Irregular Google Search Hijack |
Need a geek? Geeks to Go offers free, quality tech support -- in terms anyone can understand. Volunteers are waiting to help, friendly, technology experts who have knowledge to share, and enjoy helping others. Feel free to browse the site as a guest. However, you must log in to reply to existing topics, or to start a new topic of your own. Other benefits of joining include richer forum features, and removal of all advertising. Learn more in our Welcome Guide Infected? Malware and Spyware Cleaning Guide. What are you waiting for? Click here to join for free today!
|
|
|
  |
 Oct 8 2009, 02:12 AM
Post
#1
|
|
|
New Member  Posts: 3 OS: vista 64  |
THis pronlem has been going on for a while and it is driving me crazy. The links being returned by Google after a search are irregularly redirecting me to a new page. It only happens about half of the time. I have an update Norton on my machine and I have run countless anti spyware programs including Malwarebytes, with out solving the problem. I have followed all of the instructions in the guide for this forum and I am still having the problem. Any help in solving this would be greatly appreciated. Below I will post the MBAM log (I will post the earlier one that found an infection, although I did just rerun it with 0 infections found) and the OTL log. I was unable to run the rootkit program because it is not compatable with 64 bit systems (I have Vista 64).
Malwarebytes' Anti-Malware 1.41 Database version: 2847 Windows 6.0.6001 Service Pack 1 9/22/2009 8:48:03 PM mbam-log-2009-09-22 (20-48-03).txt Scan type: Quick Scan Objects scanned: 105244 Time elapsed: 10 minute(s), 41 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 1 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) -------------------------------------------- OTL logfile created on: 10/7/2009 9:49:23 PM - Run 1 OTL by OldTimer - Version 3.0.18.4 Folder = C:\Users\Devin\Downloads 64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.93 Gb Total Physical Memory | 2.47 Gb Available Physical Memory | 62.72% Memory free 4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 285.51 Gb Total Space | 160.45 Gb Free Space | 56.20% Space Free | Partition Type: NTFS Drive D: | 12.58 Gb Total Space | 1.99 Gb Free Space | 15.80% Space Free | Partition Type: NTFS E: Drive not present or media not loaded Drive F: | 976.13 Mb Total Space | 776.89 Mb Free Space | 79.59% Space Free | Partition Type: FAT G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DEVIN-PC Current User Name: Devin Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2009/06/05 11:48:14 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe PRC - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe PRC - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe PRC - [2008/06/09 07:21:58 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe PRC - [2008/06/09 07:21:58 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe PRC - [2009/08/21 21:28:17 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe PRC - [2009/08/21 21:28:17 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe PRC - [2008/12/17 14:11:40 | 00,365,952 | ---- | M] () -- C:\Program Files (x86)\SMINST\BLService.exe PRC - [2008/09/15 04:13:38 | 00,241,734 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe PRC - [2008/09/15 04:13:38 | 00,241,734 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe PRC - [2008/09/15 04:13:38 | 00,241,734 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe PRC - [2008/09/15 04:13:38 | 00,241,734 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe PRC - [2009/08/21 21:28:17 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe PRC - [2009/08/21 21:28:17 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe PRC - [2009/08/21 21:28:17 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe PRC - [2009/08/21 21:28:17 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe PRC - [2009/08/21 21:28:17 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe PRC - [2009/08/21 21:28:17 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe PRC - [2009/08/21 21:28:17 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe PRC - [2009/08/21 21:28:17 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe PRC - [2009/08/21 21:28:17 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe PRC - [2009/08/21 21:28:17 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe PRC - [2009/08/21 21:28:17 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe PRC - [2008/03/19 20:25:42 | 00,668,328 | ---- | M] () -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe PRC - [2008/03/19 20:25:44 | 00,107,176 | ---- | M] (Lexmark International Inc.) -- C:\Program Files (x86)\Lexmark 3600-4600 Series\ezprint.exe PRC - [2008/03/19 20:25:44 | 00,107,176 | ---- | M] (Lexmark International Inc.) -- C:\Program Files (x86)\Lexmark 3600-4600 Series\ezprint.exe PRC - [2008/03/19 20:25:44 | 00,107,176 | ---- | M] (Lexmark International Inc.) -- C:\Program Files (x86)\Lexmark 3600-4600 Series\ezprint.exe PRC - [2008/03/19 20:25:44 | 00,107,176 | ---- | M] (Lexmark International Inc.) -- C:\Program Files (x86)\Lexmark 3600-4600 Series\ezprint.exe PRC - [2006/09/11 04:40:32 | 00,218,032 | ---- | M] (Macrovision Corporation) -- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe PRC - [2008/11/28 15:04:26 | 01,148,200 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe PRC - [2008/12/25 10:41:16 | 01,316,136 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe PRC - [2008/12/25 10:41:20 | 00,189,736 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe PRC - [2008/10/10 10:24:44 | 00,206,128 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe PRC - [2008/12/08 13:34:24 | 00,054,576 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe PRC - [2008/12/08 13:34:24 | 00,054,576 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe PRC - [2009/07/25 05:23:12 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\jusched.exe PRC - [2006/11/01 23:45:35 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\regsvr32.exe PRC - [2006/11/01 23:45:35 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\regsvr32.exe PRC - [2008/10/23 10:46:02 | 00,223,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe PRC - [2008/10/23 10:46:02 | 00,223,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe PRC - [2008/11/19 07:14:06 | 00,222,512 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe PRC - [2008/10/22 08:32:20 | 00,628,016 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe PRC - [2008/10/22 08:32:20 | 00,628,016 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe PRC - [2008/10/22 08:32:20 | 00,628,016 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe PRC - [2008/10/22 08:32:20 | 00,628,016 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe PRC - [2009/10/07 21:45:58 | 00,520,704 | ---- | M] (OldTimer Tools) -- C:\Users\Devin\Downloads\OTL.exe PRC - [2009/10/07 21:45:58 | 00,520,704 | ---- | M] (OldTimer Tools) -- C:\Users\Devin\Downloads\OTL.exe PRC - [2009/10/07 21:45:58 | 00,520,704 | ---- | M] (OldTimer Tools) -- C:\Users\Devin\Downloads\OTL.exe PRC - [2009/09/11 20:15:18 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe ========== Win32 Services (SafeList) ========== SRV:64bit: - [2008/06/27 05:53:06 | 00,089,088 | ---- | M] () -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_8aadd48d\AESTSr64.exe -- (AESTFilters [Auto | Running]) SRV:64bit: - [2009/01/13 06:36:30 | 00,053,760 | ---- | M] () -- C:\Windows\SysNative\bthserv.dll -- (BthServ [Auto | Running]) SRV:64bit: - [2008/03/18 13:25:40 | 00,023,040 | ---- | M] () -- C:\Windows\SysNative\Hpservice.exe -- (hpsrv [Auto | Running]) SRV:64bit: - [2008/02/27 14:53:29 | 00,033,960 | ---- | M] () -- C:\Windows\SysNative\spool\DRIVERS\x64\3\lxdxserv.exe -- (lxdxCATSCustConnectService [Auto | Stopped]) SRV:64bit: - [2008/02/27 14:53:31 | 01,044,648 | ---- | M] () -- C:\Windows\SysNative\lxdxcoms.exe -- (lxdx_device [Auto | Running]) SRV:64bit: - [2008/10/26 10:49:46 | 00,279,040 | ---- | M] () -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_8aadd48d\STacSV64.exe -- (STacSV [Auto | Running]) SRV:64bit: - [2008/01/20 16:47:32 | 00,383,544 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Stopped]) SRV:64bit: - [2008/01/20 16:52:15 | 01,216,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped]) SRV - [2009/06/05 11:48:14 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running]) SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running]) SRV - [2008/07/27 08:03:13 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) SRV - [2008/07/27 08:01:49 | 00,093,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64 [On_Demand | Stopped]) SRV - [2008/11/19 07:14:06 | 00,222,512 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe -- (Com4QLBEx [On_Demand | Running]) SRV - [2008/01/20 16:51:36 | 00,344,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped]) SRV - [2008/01/20 16:51:36 | 00,153,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped]) SRV - [2006/11/02 05:03:48 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped]) SRV - [2008/06/19 15:17:12 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Running]) SRV - [2009/05/31 21:33:32 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe -- (gupdate1c9e28b48f53210 [Auto | Stopped]) SRV - [2009/05/31 21:32:58 | 00,183,280 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Auto | Stopped]) SRV - [2008/10/09 05:56:48 | 00,094,208 | ---- | M] (Hewlett-Packard) -- c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe -- (HP Health Check Service [Auto | Running]) SRV - [2008/10/23 10:46:02 | 00,223,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe -- (hpqwmiex [On_Demand | Running]) SRV - [2005/11/13 23:06:04 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped]) SRV - [2008/06/19 15:16:53 | 00,859,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped]) SRV - [2009/06/05 13:39:14 | 00,541,992 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Stopped]) SRV - [2006/11/01 23:46:05 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\keyiso.dll -- (KeyIso [On_Demand | Running]) SRV - [2009/09/28 18:58:09 | 01,028,432 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service [On_Demand | Stopped]) SRV - [2008/06/09 07:21:58 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running]) SRV - [2008/02/27 14:53:25 | 00,594,600 | ---- | M] ( ) -- C:\Windows\SysWow64\lxdxcoms.exe -- (lxdx_device [Auto | Running]) SRV - [2006/11/02 03:34:14 | 00,000,000 | ---D | M] -- C:\Windows\SysWow64\Msdtc -- (MSDTC [Unknown | Stopped]) SRV - [2008/01/20 16:48:28 | 00,592,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\netlogon.dll -- (Netlogon [Disabled | Stopped]) SRV - [2009/08/21 21:28:17 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe -- (Norton Internet Security [Auto | Running]) SRV - [2008/12/17 14:11:40 | 00,365,952 | ---- | M] () -- C:\Program Files (x86)\SMINST\BLService.exe -- (Recovery Service for Windows [Auto | Running]) SRV - [2008/09/15 04:13:38 | 00,241,734 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe -- (RichVideo [Auto | Running]) SRV - [2006/11/01 20:35:15 | 00,060,994 | ---- | M] () -- C:\Windows\SysWow64\Wbem\vds.mof -- (vds [On_Demand | Stopped]) SRV - [2006/11/01 20:35:15 | 00,055,846 | ---- | M] () -- C:\Windows\SysWow64\Wbem\vss.mof -- (VSS [On_Demand | Stopped]) ========== Driver Services (SafeList) ========== DRV:64bit: - [2008/03/27 09:10:14 | 00,040,296 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\Accelerometer.sys -- (Accelerometer [On_Demand | Running]) DRV:64bit: - [2009/04/27 00:25:51 | 01,526,776 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys -- (BCM43XX [On_Demand | Running]) DRV:64bit: - [2009/08/21 21:28:17 | 00,334,384 | ---- | M] () -- C:\Windows\SysNative\Drivers\NISx64\1007020.00B\BHDrvx64.sys -- (BHDrvx64 [System | Running]) DRV:64bit: - [2009/01/13 06:36:30 | 00,026,624 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\BthEnum.sys -- (BthEnum [On_Demand | Running]) DRV:64bit: - [2008/01/20 16:47:02 | 00,115,712 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\bthpan.sys -- (BthPan [On_Demand | Stopped]) DRV:64bit: - [2009/01/13 06:36:30 | 00,694,784 | ---- | M] () -- C:\Windows\SysNative\Drivers\BTHport.sys -- (BTHPORT [On_Demand | Stopped]) DRV:64bit: - [2009/01/13 06:36:30 | 00,035,840 | ---- | M] () -- C:\Windows\SysNative\Drivers\BTHUSB.sys -- (BTHUSB [On_Demand | Running]) DRV:64bit: - [2008/06/23 01:54:02 | 00,091,176 | ---- | M] () -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio [On_Demand | Running]) DRV:64bit: - [2008/06/23 01:54:02 | 00,099,368 | ---- | M] () -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt [On_Demand | Running]) DRV:64bit: - [2008/06/23 01:54:02 | 00,019,752 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\btwrchid.sys -- (btwrchid [On_Demand | Running]) DRV:64bit: - [2009/09/10 20:13:14 | 00,583,296 | ---- | M] () -- C:\Windows\SysNative\Drivers\NISx64\1007020.00B\ccHPx64.sys -- (ccHP [System | Running]) DRV:64bit: - [2008/01/20 16:46:51 | 00,017,792 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\CmBatt.sys -- (CmBatt [On_Demand | Running]) DRV:64bit: - [2008/09/04 07:48:00 | 00,064,000 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\enecir.sys -- (enecir [On_Demand | Running]) DRV:64bit: - [2009/03/19 16:34:18 | 00,029,544 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running]) DRV:64bit: - [2007/03/08 22:19:00 | 00,012,800 | ---- | M] () -- C:\Windows\SysNative\drivers\grmnusb.sys -- (grmnusb [On_Demand | Stopped]) DRV:64bit: - [2006/11/01 19:28:10 | 00,273,920 | ---- | M] () -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService [On_Demand | Stopped]) DRV:64bit: - [2008/03/27 09:10:56 | 00,026,984 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\hpdskflt.sys -- (hpdskflt [Boot | Running]) DRV:64bit: - [2007/06/18 14:13:12 | 00,018,432 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\HpqKbFiltr.sys -- (HpqKbFiltr [On_Demand | Running]) DRV:64bit: - [2008/10/27 22:33:30 | 08,039,808 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx [On_Demand | Running]) DRV:64bit: - [2008/09/21 19:49:58 | 00,126,464 | ---- | M] () -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService [On_Demand | Running]) DRV:64bit: - [2009/07/03 04:49:17 | 00,068,640 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\Lbd.sys -- (Lbd [Boot | Running]) DRV:64bit: - [2008/01/20 16:46:57 | 03,154,432 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\NETw3v64.sys -- (NETw3v64 [On_Demand | Stopped]) DRV:64bit: - [2009/01/13 06:36:30 | 00,178,688 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\rfcomm.sys -- (RFCOMM [On_Demand | Running]) DRV:64bit: - [2008/08/06 06:26:08 | 00,174,592 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169 [On_Demand | Running]) DRV:64bit: - [2008/09/19 14:43:58 | 00,068,096 | ---- | M] () -- C:\Windows\SysNative\drivers\RTSTOR64.SYS -- (RTSTOR [On_Demand | Running]) DRV:64bit: - [2008/01/20 16:46:55 | 00,111,104 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus [On_Demand | Stopped]) DRV:64bit: - [2009/08/21 21:28:17 | 00,476,720 | ---- | M] () -- C:\Windows\SysNative\Drivers\NISx64\1007020.00B\SRTSP64.SYS -- (SRTSP [On_Demand | Running]) DRV:64bit: - [2009/08/21 21:28:17 | 00,032,304 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1007020.00B\SRTSPX64.SYS -- (SRTSPX [System | Running]) DRV:64bit: - [2008/10/26 10:50:58 | 00,469,504 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\stwrt64.sys -- (STHDA [On_Demand | Running]) DRV:64bit: - [2009/08/21 21:28:17 | 00,402,992 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1007020.00B\SYMEFA64.SYS -- (SymEFA [Boot | Running]) DRV:64bit: - [2009/09/10 16:26:26 | 00,172,592 | ---- | M] () -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent [On_Demand | Running]) DRV:64bit: - [2009/08/21 21:28:17 | 00,120,880 | ---- | M] () -- C:\Windows\SysNative\Drivers\NISx64\1007020.00B\SYMFW.SYS -- (SYMFW [On_Demand | Running]) DRV:64bit: - [2009/08/18 09:11:43 | 00,031,280 | R--- | M] () -- C:\Windows\SysNative\DRIVERS\SymIMv.sys -- (SymIM [System | Running]) DRV:64bit: - [2009/08/21 21:28:17 | 00,056,880 | ---- | M] () -- C:\Windows\SysNative\Drivers\NISx64\1007020.00B\SYMNDISV.SYS -- (SYMNDISV [On_Demand | Running]) DRV:64bit: - [2009/08/21 21:28:17 | 00,278,576 | ---- | M] () -- C:\Windows\SysNative\Drivers\NISx64\1007020.00B\SYMTDI.SYS -- (SYMTDI [System | Running]) DRV:64bit: - [2008/07/24 06:48:10 | 00,250,928 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running]) DRV:64bit: - [2009/06/05 11:42:38 | 00,048,640 | ---- | M] () -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64 [On_Demand | Stopped]) DRV:64bit: - [2008/01/20 16:47:27 | 00,168,704 | ---- | M] () -- C:\Windows\SysNative\Drivers\usbvideo.sys -- (usbvideo [On_Demand | Running]) DRV:64bit: - [2008/01/20 16:47:28 | 00,046,080 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb [On_Demand | Stopped]) DRV:64bit: - [2006/10/03 15:45:36 | 00,273,408 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64 [On_Demand | Stopped]) DRV - [1999/09/10 12:06:00 | 00,025,244 | ---- | M] (Adaptec) -- C:\Windows\SysWow64\drivers\ASPI32.SYS -- (ASPI32 [System | Stopped]) DRV - [2009/08/25 22:00:00 | 00,475,696 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl [System | Running]) DRV - [2009/08/25 22:00:00 | 00,132,656 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv [On_Demand | Running]) DRV - [2009/09/10 10:10:17 | 00,466,480 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090916.003\IDSvia64.sys -- (IDSVia64 [System | Running]) DRV - [2006/09/18 11:35:23 | 00,001,088 | ---- | M] () -- C:\Windows\SysWow64\Wbem\mpsdrv.mof -- (mpsdrv [On_Demand | Running]) DRV - [2009/08/24 22:00:00 | 00,116,272 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091007.021\ENG64.SYS -- (NAVENG [On_Demand | Running]) DRV - [2009/08/24 22:00:00 | 01,742,896 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091007.021\EX64.SYS -- (NAVEX15 [On_Demand | Running]) DRV - [2006/09/18 11:36:40 | 00,003,066 | ---- | M] () -- C:\Windows\SysWow64\Wbem\tcpip.mof -- (Tcpip [Boot | Running]) DRV - [2008/11/28 15:04:24 | 00,146,928 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49} [Auto | Running]) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cnnb IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cnnb IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cnnb IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cnnb IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cnnb IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cnnb IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/02 19:45:14 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2009/09/11 20:15:21 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2009/09/11 