2010-09-04 20:26:43 17542 -c----w- c:\windows\FRGN.ico
2010-09-04 20:26:42 64 -c--a-w- c:\windows\GPlrLanc.dat
2010-09-04 20:26:38 0 dc----w- C:\Remote Programs
2010-09-04 20:26:35 0 dc----w- c:\programdata\Free Ride Games
2010-09-04 20:26:28 53314 -c----w- c:\windows\ExentInfo.exe
2010-09-04 20:26:23 0 dc----w- c:\program files\Free Ride Games
2010-09-01 18:29:46 0 dc----w- c:\program files\Microsoft Security Essentials
2010-08-31 19:11:52 0 dc----w- c:\users\kim\appdata\roaming\Message Magic
2010-08-31 18:42:59 0 dc----w- c:\program files\Message Magic
2010-08-31 03:49:07 0 dc----w- c:\users\kim\appdata\roaming\FaxCtr
2010-08-23 22:47:38 0 dc----w- c:\users\kim\appdata\roaming\Lexmark Productivity Studio
2010-08-23 22:38:36 45056 -c--a-w- c:\windows\system32\LXF3PMON.DLL
2010-08-23 22:38:36 32768 -c--a-w- c:\windows\system32\LXF3FXPU.DLL
2010-08-23 22:38:15 98345 -c--a-w- c:\windows\system32\IMHOST32.DLL
2010-08-23 22:38:15 53248 -c--a-w- c:\windows\system32\lxf3oem.dll
2010-08-23 22:38:15 49152 -c--a-w- c:\windows\system32\IM31IMG.DIL
2010-08-23 22:38:15 12288 -c--a-w- c:\windows\system32\LXF3PMRC.DLL
2010-08-23 22:38:04 0 dc----w- c:\programdata\FaxCtr
2010-08-23 22:37:40 0 dc----w- c:\program files\Lexmark Fax Solutions
2010-08-23 22:33:25 0 dc----w- c:\program files\Abbyy FineReader 6.0 Sprint
2010-08-23 22:26:40 1645320 -c--a-w- c:\windows\system32\gdiplus.dll
2010-08-23 22:25:29 17064 -c--a-w- c:\windows\system32\lxdnwupd.exe
2010-08-23 22:25:29 102400 -c--a-w- c:\windows\system32\lxdnwupd.dll
2010-08-23 22:25:25 44 -c--a-w- c:\windows\system32\lxdnrwrd.ini
2010-08-23 22:23:36 0 dc----w- c:\program files\Lexmark 2600 Series
2010-08-16 18:50:47 173056 -c--a-w- c:\windows\system32\Vpmsdl32.dll
2010-08-16 18:50:44 361384 -c--a-w- c:\windows\system32\SigPlus.ocx
2010-08-16 18:50:12 0 dc----w- c:\users\kim\appdata\roaming\WinFlex 6
2010-08-16 18:49:15 602112 -c----w- c:\windows\system32\ULEngine.dll
2010-08-16 18:49:07 33 -c--a-w- c:\windows\Utdsysap.ini
2010-08-16 18:49:07 101 -c--a-w- c:\windows\applink.ini
2010-08-16 18:48:53 0 dc----w- C:\WinFlex6
2010-08-16 18:48:47 0 -c--a-w- c:\windows\tmp.ini
2010-08-16 18:48:46 306688 -c--a-w- c:\windows\IsUninst.exe
2010-08-15 01:47:25 0 dc----w- c:\program files\common files\InterlinkElectronics
2010-08-15 01:47:20 0 dc----w- c:\program files\common files\Fipsco Shared
2010-08-15 01:45:03 0 dc----w- c:\program files\common files\Software FX Shared
2010-08-14 23:35:18 0 dc----w- c:\program files\Microsoft SQL Server Compact Edition
2010-08-14 07:03:52 0 dc----w- c:\programdata\Allstate
2010-08-14 07:03:52 0 dc----w- c:\program files\Allstate
2010-08-13 04:23:00 0 dc----w- c:\program files\PopCap Games
2010-08-13 02:28:01 766 -c--a-w- c:\windows\system32\ALICON.ico
2010-08-13 02:14:17 0 dc----w- c:\program files\common files\Insurance Technologies
2010-08-13 02:14:14 0 dc----w- c:\program files\common files\Datadynamics
2010-08-13 02:13:57 200496 -c--a-w- c:\windows\system32\Dblist32.ocx
2010-08-13 02:13:57 165648 -c--a-w- c:\windows\system32\Mstext35.dll
2010-08-13 02:13:54 415504 -c--a-w- c:\windows\system32\Msrepl35.dll
2010-08-13 02:13:54 123664 -c--a-w- c:\windows\system32\Msjint35.dll
2010-08-13 02:13:53 252176 -c--a-w- c:\windows\system32\Msrd2x35.dll
2010-08-13 02:13:53 24848 -c--a-w- c:\windows\system32\Msjter35.dll
2010-08-13 02:13:53 1046288 -c--a-w- c:\windows\system32\Msjet35.dll
2010-08-13 02:13:51 0 dc----w- c:\program files\ForeSight
2010-08-13 02:08:05 0 dc----w- c:\windows\system32\URTTEMP
2010-08-12 04:04:58 302080 -c--a-w- c:\windows\system32\drivers\srv.sys
2010-08-12 04:04:58 144896 -c--a-w- c:\windows\system32\drivers\srv2.sys
2010-08-12 04:04:55 905088 -c--a-w- c:\windows\system32\drivers\tcpip.sys
2010-08-11 23:54:11 0 dc----w- c:\program files\Bing Bar Installer
2010-08-10 00:09:11 71680 -c--a-w- c:\windows\system32\escwiad.dll
2010-08-10 00:09:03 0 dc----w- c:\program files\epson
2010-08-09 23:48:54 86528 -c--a-w- c:\windows\system32\E_FLBEGA.DLL
2010-08-09 23:48:52 78848 -c--a-w- c:\windows\system32\E_FD4BEGA.DLL
2010-08-09 23:48:30 0 dc----w- c:\programdata\EPSON

==================== Find3M ====================

2010-09-03 08:55:48 253909 -c--a-w- c:\programdata\nvModes.dat
2010-08-23 22:52:32 51200 ----a-w- c:\windows\inf\infpub.dat
2010-08-23 22:52:32 143360 ----a-w- c:\windows\inf\infstrng.dat
2010-08-23 22:52:23 143360 ----a-w- c:\windows\inf\infstor.dat
2010-08-23 21:30:25 1226 -c--a-w- c:\users\kim\appdata\roaming\wklnhst.dat
2010-06-26 06:05:49 916480 -c--a-w- c:\windows\system32\wininet.dll
2010-06-26 06:02:15 71680 -c--a-w- c:\windows\system32\iesetup.dll
2010-06-26 06:02:15 109056 -c--a-w- c:\windows\system32\iesysprep.dll
2010-06-26 04:25:02 133632 -c--a-w- c:\windows\system32\ieUnatt.exe
2010-06-24 23:58:18 72080 -c--a-w- c:\users\kim\g2mdlhlpx.exe
2010-06-21 13:37:03 2037760 -c--a-w- c:\windows\system32\win32k.sys
2010-06-18 17:31:29 36864 -c--a-w- c:\windows\system32\rtutils.dll
2010-06-11 16:16:20 274944 -c--a-w- c:\windows\system32\schannel.dll
2010-06-11 16:15:06 1248768 -c--a-w- c:\windows\system32\msxml3.dll
2010-06-08 17:35:04 3548040 -c--a-w- c:\windows\system32\ntoskrnl.exe
2010-06-08 17:35:03 3600768 -c--a-w- c:\windows\system32\ntkrnlpa.exe
2010-01-09 09:44:02 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-12-30 18:54:51 174 --sha-w- c:\program files\desktop.ini
2006-11-02 12:42:02 30674 -c--a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:42:02 30674 -c--a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 12:42:02 287440 -c--a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:42:02 287440 -c--a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 09:20:21 287440 -c--a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 -c--a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 -c--a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 -c--a-w- c:\windows\inf\perflib\0000\perfc.dat
1998-12-09 09:53:54 99840 -c--a-w- c:\program files\common files\IRAABOUT.DLL
1998-12-09 09:53:54 70144 -c--a-w- c:\program files\common files\IRAMDMTR.DLL
1998-12-09 09:53:54 48640 -c--a-w- c:\program files\common files\IRALPTTR.DLL
1998-12-09 09:53:54 31744 -c--a-w- c:\program files\common files\IRAWEBTR.DLL
1998-12-09 09:53:54 186368 -c--a-w- c:\program files\common files\IRAREG.DLL
1998-12-09 09:53:54 17920 -c--a-w- c:\program files\common files\IRASRIAL.DLL
2010-01-30 02:36:41 245760 --sha-w- c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\ietldcache\index.dat

============= FINISH: 3:45:49.63 ===============





Attached Files

  • Attached File  ark.txt   15.29KB   1 downloads


BC AdBot (Login to Remove)

 


#2 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,824 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:01:10 PM

Posted 13 September 2010 - 04:26 AM

Hello ,
And welcome.gif to the Bleeping Computer Malware Removal Forum
. My name is Elise and I'll be glad to help you with your computer problems.


I will be working on your malware issues, this may or may not solve other issues you may have with your machine.

Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.
  • The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen.
  • Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic.
  • The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.
  • Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.
You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.
-----------------------------------------------------------

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

If you have already posted a log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Quick Scan button.
  • Two reports will open, copy and paste them in a reply here:
    • OTListIt.txt <-- Will be opened
    • Extra.txt <-- Will be minimized

Please download Rootkit Unhooker and save it to your Desktop
  • Double-click on RKUnhookerLE to run it
  • Click the Report tab, then click Scan
  • Check Drivers, Stealth and uncheck the rest
  • Click OK
  • Wait until it's finished and then go to File > Save Report
  • Save the report to your Desktop
Copy the entire contents of the report and paste it in a reply here.

Note - you may get this warning it is ok, just ignore: "Rootkit Unhooker has detected a parasite inside itself!
It is recommended to remove parasite, okay?"


-------------------------------------------------------------
In the meantime please, do NOT install any new programs or update anything unless told to do so while we are fixing your problem

If you still need help, please include the following in your next reply
  • A detailed description of your problems
  • A new OTL log (don't forget extra.txt)
  • RKU log

Thanks and again sorry for the delay.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#3 kdr1080

kdr1080
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:05:10 AM

Posted 13 September 2010 - 12:30 PM

Thanks Elise for getting back to me,
Here is the info you asked for. My computer seems to have an overheating problem. but I got a chill pad for it and it still shuts down frequently, and will not let me back on for awhile.




OTL logfile created on: 9/13/2010 10:07:32 AM - Run 1
OTL by OldTimer - Version 3.2.12.0 Folder = C:\Users\Kim\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 46.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 70.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 137.12 Gb Total Space | 17.60 Gb Free Space | 12.84% Space Free | Partition Type: NTFS
Drive D: | 11.93 Gb Total Space | 1.50 Gb Free Space | 12.55% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 7.45 Gb Total Space | 4.47 Gb Free Space | 59.96% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: KIM-PC
Current User Name: Kim
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/09/13 10:06:20 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Users\Kim\Desktop\OTL.exe
PRC - [2010/09/13 10:01:35 | 004,146,552 | -H-- | M] () -- C:\ProgramData\PopCap Games\BejeweledBlitz\popcapgame1.exe
PRC - [2010/07/13 10:53:20 | 003,152,384 | ---- | M] (Luis Cobian, CobianSoft) -- C:\Program Files\Cobian Backup 10\cbInterface.exe
PRC - [2010/07/13 10:53:18 | 000,421,376 | ---- | M] (Luis Cobian, CobianSoft) -- C:\Program Files\Cobian Backup 10\Cobian.exe
PRC - [2010/07/13 10:45:40 | 000,067,584 | ---- | M] (CobianSoft, Luis Cobian) -- C:\Program Files\Cobian Backup 10\cbVSCService.exe
PRC - [2010/06/28 17:30:50 | 001,833,224 | ---- | M] () -- C:\Program Files\PopCap Games\Bejeweled Blitz\BejBlitz.exe
PRC - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009/08/18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/27 16:07:26 | 000,594,600 | ---- | M] ( ) -- C:\WINDOWS\System32\lxdncoms.exe


