Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

tanevalu.dll is not a valid Windows image


  • This topic is locked This topic is locked
9 replies to this topic

#1 nfactr

nfactr

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:13 PM

Posted 30 December 2010 - 03:31 PM

Hello,

This just recently started and is going downhill quickly. It seems anytime any file is accessed, opened, or used it flashes this error message: "The application or DLL C:\WINDOWS\system32\tanevalu.dll is not a valid Windows image. Please check this against your installation diskette." To start up it pops up hundreds of them and they must all be closed prior to other programs working. It continues to do this as you work with various programs. Apart from slowing the system down it appears to just be really annoying at this point. I run AVG2011, Malware Bytes, and Spybot. Thanks in advance for any advice!!


DDS (Ver_10-12-12.02) - NTFSx86
Run by Nate Webb at 12:24:17.39 on Thu 12/30/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1979.1324 [GMT -7:00]


============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
C:\WINDOWS\system32\ASTSRV.EXE
C:\Program Files\B.H.A\Common\bgsvcg.exe
C:\WINDOWS\System32\DVDRAMSV.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\WINDOWS\system32\svchost.exe -k HPService
C:\Program Files\IDrive\IDriveE Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Novatel Wireless\Novacore\Server\NvtlSrvr.exe
C:\Program Files\Panasonic\pcinfo\PCInfoPi.exe
C:\Program Files\Panasonic\pcinfo\PCInfoSV.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Panasonic\Hotkey Appendix\HKEYAPP.EXE
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Panasonic\WSwitch\WSwitch.exe
C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\MSN Toolbar\Platform\4.0.0346.1\mswinext.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Sprint\Sprint SmartView\SprintSV.exe
C:\Program Files\Sprint\Sprint SmartView\RDVCHG.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\RAMAsst.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Sprint\Sprint SmartView\RcAppSvc.exe
C:\Program Files\IDrive\IDriveETray.exe
C:\Program Files\IDrive\IDRIVEESCAN.EXE
C:\Program Files\IDrive\IDriveEBackground.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Nate Webb\Desktop\dds.scr

============== Pseudo HJT Report ===============

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
BHO: MSN Toolbar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\4.0.0346.1\npwinext.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: MSN Toolbar: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\4.0.0346.1\npwinext.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: GameBox Toolbar: {0fef2d2c-cda6-45e4-b2ed-9df7c50c95ff} -
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Active Desktop Calendar] c:\program files\xemicomputers\active desktop calendar\ADC.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [DW6] "c:\program files\the weather channel fw\desktop\DesktopWeather.exe"
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [IDriveE Startup] "c:\program files\idrive\IDrvieEStartup.exe" Hide
mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [SoundMAX] "c:\program files\analog devices\soundmax\Smax4.exe" /tray
mRun: [Panasonic Hotkey Manager] c:\program files\panasonic\hotkey appendix\HKEYAPP.EXE
mRun: [PCinfo] c:\program files\panasonic\pcinfo\PcInfoUt.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [PRunOnce] c:\util\prunonce\PRunOnce.exe
mRun: [WSwitch] c:\program files\panasonic\wswitch\WSwitch.exe
mRun: [IntelZeroConfig] "c:\program files\intel\wifi\bin\ZCfgSvc.exe"
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [IntelWireless] "c:\program files\common files\intel\wirelesscommon\iFrmewrk.exe" /tf Intel Wireless Tray
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [MSN Toolbar] "c:\program files\msn toolbar\platform\4.0.0346.1\mswinext.exe"
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [Sprint SmartView] "c:\program files\sprint\sprint smartview\SprintSV.exe" -a
mRun: [RDVCHG] "c:\program files\sprint\sprint smartview\RDVCHG.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
StartupFolder: c:\docume~1\natewe~1\startm~1\programs\startup\idrive~1.lnk - c:\program files\idrive\IDriveEReg2ini.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng1.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ramasst.lnk - c:\windows\system32\RAMAsst.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
LSP: bmnet.dll
DPF: {01113300-3E00-11D2-8470-0060089874ED} - hxxp://chat.bresnan.com/sdccommon/download/tgctlcm.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1250554622673
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: {D6B1DBD6-11CD-4D4F-A2F9-0770C893877E} = 68.28.58.92 68.28.50.91
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: tanevalu.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
LSA: Notification Packages = scecli tanevalu.dll

============= SERVICES / DRIVERS ===============

R0 BsStor;B.H.A Storage Helper Driver;c:\windows\system32\drivers\bsstor.sys [2008-6-20 17192]
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2010-12-29 28552]
R2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files\adobe\elements organizer 8.0\PhotoshopElementsFileAgent.exe [2009-9-6 169312]
R2 bgsvcg;B's Recorder GOLD General Service;c:\program files\b.h.a\common\bgsvcg.exe [2008-6-17 145504]
R2 IDriveE Service;IDriveE Service;c:\program files\idrive\IDriveE Service.exe [2010-12-29 148936]
R2 NvtlService;NovaCore SDK Service;c:\program files\novatel wireless\novacore\server\NvtlSrvr.exe [2010-1-11 82944]
R2 PcInfoPi;Panasonic PC Information Viewer Service 2;c:\program files\panasonic\pcinfo\PCInfoPi.exe [2008-6-17 54632]
R2 PcInfoSV;Panasonic PC Information Viewer;c:\program files\panasonic\pcinfo\PCInfoSV.exe [2008-6-17 189800]
R3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y5132.sys [2008-6-17 244368]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [2008-6-17 41216]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2008-6-20 108032]
R3 NewMisc;Panasonic Misc Driver;c:\windows\system32\drivers\newmisc.sys [2008-6-17 50440]
R3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;c:\windows\system32\drivers\nwusbser2.sys [2010-6-8 174720]
R3 pneteth;PdaNet Broadband;c:\windows\system32\drivers\pneteth.sys [2010-10-3 13312]
R4 BsUDF;BsUDF;c:\windows\system32\drivers\BsUDF.sys [2008-6-20 195616]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-9-15 133104]
S3 FIDTPU;Fujitsu Touch Panel (USB);c:\windows\system32\drivers\FIDTPU.sys [2008-6-17 27030]
S3 GemCCID;GemCCID;c:\windows\system32\drivers\GemCCID.sys [2008-6-17 87424]
S3 rismc32;RICOH Smart Card Reader;c:\windows\system32\drivers\rismc32.sys [2008-6-17 47616]

=============== Created Last 30 ================

2010-12-30 01:25:55 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys
2010-12-30 01:25:52 -------- d-----w- c:\program files\Panda Security
2010-12-27 22:36:51 20 ----a-w- c:\windows\system32\TANEVALU.DLL
2010-12-15 11:30:39 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2010-12-15 11:27:44 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2010-12-02 02:01:14 -------- d-----w- C:\util2

==================== Find3M ====================

2010-12-20 18:21:14 1302528 ----a-w- c:\windows\system32\IDriveEService.dll
2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-06 00:26:58 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:26:58 43520 ------w- c:\windows\system32\licmgr10.dll
2010-11-06 00:26:58 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25:54 385024 ----a-w- c:\windows\system32\html.iec
2010-10-28 13:13:22 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:25:00 1853312 ----a-w- c:\windows\system32\win32k.sys

============= FINISH: 12:29:45.25 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 nfactr

nfactr
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:13 PM

Posted 04 January 2011 - 04:49 PM

Any suggestions on anything to help make it go away? Thank you so much!!

#3 Shannon2012

Shannon2012

  • Security Colleague
  • 3,657 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:02:13 AM

Posted 06 January 2011 - 04:06 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review your topic and do their best to resolve your issues.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.

Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

We also need a new log from the GMER anti-rootkit scanner. Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice

Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


Shannon

#4 nfactr

nfactr
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:13 PM

Posted 06 January 2011 - 08:27 PM

Hello,

Thanks in advance for all of your help in this matter!! It just keeps saying over and over and over again that tanevalu.dll is not a valid windows image and to insert they system diskette. It does it hundreds of times over and over.

Thanks

DDS (Ver_10-12-12.02) - NTFSx86
Run by Nate Webb at 16:03:06.67 on Thu 01/06/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1979.820 [GMT -7:00]

AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
C:\WINDOWS\system32\ASTSRV.EXE
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\B.H.A\Common\bgsvcg.exe
C:\WINDOWS\System32\DVDRAMSV.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\WINDOWS\system32\svchost.exe -k HPService
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Novatel Wireless\Novacore\Server\NvtlSrvr.exe
C:\Program Files\Panasonic\pcinfo\PCInfoPi.exe
C:\Program Files\Panasonic\pcinfo\PCInfoSV.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\IDrive\IDriveETray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Panasonic\Hotkey Appendix\HKEYAPP.EXE
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Panasonic\WSwitch\WSwitch.exe
C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\MSN Toolbar\Platform\4.0.0346.1\mswinext.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Sprint\Sprint SmartView\SprintSV.exe
C:\Program Files\Sprint\Sprint SmartView\RDVCHG.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\RAMAsst.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Sprint\Sprint SmartView\RcAppSvc.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Sprint\Sprint SmartView\bmctl.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Nate Webb\Desktop\dds.scr

============== Pseudo HJT Report ===============

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
BHO: MSN Toolbar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\4.0.0346.1\npwinext.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: MSN Toolbar: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\4.0.0346.1\npwinext.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: GameBox Toolbar: {0fef2d2c-cda6-45e4-b2ed-9df7c50c95ff} -
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Active Desktop Calendar] c:\program files\xemicomputers\active desktop calendar\ADC.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [DW6] "c:\program files\the weather channel fw\desktop\DesktopWeather.exe"
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [IDriveE Startup] "c:\program files\idrive\IDrvieEStartup.exe" Hide
mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [SoundMAX] "c:\program files\analog devices\soundmax\Smax4.exe" /tray
mRun: [Panasonic Hotkey Manager] c:\program files\panasonic\hotkey appendix\HKEYAPP.EXE
mRun: [PCinfo] c:\program files\panasonic\pcinfo\PcInfoUt.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [PRunOnce] c:\util\prunonce\PRunOnce.exe
mRun: [WSwitch] c:\program files\panasonic\wswitch\WSwitch.exe
mRun: [IntelZeroConfig] "c:\program files\intel\wifi\bin\ZCfgSvc.exe"
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [IntelWireless] "c:\program files\common files\intel\wirelesscommon\iFrmewrk.exe" /tf Intel Wireless Tray
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [MSN Toolbar] "c:\program files\msn toolbar\platform\4.0.0346.1\mswinext.exe"
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [Sprint SmartView] "c:\program files\sprint\sprint smartview\SprintSV.exe" -a
mRun: [RDVCHG] "c:\program files\sprint\sprint smartview\RDVCHG.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
StartupFolder: c:\docume~1\natewe~1\startm~1\programs\startup\idrive~1.lnk - c:\program files\idrive\IDriveEReg2ini.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng1.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ramasst.lnk - c:\windows\system32\RAMAsst.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
LSP: bmnet.dll
DPF: {01113300-3E00-11D2-8470-0060089874ED} - hxxp://chat.bresnan.com/sdccommon/download/tgctlcm.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1250554622673
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: tanevalu.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
LSA: Notification Packages = scecli tanevalu.dll

============= SERVICES / DRIVERS ===============

R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 25680]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 26064]
R0 BsStor;B.H.A Storage Helper Driver;c:\windows\system32\drivers\bsstor.sys [2008-6-20 17192]
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2010-12-29 28552]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-12-8 251728]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 34384]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-11-12 299984]
R2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files\adobe\elements organizer 8.0\PhotoshopElementsFileAgent.exe [2009-9-6 169312]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2010-10-22 265400]
R2 bgsvcg;B's Recorder GOLD General Service;c:\program files\b.h.a\common\bgsvcg.exe [2008-6-17 145504]
R2 NvtlService;NovaCore SDK Service;c:\program files\novatel wireless\novacore\server\NvtlSrvr.exe [2010-1-11 82944]
R2 PcInfoPi;Panasonic PC Information Viewer Service 2;c:\program files\panasonic\pcinfo\PCInfoPi.exe [2008-6-17 54632]
R2 PcInfoSV;Panasonic PC Information Viewer;c:\program files\panasonic\pcinfo\PCInfoSV.exe [2008-6-17 189800]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2010-8-19 123472]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2010-8-19 30288]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2010-8-19 26192]
R3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y5132.sys [2008-6-17 244368]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [2008-6-17 41216]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2008-6-20 108032]
R3 NewMisc;Panasonic Misc Driver;c:\windows\system32\drivers\newmisc.sys [2008-6-17 50440]
R3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;c:\windows\system32\drivers\nwusbser2.sys [2010-6-8 174720]
R3 pneteth;PdaNet Broadband;c:\windows\system32\drivers\pneteth.sys [2010-10-3 13312]
R4 BsUDF;BsUDF;c:\windows\system32\drivers\BsUDF.sys [2008-6-20 195616]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2010-11-23 6128208]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-9-15 133104]
S2 IDriveE Service;IDriveE Service;c:\program files\idrive\IDriveE Service.exe [2010-12-29 148936]
S3 FIDTPU;Fujitsu Touch Panel (USB);c:\windows\system32\drivers\FIDTPU.sys [2008-6-17 27030]
S3 GemCCID;GemCCID;c:\windows\system32\drivers\GemCCID.sys [2008-6-17 87424]
S3 rismc32;RICOH Smart Card Reader;c:\windows\system32\drivers\rismc32.sys [2008-6-17 47616]

=============== Created Last 30 ================

2011-01-03 23:35:39 -------- d-----w- c:\windows\system32\drivers\AVG
2011-01-03 23:35:39 -------- d-----w- c:\docume~1\alluse~1\applic~1\AVG10
2011-01-02 09:06:39 -------- d-----w- c:\windows\system32\NtmsData
2010-12-30 01:25:55 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys
2010-12-30 01:25:52 -------- d-----w- c:\program files\Panda Security
2010-12-27 22:36:51 20 ----a-w- c:\windows\system32\TANEVALU.DLL
2010-12-15 11:30:39 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2010-12-15 11:27:44 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2010-12-08 11:12:38 251728 ----a-w- c:\windows\system32\drivers\avgldx86.sys

==================== Find3M ====================

2010-12-20 18:21:14 1302528 ----a-w- c:\windows\system32\IDriveEService.dll
2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-06 00:26:58 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:26:58 43520 ------w- c:\windows\system32\licmgr10.dll
2010-11-06 00:26:58 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25:54 385024 ----a-w- c:\windows\system32\html.iec
2010-10-28 13:13:22 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:25:00 1853312 ----a-w- c:\windows\system32\win32k.sys

============= FINISH: 16:06:10.06 ===============

Attached Files



#5 Shannon2012

Shannon2012

  • Security Colleague
  • 3,657 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:02:13 AM

Posted 07 January 2011 - 02:45 PM

Hi,

Welcome to Bleeping Computer.

My name is Shannon and I will be working with you to remove the malware that is on your machine.

I apologize for the delay in replying to your post, but this forum is extremely busy.

Please don't make any further changes or run any other tools unless instructed to. Additional changes may hinder the cleaning of your machine.

When asked to copy logs or reports into your reply, please copy them directly into your reply. Do not include them in quotes. Do not attach them unless asked to do so. In Notepad, please turn off Word Wrap under the Format menu.