20:15:21 | 00,000,000 | ---D | M] [2009/10/07 21:37:00 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions [2009/09/11 20:15:21 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009/08/30 07:36:39 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} [2009/09/11 20:15:18 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browserdirprovider.dll [2009/09/11 20:15:18 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\brwsrcmp.dll [2009/07/25 05:23:01 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeploytk.dll [2009/09/11 20:15:19 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll [2009/06/28 20:24:17 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2009/06/28 20:24:18 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2009/06/28 20:24:18 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2009/06/28 20:24:18 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2009/06/28 20:24:18 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2009/06/28 20:24:18 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2009/06/28 20:24:18 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2009/04/23 14:39:08 | 00,001,394 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom.xml [2009/04/23 14:39:08 | 00,002,193 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\answers.xml [2009/04/23 14:39:08 | 00,001,534 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\creativecommons.xml [2009/04/23 14:39:08 | 00,002,343 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay.xml [2009/04/23 14:39:08 | 00,001,706 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml [2009/04/23 14:39:08 | 00,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia.xml O1 HOSTS File: (761 bytes) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - Reg Error: Value error. File not found O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll (Symantec Corporation) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.2.11\IPSBHO.DLL (Symantec Corporation) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.) O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll (Symantec Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll (Symantec Corporation) O4:64bit: - HKLM..\Run: [EzPrint] C:\Program Files (x86)\Lexmark 3600-4600 Series\ezprint.exe (Lexmark International Inc.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe () O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe () O4:64bit: - HKLM..\Run: [lxdxmon.exe] C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe () O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe () O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard) O4:64bit: - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.) O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.) O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [DVDAgent] C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.) O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard) O4 - HKLM..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe (Hewlett-Packard) O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe ( Hewlett-Packard Development Company, L.P.) O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [TSMAgent] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.) O4 - HKLM..\Run: [UCam_Menu] C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard) O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (Microsoft Corporation) O4 - HKCU..\Run: [ISUSPM] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation) O4 - HKCU..\Run: [P2GVideo] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation) O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysNative\NLAapi.dll () O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysNative\napinsp.dll () O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll () O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll () O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysNative\mswsock.dll () O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysNative\winrnr.dll () O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysNative\wshbth.dll () O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\mswsock.dll () O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\mswsock.dll () O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\mswsock.dll () O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\mswsock.dll () O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\mswsock.dll () O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\mswsock.dll () O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\mswsock.dll () O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\mswsock.dll () O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysNative\mswsock.dll () O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysNative\mswsock.dll () O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysNative\mswsock.dll () O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWow64\NLAapi.