========== Modules (SafeList) ==========

MOD - [2010/09/13 10:06:20 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Users\Kim\Desktop\OTL.exe
MOD - [2009/04/10 23:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008/01/19 00:33:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - [2010/07/13 10:45:40 | 000,067,584 | ---- | M] (CobianSoft, Luis Cobian) [Auto | Running] -- C:\Program Files\Cobian Backup 10\cbVSCService.exe -- (cbVSCService)
SRV - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/09/24 18:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\FntCache.dll -- (FontCache)
SRV - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2008/02/27 16:07:26 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxdncoms.exe -- (lxdn_device)
SRV - [2008/01/19 00:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/03/05 11:30:06 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\wlusb51.sys -- (WLAN3DSPUSBXP)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Kim\AppData\Local\Temp\vdsdk.sys -- (VDSDK)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\VcommMgr.sys -- (VcommMgr)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\VComm.sys -- (VComm)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\SymIM.sys -- (SymIMMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\SymIM.sys -- (SymIM)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\BTHidMgr.sys -- (BTHidMgr)
DRV - File not found [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\vbtenum.sys -- (BTHidEnum)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\btcusb.sys -- (Btcsrusb)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\btnetdrv.sys -- (BT)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\BlueToothUsb_vst.sys -- (BlueToothUsb)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\blueletaudio.sys -- (BlueletAudio)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2010/03/25 21:30:22 | 000,151,216 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\MpFilter.sys -- (MpFilter)
DRV - [2010/03/25 21:30:22 | 000,042,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010/03/10 21:02:38 | 000,056,352 | ---- | M] (Exent Technologies Ltd.) [Kernel | Auto | Running] -- C:\Program Files\Free Ride Games\X4HSEx.sys -- (X4HSEx)
DRV - [2009/10/16 09:22:58 | 000,045,608 | ---- | M] (Tether) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\qrkis.sys -- (qrkis)
DRV - [2009/04/10 21:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/12/04 03:42:00 | 007,606,688 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007/09/15 01:50:56 | 000,191,408 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2007/09/09 15:12:28 | 000,176,640 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CHDART.sys -- (HdAudAddService)
DRV - [2007/07/11 11:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HpqRemHid.sys -- (HpqRemHid)
DRV - [2007/07/10 07:27:56 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/06/20 04:29:56 | 000,984,064 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2007/06/20 04:28:34 | 000,208,896 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2007/06/20 04:28:22 | 000,660,480 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2007/06/18 18:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007/05/30 16:40:42 | 000,735,232 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\athr.sys -- (athr)
DRV - [2007/03/21 23:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/03/06 19:15:58 | 001,059,112 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007/02/24 15:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/02/16 14:50:32 | 000,012,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007/01/23 17:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/02 02:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 02:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 02:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 02:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 02:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 02:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 02:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 02:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 02:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 02:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 02:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 02:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 02:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 02:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 02:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 02:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 02:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 02:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 02:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 02:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 02:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 02:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 02:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 02:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 02:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 02:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 02:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 02:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 02:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 02:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 02:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 02:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 02:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/02 02:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 02:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 01:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 01:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 01:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 01:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 01:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 01:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 00:41:49 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2006/11/02 00:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 00:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2006/11/02 00:30:53 | 000,464,384 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\BCMWL6.SYS -- (BCM43XV)
DRV - [2006/10/18 19:10:57 | 001,380,864 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\igdkmd32.sys -- (ialm)
DRV - [2006/09/28 15:32:14 | 000,009,472 | ---- | M] (June Fabrics Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\pnetmdm.sys -- (pnetmdm)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.)


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2689289883-589722038-3047934647-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2689289883-589722038-3047934647-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKU\S-1-5-21-2689289883-589722038-3047934647-1000\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2689289883-589722038-3047934647-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\flashplugin@idm: C:\Users\Kim\AppData\Roaming\IDM\bin\flash [2010/08/06 22:01:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/05/14 22:33:19 | 000,000,000 | ---D | M]

[2010/08/31 11:37:59 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/06/10 22:44:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/08/03 16:07:42 | 000,373,104 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll

O1 HOSTS File: ([2010/04/19 21:37:42 | 000,000,792 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2689289883-589722038-3047934647-1000\..\Toolbar\WebBrowser: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No CLSID value found.
O3 - HKU\S-1-5-21-2689289883-589722038-3047934647-1000\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O4 - HKU\.DEFAULT..\Run: [Exetender] C:\Program Files\Free Ride Games\GPlayer.exe (Exent Technologies Ltd.)
O4 - HKU\S-1-5-18..\Run: [Exetender] C:\Program Files\Free Ride Games\GPlayer.exe (Exent Technologies Ltd.)
O4 - HKU\S-1-5-19..\Run: [Exetender] C:\Program Files\Free Ride Games\GPlayer.exe (Exent Technologies Ltd.)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Exetender] C:\Program Files\Free Ride Games\GPlayer.exe (Exent Technologies Ltd.)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2689289883-589722038-3047934647-1000..\Run: [Cobian Backup 10] C:\Program Files\Cobian Backup 10\Cobian.exe (Luis Cobian, CobianSoft)
O4 - HKU\S-1-5-21-2689289883-589722038-3047934647-1000..\Run: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\launcher.exe File not found
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-21-2689289883-589722038-3047934647-1000\..Trusted Domains: experienceretirement.com ([www] http in Trusted sites)
O15 - HKU\S-1-5-21-2689289883-589722038-3047934647-1000\..Trusted Domains: investprogram.com ([www] http in Trusted sites)
O15 - HKU\S-1-5-21-2689289883-589722038-3047934647-1000\..Trusted Domains: nationallife.com ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-2689289883-589722038-3047934647-1000\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownlo...sreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Message Magic\MessageMagic\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-2689289883-589722038-3047934647-1000 Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\HPRadiance.jpg
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\HPRadiance.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/12/05 21:36:21 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 08:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/09/13 10:06:09 | 000,576,000 | ---- | C] (OldTimer Tools) -- C:\Users\Kim\Desktop\OTL.exe
[2010/09/12 22:01:07 | 000,000,000 | ---D | C] -- C:\Users\Kim\Desktop\Downloads
[2010/09/08 10:07:54 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010/09/08 09:49:35 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2010/09/08 04:21:04 | 000,000,000 | ---D | C] -- C:\c 2010-09-08 04;21;04
[2010/09/07 19:19:39 | 000,000,000 | ---D | C] -- C:\Users\Kim\Documents\Cengage Delmar Learning
[2010/09/05 03:54:21 | 000,093,056 | ---- | C] (GMER) -- C:\uwldqpow.sys
[2010/09/05 03:31:51 | 000,000,000 | ---D | C] -- C:\c 2010-09-05 03;31;51
[2010/09/05 03:06:28 | 000,000,000 | ---D | C] -- C:\Users\Kim\AppData\Local\Safe mirror
[2010/09/05 03:04:59 | 000,000,000 | ---D | C] -- C:\Program Files\Cobian Backup 10
[2010/09/04 16:24:37 | 000,000,000 | ---D | C] -- C:\Users\Kim\AppData\Local\ElevatedDiagnostics
[2010/09/04 16:24:36 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010/09/04 16:22:30 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2010/09/04 16:20:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ATS
[2010/09/04 15:58:37 | 000,000,000 | ---D | C] -- C:\Users\Kim\AppData\Roaming\Uniblue
[2010/09/04 15:49:22 | 000,000,000 | ---D | C] -- C:\Users\Kim\AppData\Local\ABBYY
[2010/09/04 13:26:38 | 000,000,000 | ---D | C] -- C:\Remote Programs
[2010/09/04 13:26:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Free Ride Games
[2010/09/04 13:26:28 | 000,053,314 | ---- | C] (Exent Technologies Ltd.) -- C:\Windows\ExentInfo.exe
[2010/09/04 13:26:23 | 000,000,000 | ---D | C] -- C:\Program Files\Free Ride Games
[2010/09/02 09:28:59 | 000,000,000 | ---D | C] -- C:\Users\Kim\AppData\Roaming\GTek
[2010/09/01 11:29:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials
[2010/08/31 12:11:52 | 000,000,000 | ---D | C] -- C:\Users\Kim\AppData\Roaming\Message Magic
[2010/08/31 11:42:59 | 000,000,000 | ---D | C] -- C:\Program Files\Message Magic
[2010/08/30 20:49:07 | 000,000,000 | ---D | C] -- C:\Users\Kim\AppData\Roaming\FaxCtr
[2010/08/23 15:47:38 | 000,000,000 | ---D | C] -- C:\Users\Kim\AppData\Roaming\Lexmark Productivity Studio
[2010/08/23 15:38:15 | 000,098,345 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\System32\IMHOST32.DLL
[2010/08/23 15:38:15 | 000,049,152 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\System32\IM31IMG.DIL
[2010/08/23 15:38:04 | 000,000,000 | ---D | C] -- C:\ProgramData\FaxCtr
[2010/08/23 15:37:40 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark Fax Solutions
[2010/08/23 15:33:25 | 000,000,000 | ---D | C] -- C:\Program Files\Abbyy FineReader 6.0 Sprint
[2010/08/23 15:24:09 | 000,438,272 | ---- | C] ( ) -- C:\Windows\System32\LXDNhcp.dll
[2010/08/23 15:24:09 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxdninpa.dll
[2010/08/23 15:24:09 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxdniesc.dll
[2010/08/23 15:24:08 | 001,101,824 | ---- | C] ( ) -- C:\Windows\System32\lxdnserv.dll
[2010/08/23 15:24:08 | 000,843,776 | ---- | C] ( ) -- C:\Windows\System32\lxdnusb1.dll
[2010/08/23 15:24:07 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\lxdnprox.dll
[2010/08/23 15:24:06 | 000,647,168 | ---- | C] ( ) -- C:\Windows\System32\lxdnpmui.dll
[2010/08/23 15:24:06 | 000,569,344 | ---- | C] ( ) -- C:\Windows\System32\lxdnlmpm.dll
[2010/08/23 15:24:05 | 000,663,552 | ---- | C] ( ) -- C:\Windows\System32\lxdnhbn3.dll
[2010/08/23 15:24:05 | 000,320,168 | ---- | C] ( ) -- C:\Windows\System32\lxdnih.exe
[2010/08/23 15:24:03 | 000,594,600 | ---- | C] ( ) -- C:\Windows\System32\lxdncoms.exe
[2010/08/23 15:24:02 | 000,851,968 | ---- | C] ( ) -- C:\Windows\System32\lxdncomc.dll
[2010/08/23 15:24:02 | 000,376,832 | ---- | C] ( ) -- C:\Windows\System32\lxdncomm.dll
[2010/08/23 15:24:02 | 000,365,224 | ---- | C] ( ) -- C:\Windows\System32\lxdncfg.exe
[2010/08/23 15:23:36 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark 2600 Series
[2010/08/16 11:50:47 | 000,173,056 | ---- | C] (CSC SoftwareConsult GmbH & Co. OHG) -- C:\Windows\System32\Vpmsdl32.dll
[2010/08/16 11:50:44 | 000,361,384 | ---- | C] (DSSoft.com) -- C:\Windows\System32\SigPlus.ocx
[2010/08/16 11:50:12 | 000,000,000 | ---D | C] -- C:\Users\Kim\AppData\Roaming\WinFlex 6
[2010/08/16 11:49:15 | 000,602,112 | ---- | C] (FIPSCO) -- C:\Windows\System32\ULEngine.dll
[2010/08/16 11:48:53 | 000,000,000 | ---D | C] -- C:\WinFlex6
[2010/08/14 18:47:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InterlinkElectronics
[2010/08/14 18:47:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Fipsco Shared
[2010/08/14 18:45:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Software FX Shared
[2010/08/14 18:45:03 | 000,000,000 | ---D | C] -- C:\Fiserv Life Portraits
[2010/08/14 18:45:02 | 000,339,968 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\System32\imgman32.dll
[2010/08/14 18:45:02 | 000,098,304 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\System32\IM31xpng.del
[2010/08/14 18:45:02 | 000,069,632 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\System32\IM31xtif.del
[2010/08/14 18:45:02 | 000,057,344 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\System32\IM31xpcx.del
[2010/08/14 18:45:01 | 000,159,744 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\System32\IM31jpg.dil
[2010/08/14 18:45:01 | 000,122,880 | ---- | C] (Informatics, Inc.) -- C:\Windows\System32\bcxl32.dll
[2010/08/14 18:45:01 | 000,069,632 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\System32\IM31png.dil
[2010/08/14 18:45:01 | 000,069,632 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\System32\IM31eps.dil
[2010/08/14 18:45:01 | 000,061,440 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\System32\IM31xeps.del
[2010/08/14 18:45:01 | 000,057,344 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\System32\IM31xdcx.del
[2010/08/14 18:45:01 | 000,053,248 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\System32\IM31wmf.dil
[2010/08/14 18:45:01 | 000,049,152 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\System32\IM31xbmp.del
[2010/08/14 18:45:00 | 000,244,224 | ---- | C] (Informatics, Inc.) -- C:\Windows\System32\bcdr32.dll
[2010/08/14 18:45:00 | 000,160,976 | ---- | C] (Mabry Software, Inc.) -- C:\Windows\System32\SMTPX.DLL
[2010/08/14 18:45:00 | 000,156,880 | ---- | C] (Mabry Software, Inc.) -- C:\Windows\System32\MIMEX.DLL
[2010/08/14 18:45:00 | 000,152,592 | ---- | C] (Mabry Software, Inc.) -- C:\Windows\System32\ENCODEX.DLL
[2010/08/14 18:45:00 | 000,099,352 | ---- | C] (Mabry Software, Inc.) -- C:\Windows\System32\MABRYOBJ.DLL
[2010/08/14 16:35:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2010/08/14 00:08:24 | 000,000,000 | ---D | C] -- C:\Users\Kim\AppData\Local\Allstate
[2010/08/14 00:03:52 | 000,000,000 | ---D | C] -- C:\Users\Kim\Documents\Eclipse
[2010/08/14 00:03:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Allstate
[2010/08/14 00:03:52 | 000,000,000 | ---D | C] -- C:\Program Files\Allstate
[2010/08/12 21:23:00 | 000,000,000 | ---D | C] -- C:\Program Files\PopCap Games
[2010/08/12 19:20:11 | 000,000,000 | ---D | C] -- C:\Users\Kim\AppData\Local\ApplicationHistory
[2010/08/12 19:14:21 | 000,061,440 | ---- | C] (Blue Sky Software Corporation) -- C:\Windows\System32\RHGBTN32.dll
[2010/08/12 19:14:20 | 000,049,152 | ---- | C] (Blue Sky Software Corporation.) -- C:\Windows\System32\inetwh32.dll
[2010/08/12 19:14:19 | 000,183,808 | ---- | C] (Blue Sky Software Corporation) -- C:\Windows\System32\Csh.dll
[2010/08/12 19:14:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Insurance Technologies
[2010/08/12 19:14:14 | 001,412,096 | ---- | C] (Sybase, Visual Components) -- C:\Windows\System32\Vcfi5.ocx
[2010/08/12 19:14:14 | 000,441,856 | ---- | C] (Sybase, Visual Components) -- C:\Windows\System32\Vcfiwz5.dll
[2010/08/12 19:14:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Datadynamics
[2010/08/12 19:14:13 | 001,400,832 | ---- | C] (Tidestone Technologies, Inc.) -- C:\Windows\System32\TTFI6.ocx
[2010/08/12 19:14:13 | 000,331,032 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\Windows\System32\Threed20.Ocx
[2010/08/12 19:14:13 | 000,168,720 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\Windows\System32\sssplt30.Ocx
[2010/08/12 19:14:13 | 000,163,096 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\Windows\System32\splitter.Ocx
[2010/08/12 19:14:12 | 000,558,136 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\Windows\System32\SSDW3A32.Ocx
[2010/08/12 19:14:12 | 000,072,240 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\Windows\System32\SSPRN32.DLL
[2010/08/12 19:14:12 | 000,071,736 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\Windows\System32\SSMEDT32.DLL
[2010/08/12 19:14:11 | 000,849,976 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\Windows\System32\SSDW3B32.Ocx
[2010/08/12 19:14:08 | 004,739,135 | ---- | C] (Nevron LLC) -- C:\Windows\System32\3DChartM.ocx
[2010/08/12 19:14:07 | 000,086,528 | ---- | C] (I.C.E.S.) -- C:\Windows\System32\JCScroll.Ocx
[2010/08/12 19:14:06 | 001,050,024 | ---- | C] (FarPoint Technologies, Inc.) -- C:\Windows\System32\FpSpr30.ocx
[2010/08/12 19:14:05 | 001,013,144 | ---- | C] (FarPoint Technologies, Inc.) -- C:\Windows\System32\Spr32x30.ocx
[2010/08/12 19:14:04 | 000,452,344 | ---- | C] (FarPoint Technologies, Inc.) -- C:\Windows\System32\Flp32x20.ocx