Please Track this topic - On the top right on this tread, click on the Option button, and, in the drop-down list, click on 'Track this topic'. Under Subscription Information, click on 'Immediate Email Notification' and then click on the Proceed button at the bottom.

Please give me some time to look over your log. I will post the reply as soon as possible.
Shannon

#6 Shannon2012

Shannon2012

  • Security Colleague
  • 3,657 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:02:13 AM

Posted 07 January 2011 - 03:54 PM

Hi-

Thank you for the reports. We need to get one more scan.

We need to create an OTL Report
  • Please download OTL from here:
  • Main Mirror
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Change the "Extra Registry" option to "Use SafeList"
  • Push the Posted Image button.
  • Two reports will open, copy and paste them into your reply:
  • OTL.txt <-- Will be opened
  • Extra.txt <-- Will be minimized

In your reply, please copy in the two OTL reports.
Shannon

#7 nfactr

nfactr
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:13 PM

Posted 07 January 2011 - 04:21 PM

Hi Shannon, thanks again, here are the two OLT files, extras first.

OTL Extras logfile created on: 1/7/2011 2:15:20 PM - Run 2
OTL by OldTimer - Version 3.2.18.2 Folder = C:\Documents and Settings\Nate Webb\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 34.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 67.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 30.01 Gb Total Space | 1.50 Gb Free Space | 4.99% Space Free | Partition Type: NTFS
Drive D: | 119.04 Gb Total Space | 74.43 Gb Free Space | 62.52% Space Free | Partition Type: NTFS
Drive E: | 56.38 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: YOUR-126BD50AE7 | User Name: Nate Webb | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Summit\jre\bin\javaw.exe" = C:\Program Files\Summit\jre\bin\javaw.exe:*:Enabled:Java™ 2 Platform Standard Edition binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Sprint\Sprint SmartView\bmop.exe" = C:\Program Files\Sprint\Sprint SmartView\bmop.exe:*:Enabled:Optimization Proxy -- (Bytemobile, Inc.)
"C:\Documents and Settings\Nate Webb\Local Settings\Temp\7zSB.tmp\setup\HPZnui01.exe" = C:\Documents and Settings\Nate Webb\Local Settings\Temp\7zSB.tmp\setup\HPZnui01.exe:*:Enabled:hpznui01.exe -- File not found
"C:\Program Files\Java\jre6\bin\javaws.exe" = C:\Program Files\Java\jre6\bin\javaws.exe:*:Enabled:Java™ Web Start Launcher -- (Sun Microsystems, Inc.)
"C:\Program Files\CAD Zone\Crash Zone 8\CrashZone.exe" = C:\Program Files\CAD Zone\Crash Zone 8\CrashZone.exe:*:Enabled:The CAD Zone Executable -- (The CAD Zone, Inc.)
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe" = C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe:*:Enabled:RegSrvc -- (Intel® Corporation)
"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\AVG\AVG10\avgnsx.exe" = C:\Program Files\AVG\AVG10\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgemcx.exe" = C:\Program Files\AVG\AVG10\avgemcx.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{04E7A3BB-DB38-481C-A809-35FA60C78EDF}" = AVG 2011
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = MSN Toolbar
"{0B5F5D71-117C-4381-98AC-9DBDAD5AE1B6}" = MSN Toolbar Platform
"{0BC4864E-72C5-472D-8692-0E5971E0BD36}" = BPDSoftware_Ini
"{10829556-7C82-4a83-8C81-F2D98472C76B}" = H470
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series" = Canon MP560 series MP Drivers
"{128E898B-69B7-4E0F-8F89-A95678725DA1}" = PC Information Viewer
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{17DFE37C-064E-4834-AD8F-A4B2B4DF68F8}" = Adobe Photoshop Elements 8.0
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}" = B.H.A B's CLiP 7.19
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java™ 6 Update 16
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2CCBABCB-6427-4A55-B091-49864623C43F}" = Google Toolbar for Firefox
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{324CEC09-007A-48eb-90E0-9D42D4D5EB0A}" = NetDeviceManager
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{395A57A6-E0E1-C599-3A28-19A96682B4C6}" = Adobe Photoshop.com Inspiration Browser
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{49C85DEE-5BDB-4BA5-82A9-136CD33C34D1}" = Crash Zone 8.5
"{4DAC69B9-671A-4C10-8729-9F23EAA16B01}" = Mobile 4.5
"{5A15F754-086E-4185-96F4-0BC31F1A2382}" = HP Officejet H470 Series
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{6673E0F4-D376-431b-A6F4-18D1B86B4A89}" = BPDSoftware
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B349DE1-590D-4506-B272-9115EC31F7D2}" = 470_Help
"{6DAA0AF0-3B51-4EE0-83CC-47A3582DFA51}" = Loupe Utility
"{6F32C767-F22F-4E3C-82D8-3A5265A7521D}" = Intel® PROSet/Wireless WiFi Software
"{6FE22909-D0D6-4111-ABCE-7F8D986C4A2A}" = Foxit PDF Preview Handler
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update
"{833CF9E6-42DD-46EB-BC96-50A88FFC7A61}" = Foxit PDF Preview Handler for XP
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84E0D40C-ED8E-48B2-83D2-4C11AB246F4A}" = Sprint SmartView
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_STANDARD_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_STANDARD_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_STANDARD_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_STANDARD_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_STANDARD_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_STANDARD_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_STANDARD_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_STANDARD_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_STANDARD_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{93994589-6A13-49BE-8AF6-12AAC9A28529}" = Icon Enlarger
"{943622A3-F5E9-464F-A025-90D02F3B8ACE}" = Hotkey Appendix
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{99733131-7B00-4E5C-8991-113CD61D8E2F}" = Panasonic Common Components
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}" = DVD-RAM Driver
"{9E384B32-59C8-46EF-BEA6-4DC8F27CDB8E}" = InstallVC90Support
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.3
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{BA72A4E3-D2D0-4203-A17E-E53012B8807C}" = BPD_HPSU
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3F86AED-BE9B-4C25-B3E0-11DBCD41B5A1}" = B.H.A B's Recorder GOLD9 BASIC 9.28
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD5C2205-7BAD-4B87-BF9A-2BAC626B29C8}" = Battery Recalibration
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{DEEFA812-64A6-4083-BB38-87F68B6BA820}" = Hotkey Settings
"{E022C318-BAC9-468D-8731-3C5EE63C7743}" = 470_Readme
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E7C97E98-4C2D-BEAF-5D2F-CC45A2F95D90}" = Acrobat.com
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{EE5F0136-2C7C-42a7-B1B0-5F12D107A0EE}" = ProductContext
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F4C68898-EBA5-46A9-82B3-2D30426086BF}" = AVG 2011
"{F7EF4647-BD46-431D-9D51-099C85EC9E6F}" = Spillman4.6
"{FD95D9B1-CD01-4240-BE5F-A2CA21B553BC}" = Wireless Switch Utility
"3134FEF0E1D959EC0CC2E458C94B7057B2AC0CC9" = Windows Driver Package - FTDI CDM Driver Package (10/22/2009 2.06.00)
"88EB56038379B8B7DCFB4D2448A60F52E064B265" = Windows Driver Package - FTDI CDM Driver Package (10/22/2009 2.06.00)
"Active Desktop Calendar_is1" = Active Desktop Calendar 7.83
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Photoshop Elements 8.0" = Adobe Photoshop Elements 8.0
"AVG" = AVG 2011
"Bullzip PDF Printer_is1" = Bullzip PDF Printer 7.0.0.928
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_10F70000" = HDAUDIO Soft Data Fax Modem with SmartCP
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DivX Setup.divx.com" = DivX Setup
"ESD4.0.92" = Easy Street Draw 4
"FLV Player" = FLV Player 2.0 (build 25)
"HDMI" = Intel® Graphics Media Accelerator Driver
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"IDrive_is1" = IDrive version 3.3.4 December 29, 2010
"ie8" = Windows Internet Explorer 8
"InstallShield_{49C85DEE-5BDB-4BA5-82A9-136CD33C34D1}" = Crash Zone 8.5
"InstallShield_{99733131-7B00-4E5C-8991-113CD61D8E2F}" = Panasonic Common Components
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PdaNet_is1" = PdaNet for Android 2.45
"PhotoModeler Pro 5" = PhotoModeler Pro 5
"PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1" = Adobe Photoshop.com Inspiration Browser
"ProInst" = Intel PROSet Wireless
"PROR" = Microsoft Office Professional 2007 Trial
"SHARP PCL6 T1 Printer Driver" = SHARP PCL6 T1 Printer Driver
"STANDARD" = Microsoft Office Standard 2007
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"The CAD Zone" = The CAD Zone
"The Weather Channel Desktop 6" = The Weather Channel Desktop 6
"Uninstall_is1" = Uninstall 1.0.0.1
"Wdf01001" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.1
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"winusb0100" = Microsoft WinUsb 1.0
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1603900153-3598018214-1350478042-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"ActSoft House Arrest Solution" = ActSoft House Arrest Solution