[2010/08/12 19:14:04 | 000,340,480 | ---- | C] (Data Dynamics) -- C:\Windows\System32\ActBar.Ocx
[2010/08/12 19:13:51 | 000,000,000 | ---D | C] -- C:\Program Files\ForeSight
[2010/08/12 19:08:05 | 000,000,000 | ---D | C] -- C:\Windows\System32\URTTEMP
[2010/08/12 13:54:01 | 000,000,000 | RHSD | C] -- C:\RECYCLER
[2010/08/11 16:54:11 | 000,000,000 | ---D | C] -- C:\Program Files\Bing Bar Installer
[2010/08/11 06:14:42 | 000,000,000 | ---D | C] -- C:\Users\Kim\AppData\Roaming\EPSON
[2010/08/09 17:09:03 | 000,000,000 | ---D | C] -- C:\Program Files\epson
[2010/08/09 16:48:30 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON
[2010/08/08 04:33:29 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/08/04 17:27:15 | 000,000,000 | ---D | C] -- C:\Program Files\Blue Cross Agent Assistant
[2010/08/02 14:41:00 | 000,000,000 | ---D | C] -- C:\INSMARK
[2010/08/01 21:24:01 | 000,000,000 | ---D | C] -- C:\Users\Kim\AppData\Local\National_Life_Group
[2010/08/01 21:11:51 | 000,627,200 | ---- | C] (Two Pilots, Inc) -- C:\Windows\System32\PDFCreatorPilot2.DLL
[2010/08/01 21:11:50 | 003,536,856 | ---- | C] (Two Pilots) -- C:\Windows\System32\PDFCreatorPilot.dll
[2010/08/01 21:11:49 | 000,063,488 | ---- | C] (MicroHelp, Inc.) -- C:\Windows\System32\GAUGE32.OCX
[2010/08/01 21:11:48 | 000,197,120 | ---- | C] (WexTech Systems, Inc.) -- C:\Windows\System32\D2HLNK32.DLL
[2010/08/01 21:11:48 | 000,136,192 | ---- | C] (MicroHelp Inc.) -- C:\Windows\System32\MHLIST32.OCX
[2010/08/01 21:11:48 | 000,113,152 | ---- | C] (WexTech Systems, Inc.) -- C:\Windows\System32\D2HNAV32.EXE
[2010/08/01 21:11:48 | 000,089,088 | ---- | C] (MicroHelp Inc.) -- C:\Windows\System32\MHMINP32.OCX
[2010/08/01 21:11:48 | 000,034,816 | ---- | C] (MicroHelp Inc.) -- C:\Windows\System32\MHRUN32.DLL
[2010/08/01 21:09:01 | 000,000,000 | ---D | C] -- C:\ICS
[2010/07/24 16:42:59 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Calculator Plus
[2010/07/19 20:52:23 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache
[2010/07/19 20:52:15 | 000,000,000 | ---D | C] -- C:\Users\Kim\AppData\Local\MOSS
[2010/07/18 01:56:24 | 008,678,552 | ---- | C] (NetLibrary ) -- C:\Users\Kim\Documents\MediaCenter.exe
[2010/07/16 23:47:09 | 000,000,000 | ---D | C] -- C:\Users\Kim\AppData\Roaming\Apple Computer
[2010/07/16 23:47:09 | 000,000,000 | ---D | C] -- C:\Users\Kim\AppData\Local\Apple Computer
[2010/07/16 23:46:29 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2010/07/16 23:45:08 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/07/16 23:43:10 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/07/16 23:42:37 | 000,000,000 | ---D | C] -- C:\Users\Kim\AppData\Local\Apple
[2010/07/16 23:39:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/07/14 15:53:03 | 000,000,000 | ---D | C] -- C:\Users\Kim\Documents\NetLibrary
[2010/07/14 15:52:58 | 000,000,000 | ---D | C] -- C:\Users\Kim\Documents\DownloadManager
[2010/07/09 22:42:28 | 000,000,000 | ---D | C] -- C:\Users\Kim\Documents\My imm Media
[2010/07/09 22:42:14 | 000,000,000 | ---D | C] -- C:\Program Files\Ingram Media Manager
[2010/07/04 20:04:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Protexis
[2010/07/04 18:54:22 | 398,698,564 | ---- | C] (Broderbund Software ) -- C:\Users\Kim\Documents\mavis beacon.exe
[2010/07/04 16:59:04 | 000,000,000 | ---D | C] -- C:\Users\Kim\AppData\Roaming\TypingMaster7
[2010/07/04 16:58:48 | 000,000,000 | R--D | C] -- C:\Program Files\TypingMaster
[2010/06/19 10:26:56 | 000,000,000 | ---D | C] -- C:\Users\Kim\AppData\Roaming\WinRAR
[2010/06/19 10:07:58 | 000,000,000 | ---D | C] -- C:\Users\Kim\AppData\Roaming\vlc
[2010/06/19 10:03:32 | 000,000,000 | ---D | C] -- C:\Users\Kim\Documents\Graboid
[2010/06/19 09:44:08 | 000,000,000 | ---D | C] -- C:\Users\Kim\AppData\Local\Graboid_Inc
[2010/06/19 09:44:08 | 000,000,000 | ---D | C] -- C:\Users\Kim\AppData\Local\Graboid
[2010/06/19 09:44:05 | 000,000,000 | ---D | C] -- C:\Users\Kim\AppData\Roaming\MozillaControl
[2010/06/19 09:43:52 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla ActiveX Control v1.7.12
[2009/10/20 17:59:04 | 000,409,600 | ---- | C] ( ) -- C:\Windows\System32\lxdncoin.dll
[1998/12/09 02:53:54 | 000,186,368 | ---- | C] (Symantec Corp., Peter Norton Computing Group) -- C:\Program Files\Common Files\IRAREG.DLL
[1998/12/09 02:53:54 | 000,099,840 | ---- | C] (Symantec Corp.) -- C:\Program Files\Common Files\IRAABOUT.DLL
[1998/12/09 02:53:54 | 000,070,144 | ---- | C] (Symantec Corp., Peter Norton Computing Group) -- C:\Program Files\Common Files\IRAMDMTR.DLL
[1998/12/09 02:53:54 | 000,048,640 | ---- | C] (Symantec Corp., Peter Norton Computing Group) -- C:\Program Files\Common Files\IRALPTTR.DLL
[1998/12/09 02:53:54 | 000,031,744 | ---- | C] (Symantec Corp., Peter Norton Computing Group) -- C:\Program Files\Common Files\IRAWEBTR.DLL
[1998/12/09 02:53:54 | 000,017,920 | ---- | C] (Symantec Corp.) -- C:\Program Files\Common Files\IRASRIAL.DLL
[1 C:\Users\Kim\Documents\*.tmp files -> C:\Users\Kim\Documents\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/09/13 10:11:12 | 002,621,440 | -HS- | M] () -- C:\Users\Kim\ntuser.dat
[2010/09/13 10:06:20 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Users\Kim\Desktop\OTL.exe
[2010/09/13 10:05:50 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{C20538AE-C29C-43A1-8CC0-4F0FAE446C4B}.job
[2010/09/13 10:00:48 | 000,253,909 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/09/13 10:00:22 | 000,005,648 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/09/13 10:00:22 | 000,005,648 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/09/13 10:00:16 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/09/13 10:00:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/09/13 00:48:41 | 000,524,288 | -HS- | M] () -- C:\Users\Kim\ntuser.dat{4a0ae4c1-9b9b-11df-8f1a-000000000000}.TMContainer00000000000000000001.regtrans-ms
[2010/09/13 00:48:41 | 000,065,536 | -HS- | M] () -- C:\Users\Kim\ntuser.dat{4a0ae4c1-9b9b-11df-8f1a-000000000000}.TM.blf
[2010/09/12 23:50:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2689289883-589722038-3047934647-1000UA.job
[2010/09/12 21:56:39 | 000,253,909 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010/09/11 01:19:25 | 003,673,673 | -H-- | M] () -- C:\Users\Kim\AppData\Local\IconCache.db
[2010/09/10 14:03:17 | 000,019,456 | ---- | M] () -- C:\Users\Kim\Documents\INSURANCE SERVICES.doc
[2010/09/10 13:50:00 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2689289883-589722038-3047934647-1000Core.job
[2010/09/09 21:58:40 | 000,002,032 | ---- | M] () -- C:\Users\Kim\Desktop\Google Chrome.lnk
[2010/09/09 21:58:40 | 000,001,994 | ---- | M] () -- C:\Users\Kim\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/09/08 10:10:21 | 000,006,944 | ---- | M] () -- C:\Users\Kim\AppData\Local\d3d9caps.dat
[2010/09/07 21:07:49 | 000,343,043 | ---- | M] () -- C:\Users\Kim\Documents\iZiggPoliciesAndProcedures3.pdf
[2010/09/05 17:18:53 | 000,084,480 | ---- | M] () -- C:\Users\Kim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/05 11:57:12 | 000,001,462 | ---- | M] () -- C:\Users\Kim\AppData\Roaming\wklnhst.dat
[2010/09/05 03:54:21 | 000,093,056 | ---- | M] (GMER) -- C:\uwldqpow.sys
[2010/09/05 03:39:13 | 000,000,000 | ---- | M] () -- C:\Users\Kim\defogger_reenable
[2010/09/04 16:20:50 | 003,276,800 | ---- | M] () -- C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl
[2010/09/04 16:20:50 | 000,196,608 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf
[2010/09/04 16:20:50 | 000,065,536 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx
[2010/09/04 13:26:42 | 000,000,064 | ---- | M] () -- C:\Windows\GPlrLanc.dat
[2010/09/03 14:49:52 | 000,000,162 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2010/09/02 17:34:55 | 000,000,024 | ---- | M] () -- C:\Users\Kim\AppData\Roaming\MyPhrases.dta
[2010/09/01 10:39:01 | 000,363,177 | ---- | M] () -- C:\Users\Kim\Documents\MM instructions.pdf
[2010/09/01 10:28:54 | 000,000,681 | ---- | M] () -- C:\Users\Kim\Documents\insurance agents fresno profiles.cvs.csv
[2010/09/01 04:52:34 | 000,002,577 | ---- | M] () -- C:\Users\Kim\Desktop\MessageMagic.lnk
[2010/09/01 04:41:04 | 000,000,133 | ---- | M] () -- C:\Users\Kim\Documents\mm test group.cvs.csv
[2010/08/31 19:38:35 | 000,000,056 | ---- | M] () -- C:\Users\Kim\Documents\insurance california.csv
[2010/08/30 22:03:06 | 000,000,552 | ---- | M] () -- C:\Users\Kim\AppData\Local\d3d8caps.dat
[2010/08/23 15:38:12 | 000,080,531 | ---- | M] () -- C:\Windows\System32\LexFiles.ulf
[2010/08/17 08:12:29 | 000,000,314 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForKim.job
[2010/08/16 11:49:07 | 000,000,101 | ---- | M] () -- C:\Windows\applink.ini
[2010/08/16 11:49:07 | 000,000,033 | ---- | M] () -- C:\Windows\Utdsysap.ini
[2010/08/16 11:48:47 | 000,000,000 | ---- | M] () -- C:\Windows\tmp.ini
[2010/08/14 03:08:45 | 000,722,750 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/08/14 03:08:45 | 000,613,270 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/08/14 03:08:45 | 000,108,196 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/08/14 00:58:31 | 000,192,232 | ---- | M] () -- C:\Users\Kim\Documents\baldev 200000.pdf
[2010/08/14 00:31:58 | 000,011,154 | ---- | M] () -- C:\Users\Kim\Documents\Baldev250000.lgr
[2010/08/14 00:29:10 | 000,192,272 | ---- | M] () -- C:\Users\Kim\Documents\Baldev250000.lgr.pdf
[2010/08/13 22:43:32 | 000,000,669 | ---- | M] () -- C:\Windows\InsMark.INI
[2010/08/13 03:20:10 | 000,391,096 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/08/12 21:23:14 | 000,001,040 | ---- | M] () -- C:\Users\Kim\Desktop\Bejeweled Blitz.lnk
[2010/08/12 19:20:12 | 000,000,091 | ---- | M] () -- C:\Users\Kim\AppData\Local\fusioncache.dat
[2010/08/08 01:03:27 | 000,006,670 | -HS- | M] () -- C:\Users\Kim\Desktop\Folder.jpg
[2010/08/08 01:03:27 | 000,006,670 | -HS- | M] () -- C:\Users\Kim\Desktop\AlbumArt_{34FC0C69-86B9-406A-9E0D-AB7B1D90488A}_Large.jpg
[2010/08/08 01:03:27 | 000,002,271 | -HS- | M] () -- C:\Users\Kim\Desktop\AlbumArtSmall.jpg
[2010/08/08 01:03:27 | 000,002,271 | -HS- | M] () -- C:\Users\Kim\Desktop\AlbumArt_{34FC0C69-86B9-406A-9E0D-AB7B1D90488A}_Small.jpg
[2010/08/07 22:10:49 | 000,001,633 | ---- | M] () -- C:\Users\Kim\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2010/08/06 12:24:14 | 000,019,456 | ---- | M] () -- C:\Users\Kim\Documents\Your Postcard Template.doc
[2010/08/04 18:12:42 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/08/04 18:12:42 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/08/01 21:12:27 | 000,000,600 | ---- | M] () -- C:\Windows\ODBC.INI
[2010/08/01 21:12:24 | 000,000,805 | ---- | M] () -- C:\Windows\Ics.ini
[2010/08/01 21:12:24 | 000,000,573 | ---- | M] () -- C:\Windows\LEDGER.INI
[2010/07/29 23:19:36 | 000,524,288 | -HS- | M] () -- C:\Users\Kim\ntuser.dat{4a0ae4c1-9b9b-11df-8f1a-000000000000}.TMContainer00000000000000000002.regtrans-ms
[2010/07/22 14:35:04 | 000,524,288 | -HS- | M] () -- C:\Users\Kim\ntuser.dat{35df2a63-f82d-11de-ba25-000000000000}.TMContainer00000000000000000001.regtrans-ms
[2010/07/22 14:35:04 | 000,065,536 | -HS- | M] () -- C:\Users\Kim\ntuser.dat{35df2a63-f82d-11de-ba25-000000000000}.TM.blf
[2010/07/22 06:50:21 | 000,006,381 | -HS- | M] () -- C:\Users\Kim\Documents\Folder.jpg
[2010/07/22 06:50:21 | 000,002,024 | -HS- | M] () -- C:\Users\Kim\Documents\AlbumArtSmall.jpg
[2010/07/19 21:39:25 | 000,103,752 | ---- | M] () -- C:\Users\Kim\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/07/19 20:51:02 | 000,029,184 | ---- | M] () -- C:\Users\Kim\Documents\Abbreviations I through L.doc
[2010/07/18 11:34:12 | 000,053,314 | ---- | M] (Exent Technologies Ltd.) -- C:\Windows\ExentInfo.exe
[2010/07/18 01:58:04 | 008,678,552 | ---- | M] (NetLibrary ) -- C:\Users\Kim\Documents\MediaCenter.exe
[2010/07/15 23:42:28 | 000,026,624 | ---- | M] () -- C:\Users\Kim\Documents\Resume_RICKIM001_KimRichardson.doc
[2010/07/15 23:42:27 | 000,000,162 | -H-- | M] () -- C:\Users\Kim\Documents\~$sume_RICKIM001_KimRichardson.doc
[2010/07/15 23:41:13 | 000,012,340 | ---- | M] () -- C:\Users\Kim\Documents\Resume_RICKIM001_KimRichardson.rtf
[2010/07/15 23:29:10 | 000,020,992 | ---- | M] () -- C:\Users\Kim\Documents\qualifications for emr.doc
[2010/07/07 14:01:22 | 000,017,542 | ---- | M] () -- C:\Windows\FRGN.ico
[2010/07/05 13:26:51 | 000,228,787 | ---- | M] () -- C:\Users\Kim\Documents\skin structures1.jpg
[2010/07/05 13:24:33 | 000,003,687 | ---- | M] () -- C:\Users\Kim\Documents\skin structures.jpg
[2010/07/04 19:20:34 | 398,698,564 | ---- | M] (Broderbund Software ) -- C:\Users\Kim\Documents\mavis beacon.exe
[2010/06/24 16:58:18 | 000,072,080 | ---- | M] () -- C:\Users\Kim\g2mdlhlpx.exe
[2010/06/19 16:41:21 | 000,226,385 | ---- | M] () -- C:\Users\Kim\Documents\Confie Articles 3.08.pdf
[2010/06/19 11:43:37 | 000,032,256 | ---- | M] () -- C:\Users\Kim\Documents\Y0007_ENR133_2_Ex_32___Notice_for_Loss_of_Special_Needs_Status_Exclusive_SNP_Revised_11 (2).doc
[2010/06/19 09:41:13 | 031,261,760 | ---- | M] () -- C:\Users\Kim\Documents\GraboidVideoSetup-1.73-complete.exe
[2010/06/18 03:15:21 | 005,396,992 | ---- | M] () -- C:\Users\Kim\Documents\FFS_FinancialCalculators.ppt
[2010/06/18 02:40:57 | 000,887,808 | ---- | M] () -- C:\Users\Kim\Documents\EIUL_AccountsThatGoUpNeveGoDownSaveTaxOnTheHarvest.ppt
[2010/06/18 01:19:44 | 000,073,323 | ---- | M] () -- C:\Users\Kim\Documents\Health Net of California Receives Regional Medi-Cal Contract _ Business Wire.htm
[2010/06/18 01:19:21 | 000,037,008 | ---- | M] () -- C:\Users\Kim\Documents\hnt_health-net-of-california-receives-regional-medi-cal-contract-940561.html
[2010/06/18 00:38:01 | 000,041,984 | ---- | M] () -- C:\Users\Kim\Documents\Reminder to all Medi (4).doc
[1 C:\Users\Kim\Documents\*.tmp files -> C:\Users\Kim\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/09/10 14:03:16 | 000,019,456 | ---- | C] () -- C:\Users\Kim\Documents\INSURANCE SERVICES.doc
[2010/09/07 21:07:49 | 000,343,043 | ---- | C] () -- C:\Users\Kim\Documents\iZiggPoliciesAndProcedures3.pdf
[2010/09/05 21:13:01 | 000,002,032 | ---- | C] () -- C:\Users\Kim\Desktop\Google Chrome.lnk
[2010/09/05 14:02:26 | 000,001,994 | ---- | C] () -- C:\Users\Kim\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/09/05 13:45:13 | 000,000,900 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2689289883-589722038-3047934647-1000UA.job
[2010/09/05 13:45:12 | 000,000,848 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2689289883-589722038-3047934647-1000Core.job
[2010/09/05 03:39:13 | 000,000,000 | ---- | C] () -- C:\Users\Kim\defogger_reenable
[2010/09/04 16:20:17 | 000,196,608 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf
[2010/09/04 16:20:17 | 000,065,536 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx
[2010/09/04 16:20:16 | 003,276,800 | ---- | C] () -- C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl
[2010/09/04 13:26:43 | 000,017,542 | ---- | C] () -- C:\Windows\FRGN.ico
[2010/09/04 13:26:42 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2010/09/02 11:36:56 | 000,000,024 | ---- | C] () -- C:\Users\Kim\AppData\Roaming\MyPhrases.dta
[2010/09/01 22:55:46 | 000,001,040 | ---- | C] () -- C:\Users\Kim\Desktop\Bejeweled Blitz.lnk
[2010/09/01 10:39:01 | 000,363,177 | ---- | C] () -- C:\Users\Kim\Documents\MM instructions.pdf
[2010/09/01 10:25:40 | 000,000,681 | ---- | C] () -- C:\Users\Kim\Documents\insurance agents fresno profiles.cvs.csv
[2010/09/01 04:40:58 | 000,000,133 | ---- | C] () -- C:\Users\Kim\Documents\mm test group.cvs.csv
[2010/08/31 21:25:42 | 000,002,577 | ---- | C] () -- C:\Users\Kim\Desktop\MessageMagic.lnk
[2010/08/31 19:38:35 | 000,000,056 | ---- | C] () -- C:\Users\Kim\Documents\insurance california.csv
[2010/08/30 22:03:06 | 000,000,552 | ---- | C] () -- C:\Users\Kim\AppData\Local\d3d8caps.dat
[2010/08/23 15:38:36 | 000,045,056 | ---- | C] () -- C:\Windows\System32\LXF3PMON.DLL
[2010/08/23 15:38:36 | 000,032,768 | ---- | C] () -- C:\Windows\System32\LXF3FXPU.DLL
[2010/08/23 15:38:15 | 000,053,248 | ---- | C] () -- C:\Windows\System32\lxf3oem.dll
[2010/08/23 15:38:15 | 000,012,288 | ---- | C] () -- C:\Windows\System32\LXF3PMRC.DLL
[2010/08/23 15:25:25 | 000,000,044 | ---- | C] () -- C:\Windows\System32\lxdnrwrd.ini
[2010/08/23 15:24:10 | 000,348,160 | ---- | C] () -- C:\Windows\System32\LXDNinst.dll
[2010/08/23 15:24:01 | 000,080,531 | ---- | C] () -- C:\Windows\System32\LexFiles.ulf
[2010/08/23 15:24:01 | 000,001,633 | ---- | C] () -- C:\Windows\System32\lxdn.loc
[2010/08/16 11:49:07 | 000,000,101 | ---- | C] () -- C:\Windows\applink.ini
[2010/08/16 11:49:07 | 000,000,033 | ---- | C] () -- C:\Windows\Utdsysap.ini
[2010/08/16 11:48:47 | 000,000,000 | ---- | C] () -- C:\Windows\tmp.ini
[2010/08/14 00:29:10 | 000,192,272 | ---- | C] () -- C:\Users\Kim\Documents\Baldev250000.lgr.pdf
[2010/08/14 00:25:49 | 000,192,232 | ---- | C] () -- C:\Users\Kim\Documents\baldev 200000.pdf
[2010/08/14 00:23:06 | 000,011,154 | ---- | C] () -- C:\Users\Kim\Documents\Baldev250000.lgr
[2010/08/12 19:28:01 | 000,000,766 | ---- | C] () -- C:\Windows\System32\ALICON.ico
[2010/08/12 19:20:12 | 000,000,091 | ---- | C] () -- C:\Users\Kim\AppData\Local\fusioncache.dat
[2010/08/08 01:03:27 | 000,006,670 | -HS- | C] () -- C:\Users\Kim\Desktop\AlbumArt_{34FC0C69-86B9-406A-9E0D-AB7B1D90488A}_Large.jpg
[2010/08/08 01:03:27 | 000,002,271 | -HS- | C] () -- C:\Users\Kim\Desktop\AlbumArt_{34FC0C69-86B9-406A-9E0D-AB7B1D90488A}_Small.jpg
[2010/08/06 12:24:14 | 000,019,456 | ---- | C] () -- C:\Users\Kim\Documents\Your Postcard Template.doc
[2010/08/04 18:12:42 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/08/04 18:12:42 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/08/04 18:04:39 | 000,006,670 | -HS- | C] () -- C:\Users\Kim\Desktop\Folder.jpg
[2010/08/04 18:04:39 | 000,002,271 | -HS- | C] () -- C:\Users\Kim\Desktop\AlbumArtSmall.jpg
[2010/08/02 14:41:00 | 000,000,669 | ---- | C] () -- C:\Windows\InsMark.INI
[2010/08/01 21:11:49 | 000,027,224 | ---- | C] () -- C:\Windows\System32\VBEXT32.OLB
[2010/08/01 21:11:48 | 000,073,184 | ---- | C] () -- C:\Windows\System32\DAO2535.TLB
[2010/08/01 21:11:48 | 000,030,720 | ---- | C] () -- C:\Windows\System32\REGTLIB.EXE
[2010/08/01 21:11:03 | 000,000,805 | ---- | C] () -- C:\Windows\Ics.ini
[2010/08/01 21:11:03 | 000,000,573 | ---- | C] () -- C:\Windows\LEDGER.INI
[2010/08/01 21:11:02 | 000,001,277 | ---- | C] () -- C:\Windows\ICS.REG
[2010/07/29 22:29:18 | 000,524,288 | -HS- | C] () -- C:\Users\Kim\ntuser.dat{4a0ae4c1-9b9b-11df-8f1a-000000000000}.TMContainer00000000000000000002.regtrans-ms
[2010/07/29 22:29:18 | 000,524,288 | -HS- | C] () -- C:\Users\Kim\ntuser.dat{4a0ae4c1-9b9b-11df-8f1a-000000000000}.TMContainer00000000000000000001.regtrans-ms
[2010/07/29 22:29:18 | 000,065,536 | -HS- | C] () -- C:\Users\Kim\ntuser.dat{4a0ae4c1-9b9b-11df-8f1a-000000000000}.TM.blf
[2010/07/19 20:51:02 | 000,029,184 | ---- | C] () -- C:\Users\Kim\Documents\Abbreviations I through L.doc
[2010/07/15 23:42:27 | 000,000,162 | -H-- | C] () -- C:\Users\Kim\Documents\~$sume_RICKIM001_KimRichardson.doc
[2010/07/15 23:41:12 | 000,012,340 | ---- | C] () -- C:\Users\Kim\Documents\Resume_RICKIM001_KimRichardson.rtf
[2010/07/15 23:40:38 | 000,026,624 | ---- | C] () -- C:\Users\Kim\Documents\Resume_RICKIM001_KimRichardson.doc
[2010/07/15 23:27:03 | 000,020,992 | ---- | C] () -- C:\Users\Kim\Documents\qualifications for emr.doc
[2010/07/14 01:44:34 | 000,006,381 | -HS- | C] () -- C:\Users\Kim\Documents\Folder.jpg
[2010/07/14 01:44:34 | 000,002,024 | -HS- | C] () -- C:\Users\Kim\Documents\AlbumArtSmall.jpg
[2010/07/05 13:26:50 | 000,228,787 | ---- | C] () -- C:\Users\Kim\Documents\skin structures1.jpg
[2010/07/05 13:24:30 | 000,003,687 | ---- | C] () -- C:\Users\Kim\Documents\skin structures.jpg
[2010/06/24 16:58:17 | 000,072,080 | ---- | C] () -- C:\Users\Kim\g2mdlhlpx.exe
[2010/06/19 16:41:19 | 000,226,385 | ---- | C] () -- C:\Users\Kim\Documents\Confie Articles 3.08.pdf
[2010/06/19 11:43:36 | 000,032,256 | ---- | C] () -- C:\Users\Kim\Documents\Y0007_ENR133_2_Ex_32___Notice_for_Loss_of_Special_Needs_Status_Exclusive_SNP_Revised_11 (2).doc
[2010/06/19 09:39:33 | 031,261,760 | ---- | C] () -- C:\Users\Kim\Documents\GraboidVideoSetup-1.73-complete.exe
[2010/06/18 03:15:05 | 005,396,992 | ---- | C] () -- C:\Users\Kim\Documents\FFS_FinancialCalculators.ppt
[2010/06/18 02:40:56 | 000,887,808 | ---- | C] () -- C:\Users\Kim\Documents\EIUL_AccountsThatGoUpNeveGoDownSaveTaxOnTheHarvest.ppt
[2010/06/18 01:19:43 | 000,073,323 | ---- | C] () -- C:\Users\Kim\Documents\Health Net of California Receives Regional Medi-Cal Contract _ Business Wire.htm
[2010/06/18 01:19:19 | 000,037,008 | ---- | C] () -- C:\Users\Kim\Documents\hnt_health-net-of-california-receives-regional-medi-cal-contract-940561.html
[2010/06/18 00:37:57 | 000,041,984 | ---- | C] () -- C:\Users\Kim\Documents\Reminder to all Medi (4).doc
[2010/06/07 21:26:06 | 000,000,063 | ---- | C] () -- C:\Windows\mdm.ini
[2010/06/07 21:26:01 | 000,000,000 | ---- | C] () -- C:\Windows\NSREX.INI
[2010/06/07 19:18:48 | 000,000,600 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/04/11 03:15:26 | 000,000,000 | ---- | C] () -- C:\Users\Kim\AppData\Local\FnF4.txt
[2010/04/09 12:02:50 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/12/30 21:31:44 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/12/27 20:01:17 | 000,084,480 | ---- | C] () -- C:\Users\Kim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/16 19:54:57 | 000,001,462 | ---- | C] () -- C:\Users\Kim\AppData\Roaming\wklnhst.dat
[2009/12/14 21:30:34 | 000,253,909 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/12/14 21:29:42 | 000,253,909 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/12/14 20:59:03 | 000,006,944 | ---- | C] () -- C:\Users\Kim\AppData\Local\d3d9caps.dat
[2009/12/14 19:40:48 | 000,000,000 | ---- | C] () -- C:\Users\Kim\AppData\Local\QSwitch.txt
[2009/12/14 19:40:48 | 000,000,000 | ---- | C] () -- C:\Users\Kim\AppData\Local\DSwitch.txt
[2009/12/14 19:40:48 | 000,000,000 | ---- | C] () -- C:\Users\Kim\AppData\Local\AtStart.txt
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.DLL
[2009/07/23 19:49:04 | 000,782,336 | ---- | C] () -- C:\Windows\System32\lxdndrs.dll
[2009/07/14 09:02:58 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxdngrd.dll
[2009/05/14 13:46:40 | 000,081,920 | ---- | C] () -- C:\Windows\System32\lxdncaps.dll
[2008/03/31 19:47:44 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxdnvs.dll
[2008/02/05 15:00:57 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2007/12/05 21:51:03 | 000,000,732 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2007/10/02 14:51:10 | 000,069,632 | ---- | C] () -- C:\Windows\System32\lxdncnv4.dll
[2006/11/02 05:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 03:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/11/02 00:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/03/09 15:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[1999/01/22 18:46:58 | 000,065,536 | ---- | C] () -- C:\Windows\System32\MSRTEDIT.DLL