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 1/3/2011 7:36:52 PM | Computer Name = YOUR-126BD50AE7 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 1/3/2011 7:36:53 PM | Computer Name = YOUR-126BD50AE7 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 1/3/2011 7:36:53 PM | Computer Name = YOUR-126BD50AE7 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 1/3/2011 7:36:53 PM | Computer Name = YOUR-126BD50AE7 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 1/3/2011 7:36:53 PM | Computer Name = YOUR-126BD50AE7 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 1/3/2011 7:36:54 PM | Computer Name = YOUR-126BD50AE7 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 1/3/2011 7:36:54 PM | Computer Name = YOUR-126BD50AE7 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 1/3/2011 7:36:55 PM | Computer Name = YOUR-126BD50AE7 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 1/3/2011 7:36:55 PM | Computer Name = YOUR-126BD50AE7 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 1/4/2011 5:45:08 PM | Computer Name = YOUR-126BD50AE7 | Source = Application Hang | ID = 1002
Description = Hanging application wmplayer.exe, version 11.0.5721.5145, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

[ OSession Events ]
Error - 2/24/2010 8:10:00 PM | Computer Name = YOUR-126BD50AE7 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 0
seconds with 0 seconds of active time. This session ended with a crash.

Error - 8/31/2010 3:28:52 PM | Computer Name = YOUR-126BD50AE7 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 252
seconds with 60 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 1/4/2011 7:42:24 PM | Computer Name = YOUR-126BD50AE7 | Source = Dhcp | ID = 1002
Description = The IP address lease 0.0.0.0 for the Network Card with network address
00215DC3C896 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a
DHCPNACK message).

Error - 1/5/2011 5:41:26 PM | Computer Name = YOUR-126BD50AE7 | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.123.51 for the Network Card with network
address 00215DC3C896 has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).

Error - 1/5/2011 6:00:44 PM | Computer Name = YOUR-126BD50AE7 | Source = Dhcp | ID = 1001
Description = Your computer was not assigned an address from the network (by the
DHCP Server) for the Network Card with network address 00215DC3C896. The following
error occurred: %%1223. Your computer will continue to try and obtain an address
on its own from the network address (DHCP) server.

Error - 1/6/2011 3:54:39 PM | Computer Name = YOUR-126BD50AE7 | Source = DCOM | ID = 10016
Description = The machine-default permission settings do not grant Local Activation
permission for the COM Server application with CLSID {A4199E55-EBB9-49E5-AF1A-7A5408B2E206}

to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission
can be modified using the Component Services administrative tool.

Error - 1/6/2011 3:54:39 PM | Computer Name = YOUR-126BD50AE7 | Source = DCOM | ID = 10016
Description = The machine-default permission settings do not grant Local Activation
permission for the COM Server application with CLSID {A4199E55-EBB9-49E5-AF1A-7A5408B2E206}

to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission
can be modified using the Component Services administrative tool.

Error - 1/6/2011 3:54:39 PM | Computer Name = YOUR-126BD50AE7 | Source = DCOM | ID = 10016
Description = The machine-default permission settings do not grant Local Activation
permission for the COM Server application with CLSID {A4199E55-EBB9-49E5-AF1A-7A5408B2E206}

to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission
can be modified using the Component Services administrative tool.

Error - 1/6/2011 4:13:40 PM | Computer Name = YOUR-126BD50AE7 | Source = Service Control Manager | ID = 7034
Description = The IDriveE Service service terminated unexpectedly. It has done
this 1 time(s).

Error - 1/7/2011 3:56:48 AM | Computer Name = YOUR-126BD50AE7 | Source = DCOM | ID = 10016
Description = The machine-default permission settings do not grant Local Activation
permission for the COM Server application with CLSID {A4199E55-EBB9-49E5-AF1A-7A5408B2E206}

to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission
can be modified using the Component Services administrative tool.

Error - 1/7/2011 3:56:48 AM | Computer Name = YOUR-126BD50AE7 | Source = DCOM | ID = 10016
Description = The machine-default permission settings do not grant Local Activation
permission for the COM Server application with CLSID {A4199E55-EBB9-49E5-AF1A-7A5408B2E206}

to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission
can be modified using the Component Services administrative tool.

Error - 1/7/2011 3:56:48 AM | Computer Name = YOUR-126BD50AE7 | Source = DCOM | ID = 10016
Description = The machine-default permission settings do not grant Local Activation
permission for the COM Server application with CLSID {A4199E55-EBB9-49E5-AF1A-7A5408B2E206}

to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission
can be modified using the Component Services administrative tool.


< End of report >



And OTL:

OTL logfile created on: 1/7/2011 2:15:20 PM - Run 2
OTL by OldTimer - Version 3.2.18.2 Folder = C:\Documents and Settings\Nate Webb\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 34.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 67.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 30.01 Gb Total Space | 1.50 Gb Free Space | 4.99% Space Free | Partition Type: NTFS
Drive D: | 119.04 Gb Total Space | 74.43 Gb Free Space | 62.52% Space Free | Partition Type: NTFS
Drive E: | 56.38 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: YOUR-126BD50AE7 | User Name: Nate Webb | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/12/29 17:47:20 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Nate Webb\Desktop\OTL.exe
PRC - [2010/12/21 18:44:44 | 002,311,624 | ---- | M] (Pro Softnet Corp.) -- C:\Program Files\IDrive\IDriveETray.exe
PRC - [2010/12/21 18:43:14 | 000,042,440 | ---- | M] (Pro-SoftNet Corp, U.S.A) -- C:\Program Files\IDrive\IDriveEBackground.exe
PRC - [2010/12/21 18:42:50 | 000,148,936 | ---- | M] (Pro Softnet Corporation) -- C:\Program Files\IDrive\IDriveE Service.exe
PRC - [2010/12/05 16:26:40 | 000,654,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2010/12/05 16:26:12 | 000,650,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2010/12/01 04:14:46 | 001,084,256 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2010/11/23 13:34:16 | 000,724,048 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2010/11/23 13:34:14 | 006,128,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010/11/18 18:26:54 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2010/10/22 04:57:54 | 002,745,696 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2010/10/22 04:56:58 | 000,845,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2010/06/08 16:20:54 | 000,075,072 | ---- | M] (Sprint) -- C:\Program Files\Sprint\Sprint SmartView\SprintSV.exe
PRC - [2010/06/08 15:48:38 | 000,316,736 | ---- | M] (C-motech Co.,Ltd) -- C:\Program Files\Sprint\Sprint SmartView\RDVCHG.exe
PRC - [2010/06/08 15:48:26 | 000,120,128 | ---- | M] (SmithMicro Inc.) -- C:\Program Files\Sprint\Sprint SmartView\RcAppSvc.exe
PRC - [2010/06/08 15:35:26 | 000,734,336 | ---- | M] (Bytemobile, Inc.) -- C:\Program Files\Sprint\Sprint SmartView\bmop.exe
PRC - [2010/06/08 15:35:24 | 000,390,272 | ---- | M] (Bytemobile, Inc.) -- C:\Program Files\Sprint\Sprint SmartView\bmctl.exe
PRC - [2010/05/14 10:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2010/01/11 13:10:52 | 000,082,944 | ---- | M] () -- C:\Program Files\Novatel Wireless\Novacore\Server\NvtlSrvr.exe
PRC - [2009/11/01 00:59:48 | 000,240,992 | ---- | M] (Microsoft Corp.) -- C:\Program Files\MSN Toolbar\Platform\4.0.0346.1\mswinext.exe
PRC - [2009/09/06 06:06:20 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
PRC - [2009/08/24 10:14:26 | 000,061,760 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\system32\ASTSRV.EXE
PRC - [2009/08/13 12:59:38 | 005,631,488 | ---- | M] (XemiComputers ltd.) -- C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
PRC - [2009/03/05 15:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/07/01 11:32:08 | 000,819,200 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2008/07/01 11:15:18 | 001,351,680 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
PRC - [2008/07/01 11:07:22 | 000,901,120 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
PRC - [2008/07/01 10:54:30 | 001,191,936 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
PRC - [2008/07/01 10:52:18 | 000,466,944 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2008/06/12 20:29:50 | 000,796,008 | ---- | M] (Matsubleepa Electric Industrial Co., Ltd.) -- C:\Program Files\Panasonic\WSwitch\WSwitch.exe
PRC - [2008/04/23 14:10:56 | 000,976,232 | ---- | M] (Matsubleepa Electric Industrial Co., Ltd.) -- C:\Program Files\Panasonic\Hotkey Appendix\hkeyapp.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/04 21:00:10 | 000,189,800 | ---- | M] (Matsubleepa Electric Industrial Co., Ltd.) -- C:\Program Files\Panasonic\pcinfo\PCInfoSV.exe
PRC - [2008/01/30 03:35:12 | 001,040,384 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
PRC - [2008/01/29 14:14:28 | 000,884,736 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4.exe
PRC - [2008/01/28 22:08:26 | 002,839,880 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2008/01/22 20:13:08 | 000,288,072 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
PRC - [2007/12/02 14:39:08 | 000,054,632 | ---- | M] (Matsubleepa Electric Industrial Co., Ltd.) -- C:\Program Files\Panasonic\pcinfo\PCInfoPi.exe
PRC - [2007/10/29 14:30:14 | 000,278,528 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2007/10/04 18:39:42 | 000,077,824 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
PRC - [2007/06/15 12:59:14 | 000,145,504 | ---- | M] (B.H.A Corporation) -- C:\Program Files\B.H.A\Common\bgsvcg.exe
PRC - [2007/02/25 21:55:18 | 000,125,048 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
PRC - [2007/01/21 18:47:00 | 000,163,840 | ---- | M] (Matsubleepa Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\RAMAsst.exe
PRC - [2006/09/03 17:47:00 | 000,110,592 | ---- | M] (Matsubleepa Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\DVDRAMSV.exe
PRC - [2004/10/14 01:28:02 | 000,098,394 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe


========== Modules (SafeList) ==========

MOD - [2010/12/29 17:47:20 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Nate Webb\Desktop\OTL.exe
MOD - [2010/08/23 09:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2008/11/05 10:21:12 | 000,044,032 | ---- | M] () -- C:\Program Files\XemiComputers\Active Desktop Calendar\MouseHook.dll
MOD - [2004/10/14 01:27:48 | 000,069,722 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\SynTPFcs.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010/12/21 18:42:50 | 000,148,936 | ---- | M] (Pro Softnet Corporation) [Auto | Running] -- C:\Program Files\IDrive\IDriveE Service.exe -- (IDriveE Service)
SRV - [2010/11/23 13:34:14 | 006,128,208 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/06/08 15:48:26 | 000,120,128 | ---- | M] (SmithMicro Inc.) [On_Demand | Running] -- C:\Program Files\Sprint\Sprint SmartView\RcAppSvc.exe -- (SprintRcAppSvc)
SRV - [2010/05/14 10:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2010/01/11 13:10:52 | 000,082,944 | ---- | M] () [Auto | Running] -- C:\Program Files\Novatel Wireless\Novacore\Server\NvtlSrvr.exe -- (NvtlService)
SRV - [2009/12/23 14:01:00 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/09/06 06:06:20 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0)
SRV - [2009/08/24 10:14:26 | 000,061,760 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\WINDOWS\system32\ASTSRV.EXE -- (astcc)
SRV - [2008/07/01 11:32:08 | 000,819,200 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008/07/01 11:07:22 | 000,901,120 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe -- (S24EventMonitor)
SRV - [2008/07/01 10:52:18 | 000,466,944 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008/04/04 21:00:10 | 000,189,800 | ---- | M] (Matsubleepa Electric Industrial Co., Ltd.) [Auto | Running] -- C:\Program Files\Panasonic\pcinfo\PCInfoSV.exe -- (PcInfoSV)
SRV - [2007/12/02 14:39:08 | 000,054,632 | ---- | M] (Matsubleepa Electric Industrial Co., Ltd.) [Auto | Running] -- C:\Program Files\Panasonic\pcinfo\PCInfoPi.exe -- (PcInfoPi)
SRV - [2007/06/15 12:59:14 | 000,145,504 | ---- | M] (B.H.A Corporation) [Auto | Running] -- C:\Program Files\B.H.A\Common\bgsvcg.exe -- (bgsvcg)
SRV - [2007/02/25 21:55:18 | 000,125,048 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2006/09/03 17:47:00 | 000,110,592 | ---- | M] (Matsubleepa Electric Industrial Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service)