========== LOP Check ==========

[2010/07/28 00:21:04 | 000,000,000 | -HSD | M] -- C:\Users\Kim\AppData\Roaming\.#
[2010/01/08 22:05:21 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\AnvSoft
[2010/09/05 14:33:12 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\Azureus
[2010/04/27 16:25:51 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/08/11 06:14:42 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\EPSON
[2010/05/22 00:32:20 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\GetRightToGo
[2010/01/12 20:46:52 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\IDM
[2010/08/23 15:47:39 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\Lexmark Productivity Studio
[2010/08/31 12:11:52 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\Message Magic
[2010/03/01 15:45:18 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\mjusbsp
[2010/01/04 21:18:00 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\MSNInstaller
[2010/09/03 23:49:36 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\NBC Direct
[2010/05/08 13:40:14 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\PopCapv1001
[2010/05/07 21:36:17 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\PopCapv1002
[2010/05/15 23:34:57 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\PopCapv1003
[2010/07/11 18:14:03 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\PopCapv1004
[2009/12/18 09:28:27 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\Template
[2010/03/18 21:23:05 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\Tether
[2010/07/29 23:05:56 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\TypingMaster7
[2010/09/04 15:58:37 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\Uniblue
[2009/12/14 19:41:06 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\WildTangent
[2010/08/16 11:50:12 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\WinFlex 6
[2010/09/13 00:48:26 | 000,032,610 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT
[2010/09/13 10:05:50 | 000,000,418 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{C20538AE-C29C-43A1-8CC0-4F0FAE446C4B}.job

========== Purity Check ==========


< End of report >


OTL Extras logfile created on: 9/13/2010 10:07:32 AM - Run 1
OTL by OldTimer - Version 3.2.12.0 Folder = C:\Users\Kim\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 46.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 70.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 137.12 Gb Total Space | 17.60 Gb Free Space | 12.84% Space Free | Partition Type: NTFS
Drive D: | 11.93 Gb Total Space | 1.50 Gb Free Space | 12.55% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 7.45 Gb Total Space | 4.47 Gb Free Space | 59.96% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: KIM-PC
Current User Name: Kim
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- (EarthLink, Inc.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{321C6AC3-EAB5-408A-B80F-BFF014C7C93E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3550B7ED-7E4D-473C-893B-45505819B02C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{88579198-3D6A-4C1A-BB85-B78627265654}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9E307430-247F-40DD-87A5-33B843CC1D22}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B3A0207E-203D-42EF-86DE-D01F0046FF39}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BB971ECC-CD39-4CBF-B2CC-6F821FDAF73B}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DC3B70A6-8B2D-4324-9BF2-133778F1CADE}" = rport=10243 | protocol=6 | dir=out | app=system |
"{F5D16F76-2485-4737-ACD7-F30D05BBC616}" = lport=10243 | protocol=6 | dir=in | app=system |
"{F9711BA7-CCF5-4AF6-A88D-CAD54A33EF3C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{061E8CEC-2218-424C-9A79-44CFC4B2E00C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe |
"{104BD9C2-690A-4665-BF12-090AF0A43817}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{10673E78-DE11-444C-8EA1-673684109ABE}" = protocol=17 | dir=in | app=c:\windows\system32\lxdncoms.exe |
"{12C16C70-8545-45AC-A53C-604380AD3FC1}" = protocol=17 | dir=in | app=c:\program files\nbc direct\directplayercore.exe |
"{13BB89B9-0D57-4804-B567-0DC13FEC08C5}" = protocol=6 | dir=in | app=c:\program files\nbc direct\directplayercore.exe |
"{18B84FA1-3286-445A-8E75-F9B2E3AF572A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1EC2FCB2-A27D-4445-8D95-F91DE1991C7A}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{25CB3231-71F7-4440-846B-32FB156E13C4}" = protocol=6 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleil.exe |
"{27776397-E073-48CF-B9A8-7F53D9FA2A83}" = protocol=6 | dir=in | app=c:\program files\lexmark 2600 series\lxdnamon.exe |
"{3184ABFE-C13F-438C-9A33-B1C84BCA7744}" = protocol=17 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleil.exe |
"{34A7CAF0-8C62-4C29-9D49-948905FE1492}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe |
"{3D5C51EC-934A-49E6-BA46-CAFFD1912B9D}" = protocol=6 | dir=in | app=c:\windows\system32\lxdncoms.exe |
"{404ECC7F-60AB-4310-977E-AA5D838AE17F}" = protocol=17 | dir=in | app=c:\program files\nbc direct\directplayercore.exe |
"{43CF705E-C349-4EF9-99B9-7ACB628736F9}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{4544759E-CE81-4F64-A9BA-BF7200F4495E}" = protocol=6 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{46058D6B-2121-4AE6-8BD5-E6A6A9BB8A92}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{46D1C124-2508-49DF-A2CB-DD3B4A4193E2}" = protocol=17 | dir=in | app=c:\program files\lexmark fax solutions\faxctr.exe |
"{4F84E566-E8EC-4E10-A9E3-214DEAA67370}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{5F1BB71C-2B26-404D-8B05-C6D02D21555E}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{6D3731A5-99BC-4419-9E37-18992AADA279}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6EBD0D70-A11E-472F-839A-C080A4D5CA74}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{72D3C1A4-1A95-40AB-A238-7DD093A1AD12}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{7420EF88-8F87-405A-B34C-515DCCE60389}" = protocol=6 | dir=in | app=c:\program files\lexmark fax solutions\faxctr.exe |
"{76475D00-625A-4F8E-83F2-B5E468030371}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7CFF7201-13BA-4AEB-9D00-07513A002E8F}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{7F9598C9-3C3F-4C63-99E1-5C6D9549CB30}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{818760A0-B987-4FD8-9060-0401ED4AAC4A}" = protocol=17 | dir=in | app=c:\program files\lexmark 2600 series\lxdnamon.exe |
"{917BD2FC-35A6-4CEB-AD6C-2B4F33794B55}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{96E2A885-EA7F-48ED-8D57-84D7A1A5C027}" = protocol=6 | dir=in | app=c:\program files\lexmark 2600 series\lxdnmon.exe |
"{9B22924B-C76E-4D1F-9509-C7228B4666A1}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{A2B81A71-49EC-4C2C-B930-11C31640ACEC}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{A802DC69-CBDC-42D3-8A90-7249A72232E0}" = protocol=6 | dir=in | app=c:\program files\nbc direct\directplayercore.exe |
"{B3CFC541-5E5B-4858-81CE-E68FDD2D6A2E}" = protocol=6 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleil.exe |
"{B53655B4-6403-4A16-BB77-041FD462C49C}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{C0DE9CEE-92C3-4CD6-A46F-D8D28E06FDEF}" = protocol=17 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{C114B00D-484A-4244-87AD-09A0E15EDB0E}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{C29F1DA2-AD75-4FA9-83AF-EF6A078D76D4}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"{C322BC95-4F09-4CD4-98EC-92AA180859D7}" = protocol=17 | dir=in | app=c:\program files\lexmark 2600 series\frun.exe |
"{C39A22B2-E0B2-4C3D-BDEA-A33560BAAA67}" = protocol=6 | dir=out | app=system |
"{C485A96F-A8B8-4909-8ACD-72674FB3B5AF}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{CF6BAC2C-A845-4D99-8FE8-4D5C94199E2A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D609A5AB-F58C-4BBC-A85F-4EB59B62FD44}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D9778C69-A22E-4913-88F7-3CEFDAECC583}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{DA2B555F-5571-4F50-BC03-83346A879C23}" = protocol=6 | dir=in | app=c:\program files\lexmark 2600 series\frun.exe |
"{E1C6F0CE-BFBF-459F-ABD6-DD0FE0988A12}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe |
"{E36F5DF3-D0A7-4DBE-AA43-17EB2BB804C1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E8772035-3BE3-4BB7-8E73-C87A22362130}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{ED334913-FF8D-46A9-A247-1F5138B0FC25}" = protocol=17 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleil.exe |
"{F0EAA567-40F1-4BEE-8F9C-1DD3BABC06B1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F8BE6E99-E972-4800-8AA5-5C69D4E25984}" = protocol=17 | dir=in | app=c:\program files\lexmark 2600 series\lxdnmon.exe |
"{F9B2748B-1A27-40F8-A29E-BDAE9ADF2C78}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{273031F6-1F9B-4658-A8B9-7E222BF230EA}C:\program files\lexmark 2600 series\lxdnmon.exe" = protocol=6 | dir=in | app=c:\program files\lexmark 2600 series\lxdnmon.exe |
"TCP Query User{3DC38A8A-58CE-4DB4-9230-8EBEC3A6D1C5}C:\windows\system32\spool\drivers\w32x86\3\lxdnpswx.exe" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdnpswx.exe |
"TCP Query User{3FE3EDC5-0116-41AE-9B4D-E4ABCC447594}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{45B767EC-012E-4017-80FD-510CAEBA43C0}C:\users\kim\appdata\roaming\mjusbsp\magicjack.exe" = protocol=6 | dir=in | app=c:\users\kim\appdata\roaming\mjusbsp\magicjack.exe |
"TCP Query User{703772D4-8230-4A07-9B21-3C1364D5D7AF}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe |
"TCP Query User{BB5DBF7B-569D-4734-AA60-5B63CC709D06}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{BC59CBB5-B9E6-47C4-9C20-E820E8A4426E}C:\fiserv life portraits\fipwebserver.exe" = protocol=6 | dir=in | app=c:\fiserv life portraits\fipwebserver.exe |
"TCP Query User{DD1829B1-B83B-4A60-9437-11E638E21370}C:\program files\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"TCP Query User{EAC3C41E-14A3-454B-9219-C8EB4A158AB2}C:\program files\cobian backup 10\cbmanager.exe" = protocol=6 | dir=in | app=c:\program files\cobian backup 10\cbmanager.exe |
"UDP Query User{0D82CE3C-979F-459A-9D10-DCF46A843923}C:\windows\system32\spool\drivers\w32x86\3\lxdnpswx.exe" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdnpswx.exe |
"UDP Query User{270A39BD-1E1A-4AEB-80F5-45B121A6E542}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe |
"UDP Query User{65D57317-08A6-45C4-BF3B-4480E601F9E0}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{A4B44B78-FED9-4547-8725-1ACBCCF0DC46}C:\fiserv life portraits\fipwebserver.exe" = protocol=17 | dir=in | app=c:\fiserv life portraits\fipwebserver.exe |
"UDP Query User{BD2472B5-75F0-47B8-B9E4-EA42FF583B5B}C:\program files\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"UDP Query User{C9B6FBD9-1942-40F7-80EA-3D36059494A6}C:\users\kim\appdata\roaming\mjusbsp\magicjack.exe" = protocol=17 | dir=in | app=c:\users\kim\appdata\roaming\mjusbsp\magicjack.exe |
"UDP Query User{E806EBCF-A5EE-4186-BB71-6F426DC7D574}C:\program files\lexmark 2600 series\lxdnmon.exe" = protocol=17 | dir=in | app=c:\program files\lexmark 2600 series\lxdnmon.exe |
"UDP Query User{FB3741C3-F101-4D05-850F-709E2FA1A301}C:\program files\cobian backup 10\cbmanager.exe" = protocol=17 | dir=in | app=c:\program files\cobian backup 10\cbmanager.exe |
"UDP Query User{FBAD7553-F35A-43A8-9256-705B6D6A1355}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00010409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{05786477-F7BB-4038-98E9-61C888A458D7}" = LPES Desktop - ANICO
"{06E74B9B-631F-4378-BF3A-40D868450C05}" = HPPhotoSmartPhotobookHolidayPack1
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0EB9D057-5811-45A1-A2A1-E141AE62FAAB}" = LPES Desktop - ASR
"{11BB336F-0E58-4977-B866-F24FA334616B}" = HP Active Support Library
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1707FF35-300D-4C78-A94A-2E3D515F6DB3}" = Ingram Media Manager
"{172AEB5E-CBB2-4CDD-A4CF-388600825839}" = HPPhotoSmartPhotobookPlayfulPack1
"{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{209CDA54-D390-46A2-A97C-7BF61734418D}" = WeatherBug Gadget
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java™ 6 Update 20
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{28EDCE9C-3304-4331-8AB3-F3EBE94C35B4}" = HP Help and Support
"{2B7BDADB-EC8C-4C54-B5DD-CE45A016D3A7}" = Free Ride Games Player
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2
"{32EDDF2B-95A1-4FAB-BF90-5FD33B5EAB56}" = MessageMagic
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.30 E1
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.6
"{45FEE772-AAD2-4d52-BA21-63E484D75984}" = NetLibrary Media Center
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{4D49757C-367A-4333-BDB3-68966162B14E}" = HP User Guides 0087
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{68471BF2-F1F7-4C89-BBBA-400B94996596}" = ESU for Microsoft Vista
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7DC4A410-9986-4329-9E5D-687B2C42CA39}" = HP QuickTouch 1.00 C4
"{83073C45-3003-4671-9A86-243AAADD915A}" = Microsoft Calculator Plus
"{83E222CC-223F-BE8C-0C77-0CEBDC2F9B57}" = Acrobat.com
"{89E052B2-5CA5-4B7A-AF0C-28CA2836B030}" = HPPhotoSmartPhotobookModernPack1
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-001C-0409-0000-0000000FF1CE}" = Microsoft Office Access Runtime (English) 2007
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{9885A11E-60E4-417C-B58B-8B31B21C0B8A}" = HP Easy Setup - Frontend
"{98B6FB8A-8638-4037-AD44-CF7D0EEAB875}_is1" = TypingMaster Pro
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9E592B66-DCDF-4774-A27D-DF62A772C0B9}" = IC Solutions
"{A07840FC-CE63-4CB8-8030-EF4B9805925A}" = HPPhotoSmartDiscLabel_PaperLabel
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}" = HP Update
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.4
"{AC95121F-1576-45B8-82F7-3911D27882E6}" = HPPhotoSmartPhotobookScrapbookPack1
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{ADFB9653-F44C-460C-BF58-189CC552DFFE}" = hpphotosmartdisclabelplugin
"{b02df929-29a7-4fd2-9a70-81a644b635f7}" = HP Total Care Advisor
"{B0F65259-3441-401F-B399-4779FF18A5C7}" = Eclipse Illustration Software
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4E91E95-A5BA-4E50-A465-DB7EFEB176E8}" = HPPhotoSmartDiscLabel_PrintOnDisc
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BD0E2B92-3814-46F0-893B-4612EA010C7E}" = HP Customer Experience Enhancements
"{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}" = HP Wireless Assistant
"{cce405d3-1e1e-4902-a3e2-1ddc405d3b1d}" = NetLibrary Download Manager
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{DD3C88A0-C53C-41D0-A21B-6D021981D23E}" = HPPhotoSmartDiscLabelContent1
"{DF1098C3-84F7-11D5-9091-0006290FF49C}" = Encoder Pro v5.4.1
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E5EAB38C-D6CE-4B83-85A3-D006D9832292}" = MOSS v2.0
"{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" = Microsoft Antimalware
"{EDB3D9C2-BACB-4757-B7F5-DB43418F3BA2}" = The Anthem Blue Cross Agent Assistant
"{EF98A02A-1748-4762-9B7D-5ED1600520D5}" = Microsoft Security Essentials
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F46BF5EA-0B4E-4A41-8C4B-3B127346E30F}" = NBC Direct
"{F5577101-33CC-4711-8235-3A95BCD49DB0}" = EA Link
"{F636EE9A-F9EC-4606-BCFA-77DD0E210788}" = HPPhotoSmartDiscLabel_Tattoo
"{F7F3B252-E772-48AA-93EB-7964BC326067}" = MSCU for Microsoft Vista
"8461-7759-5462-8226" = Vuze
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"American National" = American National
"Bejeweled Blitz" = Bejeweled Blitz
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"CobBackup10" = Cobian Backup 10
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"ED57C8AF228DC78DCAFE1DD2C6E7D1A37B2A6A89" = Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/11/2009 2.0.0010.00002)
"EPSON Scanner" = EPSON Scan
"EPSON Stylus NX400 Series" = EPSON Stylus NX400 Series Printer Uninstall
"ForeSight" = ForeSight
"Hauppauge MCE2005 Software Encoder" = Hauppauge MCE XP/Vista Software Encoder (2.0.25149)
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"IIS 15.1" = IIS 15.1
"ING Presents" = ING Presents
"InstallShield_{F5577101-33CC-4711-8235-3A95BCD49DB0}" = EA Link
"Lexmark 2600 Series" = Lexmark 2600 Series
"Lexmark Fax Solutions" = Lexmark Fax Solutions
"Medical Terminology for Health Professions_is1" = Medical Terminology for Health Professions
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Essentials" = Microsoft Security Essentials
"MSNINST" = MSN
"NVIDIA Drivers" = NVIDIA Drivers
"PdaNet_is1" = PdaNet for Windows Mobile 2.0
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SystemRequirementsLab" = System Requirements Lab
"the InsMark Datafile Update" = the InsMark Datafile Update
"VLC media player" = VLC media player 1.0.1
"Vuze_Remote Toolbar" = Vuze_Remote Toolbar
"Wealth Preservation Video" = Wealth Preservation Video
"WildTangent hp Master Uninstall" = HP Games
"WT078815" = Jewel Quest Mysteries 2 Trail of the Midnight Heart