========== Driver Services (SafeList) ==========

DRV - [2010/12/08 04:12:38 | 000,251,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/11/12 13:19:38 | 000,299,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2010/09/13 15:27:24 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2010/09/07 03:48:56 | 000,034,384 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2010/09/07 03:48:50 | 000,026,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2010/09/02 16:49:06 | 000,013,312 | ---- | M] (June Fabrics Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pneteth.sys -- (pneteth)
DRV - [2010/08/19 20:42:38 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2010/08/19 20:42:36 | 000,123,472 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010/08/19 20:42:34 | 000,026,192 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2010/06/08 15:35:48 | 000,174,720 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nwusbser2.sys -- (NWUSBPort2)
DRV - [2010/06/08 15:35:48 | 000,174,720 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nwusbser.sys -- (NWUSBPort)
DRV - [2010/06/08 15:35:48 | 000,174,720 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nwusbmdm.sys -- (NWUSBModem)
DRV - [2010/06/08 15:35:46 | 000,229,376 | ---- | M] (Novatel Wireless Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NWADIenum.sys -- (NWADI)
DRV - [2010/06/08 15:35:26 | 000,024,192 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2010/06/08 15:35:20 | 000,038,680 | ---- | M] (PCTEL Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctnullport.sys -- (Nmea)
DRV - [2010/06/08 15:30:34 | 000,032,408 | ---- | M] (Smith Micro Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCTINDIS5.sys -- (PCTINDIS5)
DRV - [2009/10/22 08:11:14 | 000,057,800 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2009/10/22 08:09:34 | 000,072,520 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2009/09/10 14:48:30 | 000,028,288 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\swmsflt.sys -- (swmsflt)
DRV - [2009/06/30 10:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2008/11/24 17:04:10 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PCASp50.sys -- (PCASp50)
DRV - [2008/06/26 06:15:34 | 003,630,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32) Intel®
DRV - [2008/06/10 19:15:00 | 006,021,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2008/05/05 23:01:50 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2008/04/29 00:09:00 | 000,108,032 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV - [2008/04/15 17:53:44 | 000,312,344 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\iaStor.sys -- (iaStor)
DRV - [2008/04/13 09:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/03/26 12:42:00 | 000,244,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1y5132.sys -- (e1yexpress) Intel®
DRV - [2008/03/20 12:32:24 | 000,011,904 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2008/03/13 11:24:00 | 000,087,424 | ---- | M] (Gemalto) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GemCCID.sys -- (GemCCID)
DRV - [2008/02/18 12:24:04 | 000,330,752 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - [2008/01/22 20:57:48 | 000,054,144 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2008/01/11 12:18:02 | 000,021,632 | R--- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2008/01/11 12:18:02 | 000,019,840 | R--- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2008/01/11 12:18:02 | 000,012,416 | R--- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2007/12/26 15:14:28 | 000,114,560 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2007/11/29 16:47:36 | 000,074,240 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2007/11/29 09:45:44 | 000,036,608 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2007/11/21 19:06:28 | 000,050,440 | ---- | M] (Matsubleepa Electric Industrial Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\newmisc.sys -- (NewMisc)
DRV - [2007/11/13 23:48:20 | 000,084,992 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2007/10/02 11:43:22 | 000,064,128 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2007/09/06 14:22:54 | 000,195,616 | ---- | M] (B.H.A Co.,Ltd.) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\BsUDF.sys -- (BsUDF)
DRV - [2007/07/23 08:59:12 | 000,041,216 | ---- | M] (Infineon Technologies AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ifxtpm.sys -- (IFXTPM)
DRV - [2007/06/11 14:25:28 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (tosrfusb)
DRV - [2007/03/27 20:15:36 | 000,046,992 | ---- | M] (UPEK Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tcusb.sys -- (TcUsb)
DRV - [2007/03/25 20:18:00 | 000,117,424 | ---- | M] (Matsubleepa Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf)
DRV - [2006/12/21 12:56:44 | 000,988,800 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2006/12/21 12:56:00 | 000,209,664 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2006/12/21 12:55:56 | 000,730,112 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2006/12/19 02:08:00 | 000,047,616 | ---- | M] (RICOH Company, Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rismc32.sys -- (rismc32)
DRV - [2006/12/18 21:28:46 | 000,017,192 | ---- | M] (B.H.A Co.,Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\bsstor.sys -- (BsStor)
DRV - [2006/11/13 11:48:36 | 000,019,840 | ---- | M] (Matsubleepa Electric Industrial Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hotkey.sys -- (HOTKEY)
DRV - [2006/11/02 06:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2006/10/10 19:33:00 | 000,041,600 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte)
DRV - [2006/07/11 16:36:44 | 000,027,030 | ---- | M] (Fujitsu Component Limited) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\FIDTPU.sys -- (FIDTPU) Fujitsu Touch Panel (USB)
DRV - [2006/02/20 19:17:40 | 000,033,408 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdrbsdrv.sys -- (cdrbsdrv)
DRV - [2005/01/07 05:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2004/10/14 01:14:04 | 000,185,728 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1603900153-3598018214-1350478042-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKU\S-1-5-21-1603900153-3598018214-1350478042-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-1603900153-3598018214-1350478042-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 86 62 83 00 93 AB CB 01 [binary data]
IE - HKU\S-1-5-21-1603900153-3598018214-1350478042-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files\MSN Toolbar\Platform\4.0.0346.1\Firefox [2009/11/15 15:34:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/06/10 13:43:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{25068E37-F6D0-4A03-A302-F30312992E79}: C:\Documents and Settings\Nate Webb\Local Settings\Application Data\{25068E37-F6D0-4A03-A302-F30312992E79} [2010/07/14 14:46:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users\Application Data\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2010/11/18 18:26:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG10\Firefox\ [2011/01/03 16:35:45 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2010/04/05 17:17:41 | 000,000,769 | -H-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.twitter.com
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (MSN Toolbar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\4.0.0346.1\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\4.0.0346.1\npwinext.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1603900153-3598018214-1350478042-1005\..\Toolbar\WebBrowser: (no name) - {0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF} - No CLSID value found.
O3 - HKU\S-1-5-21-1603900153-3598018214-1350478042-1005\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe (Intel® Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSN Toolbar] C:\Program Files\MSN Toolbar\Platform\4.0.0346.1\mswinext.exe (Microsoft Corp.)
O4 - HKLM..\Run: [Panasonic Hotkey Manager] C:\Program Files\Panasonic\Hotkey Appendix\hkeyapp.exe (Matsubleepa Electric Industrial Co., Ltd.)
O4 - HKLM..\Run: [PCinfo] C:\Program Files\Panasonic\pcinfo\PcInfoUt.exe (Matsubleepa Electric Industrial Co., Ltd.)
O4 - HKLM..\Run: [PRunOnce] C:\util\prunonce\PRunOnce.exe (Matsubleepa Electric Industrial Co., Ltd.)
O4 - HKLM..\Run: [RDVCHG] C:\Program Files\Sprint\Sprint SmartView\RDVCHG.exe (C-motech Co.,Ltd)
O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [Sprint SmartView] C:\Program Files\Sprint\Sprint SmartView\SprintSV.exe (Sprint)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [WSwitch] C:\Program Files\Panasonic\WSwitch\WSwitch.exe (Matsubleepa Electric Industrial Co., Ltd.)
O4 - HKU\S-1-5-21-1603900153-3598018214-1350478042-1005..\Run: [Active Desktop Calendar] C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe (XemiComputers ltd.)
O4 - HKU\S-1-5-21-1603900153-3598018214-1350478042-1005..\Run: [DW6] C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe (The Weather Channel Interactive, Inc.)
O4 - HKU\S-1-5-21-1603900153-3598018214-1350478042-1005..\Run: [IDriveE Startup] C:\Program Files\IDrive\IDrvieEStartup.exe (Pro Softnet Corporation)
O4 - HKU\S-1-5-21-1603900153-3598018214-1350478042-1005..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-1603900153-3598018214-1350478042-1005..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk = C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe (TOSHIBA CORPORATION.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\RAMASST.lnk = C:\WINDOWS\system32\RAMAsst.exe (Matsubleepa Electric Industrial Co., Ltd.)
O4 - Startup: C:\Documents and Settings\Nate Webb\Start Menu\Programs\Startup\IDrive Tray.lnk = C:\Program Files\IDrive\IDriveEReg2ini.exe (Pro Softnet Corp.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1603900153-3598018214-1350478042-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} http://chat.bresnan.com/sdccommon/download/tgctlcm.cab (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1250554622673 (WUWebControl Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - AppInit_DLLs: (tanevalu.dll) - C:\WINDOWS\System32\TANEVALU.DLL ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Nate Webb\Application Data\XemiComputers\Active Desktop Calendar\Desktop\Active Desktop Calendar.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Nate Webb\Application Data\XemiComputers\Active Desktop Calendar\Desktop\Active Desktop Calendar.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/06/17 13:43:35 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/10/14 09:51:10 | 000,000,028 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{eb344e86-7dca-11df-b81a-001e3daf5c16}\Shell - "" = AutoRun
O33 - MountPoints2\{eb344e86-7dca-11df-b81a-001e3daf5c16}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{eb344e86-7dca-11df-b81a-001e3daf5c16}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/01/03 16:46:35 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Nate Webb\Recent
[2011/01/03 16:35:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2011/01/03 16:35:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2011/01/02 02:06:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2010/12/29 23:17:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nate Webb\Desktop\gmer
[2010/12/29 19:18:14 | 000,229,376 | ---- | C] (Pro-SoftNet Corporation, USA) -- C:\WINDOWS\System32\IDrLocale.dll