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2689289883-589722038-3047934647-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"GoToMeeting" = GoToMeeting 4.5.0.457
"idm_flash" = IDM Flash 4.4.0.468
"NBC Direct" = NBC Direct

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >


RkU Version: 3.8.388.590, Type LE (SR2)
==============================================
OS Name: Windows Vista
Version 6.0.6002 (Service Pack 2)
Number of processors #2
==============================================
>Drivers
==============================================
0x8C405000 C:\Windows\system32\DRIVERS\nvlddmkm.sys 7610368 bytes (NVIDIA Corporation, NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 177.13 )
0x81E33000 C:\Windows\system32\ntkrnlpa.exe 3903488 bytes (Microsoft Corporation, NT Kernel & System)
0x81E33000 PnpManager 3903488 bytes
0x81E33000 RAW 3903488 bytes
0x81E33000 WMIxWDM 3903488 bytes
0x94E00000 Win32k 2109440 bytes
0x94E00000 C:\Windows\System32\win32k.sys 2109440 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0x87A0A000 C:\Windows\System32\Drivers\Ntfs.sys 1114112 bytes (Microsoft Corporation, NT File System Driver)
0x8760E000 C:\Windows\system32\drivers\ndis.sys 1093632 bytes (Microsoft Corporation, NDIS 6.0 wrapper driver)
0x8D005000 C:\Windows\system32\DRIVERS\HSX_DPV.sys 1060864 bytes (Conexant Systems, Inc., HSF_DP driver)
0x8C208000 C:\Windows\system32\DRIVERS\nvmfdx32.sys 1052672 bytes (NVIDIA Corporation, NVIDIA MCP Networking Function Driver.)
0x87804000 C:\Windows\System32\drivers\tcpip.sys 958464 bytes (Microsoft Corporation, TCP/IP Driver)
0x80464000 C:\Windows\system32\CI.dll 917504 bytes (Microsoft Corporation, Code Integrity Module)
0x9BE00000 C:\Windows\system32\drivers\peauth.sys 909312 bytes (Microsoft Corporation, Protected Environment Authentication and Authorization Export Driver)
0x8C309000 C:\Windows\system32\DRIVERS\athr.sys 757760 bytes (Atheros Communications, Inc., Atheros Extensible Wireless LAN device driver)
0x8D108000 C:\Windows\system32\DRIVERS\HSX_CNXT.sys 741376 bytes (Conexant Systems, Inc., HSF_CNXT driver)
0x8D315000 C:\Windows\system32\drivers\spsys.sys 720896 bytes (Microsoft Corporation, security processor)
0x8CB47000 C:\Windows\System32\drivers\dxgkrnl.sys 659456 bytes (Microsoft Corporation, DirectX Graphics Kernel)
0x8C00B000 C:\Windows\system32\DRIVERS\HDAudBus.sys 577536 bytes (Microsoft Corporation, High Definition Audio Bus Driver)
0x80544000 C:\Windows\system32\drivers\Wdf01000.sys 507904 bytes (Microsoft Corporation, WDF Dynamic)
0x80782000 C:\Windows\System32\Drivers\ksecdd.sys 462848 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0x9A232000 C:\Windows\system32\drivers\HTTP.sys 446464 bytes (Microsoft Corporation, HTTP Protocol Stack)
0x8C0F3000 C:\Windows\system32\DRIVERS\rixdptsk.sys 331776 bytes (REDC, RICOH XD SM Driver)
0x9A3A2000 C:\Windows\System32\DRIVERS\srv.sys 319488 bytes (Microsoft Corporation, Server driver)
0x806AB000 C:\Windows\System32\drivers\volmgrx.sys 303104 bytes (Microsoft Corporation, Volume Manager Extension Driver)
0x8CF91000 C:\Windows\system32\drivers\afd.sys 294912 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0x80602000 C:\Windows\system32\drivers\acpi.sys 286720 bytes (Microsoft Corporation, ACPI Driver for NT)
0x80423000 C:\Windows\system32\CLFS.SYS 266240 bytes (Microsoft Corporation, Common Log File System Driver)
0x8C1A1000 C:\Windows\system32\DRIVERS\storport.sys 266240 bytes (Microsoft Corporation, Microsoft Storage Port Driver)
0x8CED2000 C:\Windows\system32\DRIVERS\HSXHWAZL.sys 253952 bytes (Conexant Systems, Inc., HSF_HWAZL WDM driver)
0x8794C000 C:\Windows\system32\DRIVERS\USBPORT.SYS 253952 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0x8D20F000 C:\Windows\system32\DRIVERS\rdbss.sys 245760 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0x87744000 C:\Windows\system32\drivers\NETIO.SYS 241664 bytes (Microsoft Corporation, Network I/O Subsystem)
0x9A32A000 C:\Windows\system32\DRIVERS\mrxsmb10.sys 233472 bytes (Microsoft Corporation, Longhorn SMB Downlevel SubRdr)
0x87B22000 C:\Windows\system32\drivers\volsnap.sys 233472 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0x8CE0A000 C:\Windows\system32\DRIVERS\usbhub.sys 217088 bytes (Microsoft Corporation, Default Hub Driver for USB)
0x81E00000 ACPI_HAL 208896 bytes
0x81E00000 C:\Windows\system32\hal.dll 208896 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0x80740000 C:\Windows\system32\drivers\fltmgr.sys 204800 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0x805CD000 C:\Windows\System32\DRIVERS\netbt.sys 204800 bytes (Microsoft Corporation, MBT Transport driver)
0x8CE50000 C:\Windows\system32\drivers\CHDART.sys 196608 bytes (Conexant Systems Inc., High Definition Audio Function Driver)
0x8C172000 C:\Windows\system32\DRIVERS\msiscsi.sys 192512 bytes (Microsoft Corporation, Microsoft iSCSI Initiator Driver)
0x8C144000 C:\Windows\system32\DRIVERS\SynTP.sys 188416 bytes (Synaptics, Inc., Synaptics Touchpad Driver)
0x8CE80000 C:\Windows\system32\drivers\portcls.sys 184320 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0x87719000 C:\Windows\system32\drivers\msrpc.sys 176128 bytes (Microsoft Corporation, Kernel Remote Procedure Call Provider)
0x877B1000 C:\Windows\system32\DRIVERS\ks.sys 172032 bytes (Microsoft Corporation, Kernel CSA Library)
0x8D3D5000 C:\Windows\system32\DRIVERS\nwifi.sys 172032 bytes (Microsoft Corporation, NativeWiFi Miniport Driver)
0x9A20A000 C:\Windows\System32\Drivers\fastfat.SYS 163840 bytes (Microsoft Corporation, Fast FAT File System Driver)
0x87B72000 C:\Windows\System32\drivers\ecache.sys 159744 bytes (Microsoft Corporation, Special Memory Device Cache)
0x80659000 C:\Windows\system32\drivers\pci.sys 159744 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0x9A37B000 C:\Windows\System32\DRIVERS\srv2.sys 159744 bytes (Microsoft Corporation, Smb 2.0 Server driver)
0x8CEAD000 C:\Windows\system32\drivers\drmk.sys 151552 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0x8D1BD000 C:\Windows\system32\DRIVERS\MpFilter.sys 143360 bytes (Microsoft Corporation, Microsoft antimalware file system filter driver)
0x879B1000 C:\Windows\system32\DRIVERS\ndiswan.sys 143360 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0x87BAA000 C:\Windows\system32\drivers\CLASSPNP.SYS 135168 bytes (Microsoft Corporation, SCSI Class System Dll)
0x9A2EA000 C:\Windows\system32\drivers\mrxdav.sys 135168 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0x8D283000 C:\Windows\System32\Drivers\usbvideo.sys 135168 bytes (Microsoft Corporation, USB Video Class Driver)
0x8CF1C000 C:\Windows\System32\drivers\VIDEOPRT.SYS 135168 bytes (Microsoft Corporation, Video Port Driver)
0x9A30B000 C:\Windows\system32\DRIVERS\mrxsmb.sys 126976 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0x80722000 C:\Windows\system32\drivers\ataport.SYS 122880 bytes (Microsoft Corporation, ATAPI Driver Extension)
0x9A29F000 C:\Windows\System32\DRIVERS\srvnet.sys 118784 bytes (Microsoft Corporation, Server Network driver)
0x878EE000 C:\Windows\System32\drivers\fwpkclnt.sys 110592 bytes (Microsoft Corporation, FWP/IPsec Kernel-Mode API)
0x8D2F2000 C:\Windows\system32\drivers\luafv.sys 110592 bytes (Microsoft Corporation, LUA File Virtualization Filter Driver)
0x8C0B6000 C:\Windows\system32\DRIVERS\sdbus.sys 106496 bytes (Microsoft Corporation, SecureDigital Bus Driver)
0x9A2BC000 C:\Windows\system32\DRIVERS\bowser.sys 102400 bytes (Microsoft Corporation, NT Lan Manager Datagram Receiver Driver)
0x87999000 C:\Windows\system32\DRIVERS\cdrom.sys 98304 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0x9A363000 C:\Windows\system32\DRIVERS\mrxsmb20.sys 98304 bytes (Microsoft Corporation, Longhorn SMB 2.0 Redirector)
0x8D255000 C:\Windows\System32\Drivers\dfsc.sys 94208 bytes (Microsoft Corporation, DFS Namespace Client Driver)
0x8C1E2000 C:\Windows\system32\DRIVERS\rasl2tp.sys 94208 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0x8D26C000 C:\Windows\system32\DRIVERS\usbccgp.sys 94208 bytes (Microsoft Corporation, USB Common Class Generic Parent Driver)
0x9BF3F000 C:\Windows\system32\DRIVERS\cdfs.sys 90112 bytes (Microsoft Corporation, CD-ROM File System Driver)
0x8CFD9000 C:\Windows\system32\DRIVERS\pacer.sys 90112 bytes (Microsoft Corporation, QoS Packet Scheduler)
0x8CF67000 C:\Windows\system32\DRIVERS\tdx.sys 90112 bytes (Microsoft Corporation, TDI Translation Driver)
0x9A2D5000 C:\Windows\System32\drivers\mpsdrv.sys 86016 bytes (Microsoft Corporation, Microsoft Protection Service Driver)
0x8777F000 C:\Windows\system32\DRIVERS\rassstp.sys 86016 bytes (Microsoft Corporation, RAS SSTP Miniport Call Manager)
0x8D2A4000 C:\Windows\system32\DRIVERS\USBSTOR.SYS 86016 bytes (Microsoft Corporation, USB Mass Storage Class Driver)
0x9BEF4000 C:\Windows\system32\DRIVERS\WUDFRd.sys 86016 bytes (Microsoft Corporation, Windows Driver Foundation - User-mode Driver Framework Reflector)
0x879E3000 C:\Windows\system32\DRIVERS\raspptp.sys 81920 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0x8C0DF000 C:\Windows\system32\DRIVERS\rimsptsk.sys 81920 bytes (REDC, RICOH MS Driver)
0x8CF7D000 C:\Windows\system32\DRIVERS\smb.sys 81920 bytes (Microsoft Corporation, SMB Transport driver)
0x8C3C2000 C:\Windows\system32\DRIVERS\i8042prt.sys 77824 bytes (Microsoft Corporation, i8042 Port Driver)
0x87BD4000 C:\Windows\system32\DRIVERS\rspndr.sys 77824 bytes (Microsoft Corporation, Link-Layer Topology Responder Driver for NDIS 6)
0x877E8000 C:\Windows\system32\DRIVERS\wanarp.sys 77824 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0x9BF09000 C:\Windows\system32\DRIVERS\WUDFPf.sys 73728 bytes (Microsoft Corporation, Windows Driver Foundation - User-mode Driver Framework Platform Driver)
0x87B99000 C:\Windows\system32\drivers\disk.sys 69632 bytes (Microsoft Corporation, PnP Disk Driver)
0x8CE3F000 C:\Windows\System32\Drivers\NDProxy.SYS 69632 bytes (Microsoft Corporation, NDIS Proxy)
0x8040A000 C:\Windows\system32\PSHED.dll 69632 bytes (Microsoft Corporation, Platform Specific Hardware Error Driver)
0x9BF1B000 C:\Program Files\Free Ride Games\X4HSEx.Sys 69632 bytes (Exent Technologies Ltd., X4HSEx Kernel Mode Driver)
0x87909000 C:\Windows\system32\DRIVERS\amdk8.sys 65536 bytes (Microsoft Corporation, Processor Device Driver)
0x80772000 C:\Windows\system32\drivers\fileinfo.sys 65536 bytes (Microsoft Corporation, FileInfo Filter Driver)
0x8791F000 C:\Windows\system32\DRIVERS\HIDCLASS.SYS 65536 bytes (Microsoft Corporation, Hid Class Library)
0x8D3C5000 C:\Windows\system32\DRIVERS\lltdio.sys 65536 bytes (Microsoft Corporation, Link-Layer Topology Mapper I/O Driver)
0x8070A000 C:\Windows\System32\drivers\mountmgr.sys 65536 bytes (Microsoft Corporation, Mount Point Manager)
0x8C098000 C:\Windows\system32\DRIVERS\ohci1394.sys 65536 bytes (Microsoft Corporation, 1394 OpenHCI Port Driver)
0x877A1000 C:\Windows\system32\DRIVERS\termdd.sys 65536 bytes (Microsoft Corporation, Terminal Server Driver)
0x8D2E3000 C:\Windows\system32\DRIVERS\monitor.sys 61440 bytes (Microsoft Corporation, Monitor Driver)
0x87B63000 C:\Windows\System32\Drivers\mup.sys 61440 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0x80680000 C:\Windows\System32\drivers\partmgr.sys 61440 bytes (Microsoft Corporation, Partition Management Driver)
0x879D4000 C:\Windows\system32\DRIVERS\raspppoe.sys 61440 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0x8C0D0000 C:\Windows\system32\DRIVERS\rimmptsk.sys 61440 bytes (REDC, RICOH SD Driver)
0x8798A000 C:\Windows\system32\DRIVERS\usbehci.sys 61440 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0x8069C000 C:\Windows\system32\drivers\volmgr.sys 61440 bytes (Microsoft Corporation, Volume Manager Driver)
0x8C0A8000 C:\Windows\system32\DRIVERS\1394BUS.SYS 57344 bytes (Microsoft Corporation, 1394 Bus Device Driver)
0x95040000 C:\Windows\System32\cdd.dll 57344 bytes (Microsoft Corporation, Canonical Display Driver)
0x8CFEF000 C:\Windows\system32\DRIVERS\netbios.sys 57344 bytes (Microsoft Corporation, NetBIOS interface driver)
0x8CF50000 C:\Windows\System32\Drivers\Npfs.SYS 57344 bytes (Microsoft Corporation, NPFS Driver)
0x806FC000 C:\Windows\system32\drivers\PCIIDEX.SYS 57344 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0x8D2B9000 C:\Windows\System32\Drivers\crashdmp.sys 53248 bytes (Microsoft Corporation, Crash Dump Driver)
0x87794000 C:\Windows\system32\drivers\modem.sys 53248 bytes (Microsoft Corporation, Modem Device Driver)
0x877DB000 C:\Windows\system32\DRIVERS\umbus.sys 53248 bytes (Microsoft Corporation, User-Mode Bus Enumerator)
0x805C0000 C:\Windows\system32\drivers\WDFLDR.SYS 53248 bytes (Microsoft Corporation, WDFLDR)
0x9BEE8000 C:\Windows\System32\drivers\tcpipreg.sys 49152 bytes (Microsoft Corporation, TCP/IP Registry Compatibility Driver)
0x8CF10000 C:\Windows\System32\drivers\vga.sys 49152 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0x8CBE8000 C:\Windows\System32\drivers\watchdog.sys 49152 bytes (Microsoft Corporation, Watchdog Driver)
0x8D2C6000 C:\Windows\System32\Drivers\dump_dumpata.sys 45056 bytes
0x8C3D5000 C:\Windows\system32\DRIVERS\kbdclass.sys 45056 bytes (Microsoft Corporation, Keyboard Class Driver)
0x8C3E0000 C:\Windows\system32\DRIVERS\mouclass.sys 45056 bytes (Microsoft Corporation, Mouse Class Driver)
0x8CF45000 C:\Windows\System32\Drivers\Msfs.SYS 45056 bytes (Microsoft Corporation, Mailslot driver)
0x8C000000 C:\Windows\system32\DRIVERS\ndistapi.sys 45056 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0x8C3EB000 C:\Windows\system32\DRIVERS\TDI.SYS 45056 bytes (Microsoft Corporation, TDI Wrapper)
0x87BF4000 C:\Windows\system32\DRIVERS\tunnel.sys 45056 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0x80692000 C:\Windows\system32\DRIVERS\BATTC.SYS 40960 bytes (Microsoft Corporation, Battery Class Driver)
0x8D2D9000 C:\Windows\System32\drivers\Dxapi.sys 40960 bytes (Microsoft Corporation, DirectX API Driver)
0x8C3F6000 C:\Windows\system32\DRIVERS\mssmbios.sys 40960 bytes (Microsoft Corporation, System Management BIOS Driver)
0x8D200000 C:\Windows\system32\DRIVERS\ndisuio.sys 40960 bytes (Microsoft Corporation, NDIS User mode I/O driver)
0x8D24B000 C:\Windows\system32\drivers\nsiproxy.sys 40960 bytes (Microsoft Corporation, NSI Proxy)
0x9BEDE000 C:\Windows\System32\Drivers\secdrv.SYS 40960 bytes (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., Macrovision SECURITY Driver)
0x87942000 C:\Windows\system32\DRIVERS\usbohci.sys 40960 bytes (Microsoft Corporation, OHCI USB Miniport Driver)
0x9A3F0000 C:\Windows\system32\DRIVERS\asyncmac.sys 36864 bytes (Microsoft Corporation, MS Remote Access serial network driver)
0x87BCB000 C:\Windows\system32\drivers\crcdisk.sys 36864 bytes (Microsoft Corporation, Disk Block Verification Filter Driver)
0x8D1E0000 C:\Windows\System32\Drivers\Fs_Rec.SYS 36864 bytes (Microsoft Corporation, File System Recognizer Driver)
0x879F7000 C:\Windows\system32\DRIVERS\kbdhid.sys 36864 bytes (Microsoft Corporation, HID Keyboard Filter Driver)
0x9BF34000 C:\Windows\system32\DRIVERS\MpNWMon.sys 36864 bytes (Microsoft Corporation, Network monitor driver)
0x9BF55000 C:\Windows\System32\Drivers\Normandy.SYS 36864 bytes (RKU Driver)
0x8CF5E000 C:\Windows\System32\DRIVERS\rasacd.sys 36864 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0x95020000 C:\Windows\System32\TSDDD.dll 36864 bytes (Microsoft Corporation, Framebuffer Display Driver)
0x87A00000 C:\Windows\system32\DRIVERS\tunmp.sys 36864 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0x87936000 C:\Windows\system32\DRIVERS\wmiacpi.sys 36864 bytes (Microsoft Corporation, Windows Management Interface for ACPI)
0x80648000 C:\Windows\system32\drivers\WMILIB.SYS 36864 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0x8071A000 C:\Windows\system32\drivers\atapi.sys 32768 bytes (Microsoft Corporation, ATAPI IDE Miniport Driver)
0x8041B000 C:\Windows\system32\BOOTVID.dll 32768 bytes (Microsoft Corporation, VGA Boot Driver)
0x8D2D1000 C:\Windows\System32\Drivers\dump_atapi.sys 32768 bytes
0x80651000 C:\Windows\system32\drivers\msisadrv.sys 32768 bytes (Microsoft Corporation, ISA Driver)
0x8D1F7000 C:\Windows\System32\DRIVERS\RDPCDD.sys 32768 bytes (Microsoft Corporation, RDP Miniport)
0x8CF3D000 C:\Windows\system32\drivers\rdpencdd.sys 32768 bytes (Microsoft Corporation, RDP Miniport)
0x87B5B000 C:\Windows\System32\Drivers\spldr.sys 32768 bytes (Microsoft Corporation, loader for security processor)
0x87B1A000 C:\Windows\system32\drivers\wd.sys 32768 bytes (Microsoft Corporation, Microsoft Watchdog Timer Driver)
0x9BF2C000 C:\Windows\system32\DRIVERS\xaudio.sys 32768 bytes (Conexant Systems, Inc., Modem Audio Device Driver)
0x8D1F0000 C:\Windows\System32\Drivers\Beep.SYS 28672 bytes (Microsoft Corporation, BEEP Driver)
0x8792F000 C:\Windows\system32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)
0x80403000 C:\Windows\system32\kdcom.dll 28672 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0x8D1E9000 C:\Windows\System32\Drivers\Null.SYS 28672 bytes (Microsoft Corporation, NULL Driver)
0x806F5000 C:\Windows\system32\drivers\pciide.sys 28672 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
0x8CBF4000 C:\Windows\system32\DRIVERS\HpqKbFiltr.sys 20480 bytes (Hewlett-Packard Development Company, L.P., HpqKbFiltr Keyboard Filter Driver)
0x87919000 C:\Windows\system32\DRIVERS\CmBatt.sys 16384 bytes (Microsoft Corporation, Control Method Battery Driver)
0x9A3F9000 C:\Windows\system32\DRIVERS\mdmxsdk.sys 16384 bytes (Conexant, Diagnostic Interface x86 Driver)
0x8068F000 C:\Windows\system32\DRIVERS\compbatt.sys 12288 bytes (Microsoft Corporation, Composite Battery Driver)
0x8793F000 C:\Windows\system32\DRIVERS\nvsmu.sys 12288 bytes (NVIDIA Corporation, NVIDIA® nForce™ SMU Microcontroller Driver)
0x8CBFB000 C:\Windows\system32\DRIVERS\pnetmdm.sys 12288 bytes (June Fabrics Technology, PdaNet Driver)
0x8791D000 C:\Windows\system32\DRIVERS\HpqRemHid.sys 8192 bytes (Hewlett-Packard Development Company, L.P., HP Remote Control HID Device)
0x8CBFE000 C:\Windows\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0x8CBF9000 C:\Windows\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
==============================================
>Stealth
==============================================
0x007E0000 Hidden Image-->CobStringList.dll [ EPROCESS 0x870F6538 ] PID: 1752, 28672 bytes
0x00960000 Hidden Image-->HP.ActiveSupportLibrary.dll [ EPROCESS 0x8438FD90 ] PID: 3624, 94208 bytes


#4 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,824 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:01:10 PM

Posted 13 September 2010 - 01:00 PM

I strongly suggest to take this computer as soon as possible to a repair shop to get checked out for this overheating problem. I'll happily check it out for malware, but from your description, I don't think this will make a difference.

We can continue here, but by doing so you risk overtaxing your computer and thus causing irrepairable damage.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#5 kdr1080

kdr1080
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:05:10 AM

Posted 13 September 2010 - 11:39 PM

Oh, is all that I posted problems? I had sent it in when it was under warranty to HP, they sent it back and it worked for a while. But I do have a couple of people that I can take it too, Thanks Elise. Is it possible that I also have a virus or malware?

#6 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,824 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:01:10 PM

Posted 14 September 2010 - 05:42 AM

It is possible, but malware doesn't cause overheating problems.

The reason I ask you to check out the overheating problem, is that this can cause very serious damage to your computer.

Once you have sorted out that problem, we can check it here further for malware problems.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#7 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,824 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:01:10 PM

Posted 20 September 2010 - 05:44 AM

Hi, are you still there?

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#8 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,824 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:01:10 PM

Posted 27 September 2010 - 05:46 AM

Due to lack of feedback, this topic will now be closed.

If you are the original topic starter and you need this topic reopened, please send me a PM.

Everyone else, please start a new topic.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users