[2010/12/29 19:18:12 | 000,526,184 | ---- | C] (Xceed Software Inc (450) 442-2626 support@xceedsoft.com www.xceedsoft.com) -- C:\WINDOWS\System32\XceedCry.dll
[2010/12/29 19:18:11 | 001,302,528 | ---- | C] (Pro Soft Net Corporation) -- C:\WINDOWS\System32\IDriveEService.dll
[2010/12/29 19:18:11 | 000,135,168 | ---- | C] (Pro-Softnet Corporation) -- C:\WINDOWS\System32\LogMail.dll
[2010/12/29 19:18:11 | 000,109,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSWINSCK.OCX
[2010/12/29 19:18:10 | 000,644,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCOMCT2.OCX
[2010/12/29 19:18:10 | 000,164,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\COMCT232.OCX
[2010/12/29 19:18:10 | 000,143,360 | ---- | C] (Herman & Associates) -- C:\WINDOWS\System32\HLButton.ocx
[2010/12/29 19:18:10 | 000,086,016 | ---- | C] (Streamnet India) -- C:\WINDOWS\System32\IBwinUtil.ocx
[2010/12/29 19:18:10 | 000,028,672 | ---- | C] (Checks Unlimited) -- C:\WINDOWS\System32\Disable_X.ocx
[2010/12/29 19:18:10 | 000,024,576 | ---- | C] (Streamnet India) -- C:\WINDOWS\System32\IBcalendarser.ocx
[2010/12/29 19:18:10 | 000,000,000 | ---D | C] -- C:\Program Files\IDrive
[2010/12/29 18:25:55 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys
[2010/12/29 18:25:52 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2010/12/29 17:47:14 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Nate Webb\Desktop\OTL.exe
[2010/12/15 04:30:39 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2010/12/15 04:27:44 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/01/07 13:35:00 | 000,000,892 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/07 08:19:02 | 103,672,065 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/01/07 00:56:13 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/01/07 00:56:10 | 000,000,888 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/07 00:55:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/01/07 00:55:37 | 2074,873,856 | -HS- | M] () -- C:\hiberfil.sys
[2011/01/06 12:25:58 | 000,011,492 | ---- | M] () -- D:\My Documents\vrzon.docx
[2011/01/05 20:08:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/01/05 17:43:07 | 000,002,533 | ---- | M] () -- C:\Documents and Settings\Nate Webb\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2007 (2).lnk
[2011/01/05 14:21:05 | 000,016,204 | ---- | M] () -- D:\My Documents\NANI RESUME.docx
[2011/01/05 14:21:05 | 000,000,162 | -H-- | M] () -- D:\My Documents\~$NI RESUME.docx
[2011/01/05 00:24:11 | 000,026,880 | ---- | M] () -- D:\My Documents\Curriculum Vitae.docx
[2011/01/04 19:08:20 | 000,010,898 | ---- | M] () -- D:\My Documents\stat1.xlsx
[2011/01/03 16:36:22 | 000,000,693 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2010/12/30 21:13:46 | 000,038,175 | ---- | M] () -- D:\My Documents\complete.docx
[2010/12/30 20:53:46 | 000,044,205 | ---- | M] () -- D:\My Documents\resume.docx
[2010/12/29 23:15:43 | 000,288,107 | ---- | M] () -- C:\Documents and Settings\Nate Webb\Desktop\gmer.zip
[2010/12/29 23:08:53 | 000,624,128 | ---- | M] () -- C:\Documents and Settings\Nate Webb\Desktop\dds.scr
[2010/12/29 23:06:32 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Nate Webb\defogger_reenable
[2010/12/29 23:06:22 | 000,050,477 | ---- | M] () -- C:\Documents and Settings\Nate Webb\Desktop\Defogger.exe
[2010/12/29 19:18:13 | 000,001,591 | ---- | M] () -- C:\Documents and Settings\Nate Webb\Application Data\Microsoft\Internet Explorer\Quick Launch\IDrive.lnk
[2010/12/29 19:18:13 | 000,001,585 | ---- | M] () -- C:\Documents and Settings\Nate Webb\Start Menu\Programs\Startup\IDrive Tray.lnk
[2010/12/29 19:18:13 | 000,001,573 | ---- | M] () -- C:\Documents and Settings\Nate Webb\Desktop\IDrive.lnk
[2010/12/29 17:47:20 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Nate Webb\Desktop\OTL.exe
[2010/12/28 17:22:08 | 082,568,190 | ---- | M] () -- C:\Documents and Settings\Nate Webb\Desktop\WS310346.WMA
[2010/12/27 15:36:52 | 000,000,020 | ---- | M] () -- C:\WINDOWS\System32\TANEVALU.DLL
[2010/12/22 08:49:26 | 000,023,552 | ---- | M] () -- C:\Documents and Settings\Nate Webb\Desktop\liz email.wps
[2010/12/21 00:50:01 | 000,274,168 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/12/20 11:21:14 | 001,302,528 | ---- | M] (Pro Soft Net Corporation) -- C:\WINDOWS\System32\IDriveEService.dll
[2010/12/17 21:28:44 | 000,040,743 | ---- | M] () -- C:\WINDOWS\PhotoModelerPro5.ini
[2010/12/14 01:25:31 | 000,015,986 | ---- | M] () -- D:\My Documents\christmas card list.docx
[2010/12/13 22:55:42 | 000,011,094 | ---- | M] () -- D:\My Documents\usu banner.docx
[2010/12/11 14:37:00 | 000,041,534 | ---- | M] () -- C:\Documents and Settings\Nate Webb\Desktop\Nate Webb Letter.pdf
[2010/12/09 01:00:24 | 000,013,039 | ---- | M] () -- D:\My Documents\dinner list.docx
[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/01/07 08:19:02 | 103,672,065 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/01/06 12:25:55 | 000,011,492 | ---- | C] () -- D:\My Documents\vrzon.docx
[2011/01/05 14:21:05 | 000,016,204 | ---- | C] () -- D:\My Documents\NANI RESUME.docx
[2011/01/05 14:21:05 | 000,000,162 | -H-- | C] () -- D:\My Documents\~$NI RESUME.docx
[2011/01/04 17:17:48 | 000,010,898 | ---- | C] () -- D:\My Documents\stat1.xlsx
[2011/01/03 16:36:22 | 000,000,693 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2010/12/30 21:13:45 | 000,038,175 | ---- | C] () -- D:\My Documents\complete.docx
[2010/12/30 16:06:05 | 000,026,880 | ---- | C] () -- D:\My Documents\Curriculum Vitae.docx
[2010/12/29 23:15:43 | 000,288,107 | ---- | C] () -- C:\Documents and Settings\Nate Webb\Desktop\gmer.zip
[2010/12/29 23:08:41 | 000,624,128 | ---- | C] () -- C:\Documents and Settings\Nate Webb\Desktop\dds.scr
[2010/12/29 23:06:32 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Nate Webb\defogger_reenable
[2010/12/29 23:06:22 | 000,050,477 | ---- | C] () -- C:\Documents and Settings\Nate Webb\Desktop\Defogger.exe
[2010/12/29 22:38:36 | 000,044,205 | ---- | C] () -- D:\My Documents\resume.docx
[2010/12/29 19:18:13 | 000,001,591 | ---- | C] () -- C:\Documents and Settings\Nate Webb\Application Data\Microsoft\Internet Explorer\Quick Launch\IDrive.lnk
[2010/12/29 19:18:13 | 000,001,585 | ---- | C] () -- C:\Documents and Settings\Nate Webb\Start Menu\Programs\Startup\IDrive Tray.lnk
[2010/12/29 19:18:13 | 000,001,573 | ---- | C] () -- C:\Documents and Settings\Nate Webb\Desktop\IDrive.lnk
[2010/12/29 19:18:12 | 000,569,368 | ---- | C] () -- C:\WINDOWS\System32\olelib.tlb
[2010/12/29 19:18:12 | 000,022,212 | ---- | C] () -- C:\WINDOWS\System32\olelib2.tlb
[2010/12/29 19:18:12 | 000,003,841 | ---- | C] () -- C:\WINDOWS\System32\server.pem
[2010/12/29 19:18:11 | 000,147,130 | ---- | C] () -- C:\WINDOWS\System32\CRYPT32.LIB
[2010/12/29 19:18:11 | 000,117,982 | ---- | C] () -- C:\WINDOWS\System32\ADVAPI32.LIB
[2010/12/29 19:18:11 | 000,055,808 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll
[2010/12/29 19:18:11 | 000,026,032 | ---- | C] () -- C:\WINDOWS\System32\IDriveEXceedCryReg.exe
[2010/12/29 19:18:11 | 000,000,095 | ---- | C] () -- C:\WINDOWS\System32\RegisterIDriveEDll.bat
[2010/12/29 19:18:10 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\IBColIml.ocx
[2010/12/29 19:18:10 | 000,000,730 | ---- | C] () -- C:\WINDOWS\System32\rootcert.pem
[2010/12/29 17:22:07 | 2074,873,856 | -HS- | C] () -- C:\hiberfil.sys
[2010/12/28 20:23:17 | 082,568,190 | ---- | C] () -- C:\Documents and Settings\Nate Webb\Desktop\WS310346.WMA
[2010/12/27 15:36:51 | 000,000,020 | ---- | C] () -- C:\WINDOWS\System32\TANEVALU.DLL
[2010/12/22 09:03:52 | 000,023,552 | ---- | C] () -- C:\Documents and Settings\Nate Webb\Desktop\liz email.wps
[2010/12/13 22:45:31 | 000,011,094 | ---- | C] () -- D:\My Documents\usu banner.docx
[2010/12/11 14:37:00 | 000,041,534 | ---- | C] () -- C:\Documents and Settings\Nate Webb\Desktop\Nate Webb Letter.pdf
[2010/12/09 01:00:12 | 000,013,039 | ---- | C] () -- D:\My Documents\dinner list.docx
[2010/02/24 17:37:07 | 000,014,558 | -HS- | C] () -- C:\Documents and Settings\Nate Webb\Local Settings\Application Data\684u2uVf
[2010/02/08 00:31:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Player.INI
[2010/02/04 19:51:18 | 000,038,444 | ---- | C] () -- C:\Documents and Settings\Nate Webb\Application Data\Comma Separated Values (Windows).ADR
[2009/11/24 04:40:15 | 000,040,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\Usbkey.sys
[2009/11/24 04:40:15 | 000,020,912 | ---- | C] () -- C:\WINDOWS\System32\drivers\parclass.sys
[2009/11/24 04:40:11 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\NWKL2_32.DLL
[2009/11/24 04:40:11 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\KL2DLL32.DLL
[2009/11/24 04:40:11 | 000,012,480 | ---- | C] () -- C:\WINDOWS\System32\KL2N.DLL
[2009/11/24 04:40:11 | 000,008,968 | ---- | C] () -- C:\WINDOWS\System32\KL2DLL.DLL
[2009/11/24 04:40:11 | 000,007,440 | ---- | C] () -- C:\WINDOWS\System32\ppmon.dll
[2009/11/24 04:33:37 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\custmon32.dll
[2009/11/21 00:52:52 | 000,040,743 | ---- | C] () -- C:\WINDOWS\PhotoModelerPro5.ini
[2009/10/05 16:13:11 | 000,002,240 | ---- | C] () -- C:\WINDOWS\esd3x.ini
[2009/10/05 16:13:10 | 000,002,287 | ---- | C] () -- C:\WINDOWS\esd3de.ini
[2009/09/10 03:30:08 | 000,011,776 | ---- | C] () -- C:\Documents and Settings\Nate Webb\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/04 19:12:04 | 000,000,773 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2009/08/19 02:49:21 | 000,172,128 | ---- | C] () -- C:\WINDOWS\_isusr32.dll
[2009/08/19 02:49:20 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\_isusr2k.dll
[2009/08/17 16:47:25 | 000,000,087 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/05/26 16:38:12 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\swmsflt.sys
[2009/05/07 01:06:58 | 000,002,487 | ---- | C] () -- C:\WINDOWS\esd4deold.ini
[2009/05/07 01:06:58 | 000,002,454 | ---- | C] () -- C:\WINDOWS\esd4de.ini
[2009/05/07 01:06:58 | 000,002,125 | ---- | C] () -- C:\WINDOWS\esd4xold.ini
[2009/05/07 01:06:58 | 000,002,125 | ---- | C] () -- C:\WINDOWS\esd4x.ini
[2008/07/04 13:38:51 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008/06/20 16:16:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI
[2008/06/20 14:07:26 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4957.dll
[2008/06/17 15:46:31 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2008/06/17 15:46:31 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2008/06/17 15:46:31 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2008/06/17 15:46:31 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2008/06/17 15:46:31 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2008/06/17 15:46:31 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2008/06/17 06:40:16 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/06/17 06:05:38 | 000,002,190 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2008/04/29 14:42:24 | 000,503,808 | ---- | C] () -- C:\WINDOWS\System32\ICCProfiles.dll
[2007/12/21 16:46:32 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2007/11/05 21:26:16 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2007/09/27 09:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 09:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 09:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini

< End of report >


Thank you!!!

#8 Shannon2012

Shannon2012

  • Security Colleague
  • 3,657 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:02:13 AM

Posted 07 January 2011 - 06:25 PM

Hi-

Thanks for the OTL reports. It is time to start cleaning.

First, we need to disable Spybot S&D's "TeaTimer"
TeaTimer works by preventing ANY changes to the system. It will attempt to undo any fixes we run, because it blocks these fixes from running.

In order to safeguard your system from problems that can be brought on by a half finished fix, we need to disable TeaTimer. We can reenable it when we're done if you like.
  • Open SpyBot Search and Destroy by going to Start -> All Programs -> Spybot Search and Destroy -> Spybot Search and Destroy.
  • If prompted with a legal dialog, accept the warning.
  • Click Posted Image and then on "Advanced Mode"
    Posted Image
  • You may be presented with a warning dialog. If so, press Posted Image
  • Click on Posted Image
  • Click on Posted Image
  • Uncheck this checkbox:
    Posted Image
  • Close/Exit Spybot Search and Destroy
Next, we need to run an OTL Fix.
  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.
:OTL
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKU\S-1-5-21-1603900153-3598018214-1350478042-1005\..\Toolbar\WebBrowser: (no name) - {0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF} - No CLSID value found.
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O20 - Winlogon\Notify\AtiExtEvent: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O20 - AppInit_DLLs: (tanevalu.dll) - C:\WINDOWS\System32\TANEVALU.DLL ()
[2010/12/27 15:36:52 | 000,000,020 | ---- | M] () -- C:\WINDOWS\System32\TANEVALU.DLL
  • Push Posted Image
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click Posted Image.
  • A report will open. Copy and Paste that report in your next reply.
  • If you have to reboot, once back up, open the C:\_OTL\MovedFiles folder and copy the newest log into your next reply.

In your reply, please copy in the OTL Fix report. Also, let me know how your computer is doing now.
Shannon

#9 Shannon2012

Shannon2012

  • Security Colleague
  • 3,657 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:02:13 AM

Posted 11 January 2011 - 12:43 PM

Hi-

Are you still there?
Shannon

#10 Shannon2012

Shannon2012

  • Security Colleague
  • 3,657 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:02:13 AM

Posted 14 January 2011 - 12:50 PM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.
Shannon




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users