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWow64\napinsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWow64\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWow64\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWow64\wshbth.dll (Microsoft Corporation) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_15) O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll () O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll () O18:64bit: - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\msvidctl.dll () O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll () O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll () O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll () O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll () O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll () O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll () O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll () O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll () O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll () O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll () O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll () O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll () O18:64bit: - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\msvidctl.dll () O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll () O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files (x86)\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll (Symantec Corporation) O18:64bit: - Protocol\Filter: - application/octet-stream - C:\Windows\SysNative\mscoree.dll () O18:64bit: - Protocol\Filter: - application/x-complus - C:\Windows\SysNative\mscoree.dll () O18:64bit: - Protocol\Filter: - application/x-msdownload - C:\Windows\SysNative\mscoree.dll () O18:64bit: - Protocol\Filter: - deflate - C:\Windows\SysNative\urlmon.dll () O18:64bit: - Protocol\Filter: - gzip - C:\Windows\SysNative\urlmon.dll () O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll () O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\Windows\SysWow64\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found O34 - HKLM BootExecute: (lsdelete) - File not found 64bit: O35 - comfile [open] -- "%1" %* File not found 64bit: O35 - exefile [open] -- "%1" %* File not found O35 - comfile [open] -- "%1" %* File not found O35 - exefile [open] -- "%1" %* File not found NetSvcs:64bit: FastUserSwitchingCompatibility - Service key not found. File not found NetSvcs:64bit: Ias - Service key not found. File not found NetSvcs:64bit: Irmon - Service key not found. File not found NetSvcs:64bit: Nla - Service key not found. File not found NetSvcs:64bit: Ntmssvc - Service key not found. File not found NetSvcs:64bit: NWCWorkstation - Service key not found. File not found NetSvcs:64bit: Nwsapagent - Service key not found. File not found NetSvcs:64bit: SRService - Service key not found. File not found NetSvcs:64bit: Wmi - Service key not found. File not found NetSvcs:64bit: WmdmPmSp - Service key not found. File not found NetSvcs:64bit: LogonHours - Service key not found. File not found NetSvcs:64bit: PCAudit - Service key not found. File not found NetSvcs:64bit: helpsvc - Service key not found. File not found NetSvcs:64bit: uploadmgr - Service key not found. File not found NetSvcs: FastUserSwitchingCompatibility - Service key not found. File not found NetSvcs: Ias - Service key not found. File not found NetSvcs: Irmon - Service key not found. File not found NetSvcs: Nla - Service key not found. File not found NetSvcs: Ntmssvc - Service key not found. File not found NetSvcs: NWCWorkstation - Service key not found. File not found NetSvcs: Nwsapagent - Service key not found. File not found NetSvcs: SRService - Service key not found. File not found NetSvcs: Wmi - Service key not found. File not found NetSvcs: WmdmPmSp - Service key not found. File not found NetSvcs: LogonHours - Service key not found. File not found NetSvcs: PCAudit - Service key not found. File not found NetSvcs: helpsvc - Service key not found. File not found NetSvcs: uploadmgr - Service key not found. File not found ========== Files/Folders - Created Within 30 Days ========== [2009/09/28 18:55:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ReleaseEngineer.MACROVISION\Application Data [2009/09/28 18:55:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ReleaseEngineer.MACROVISION\Application Data\Microsoft [2009/10/04 19:25:51 | 00,000,000 | ---D | C] -- C:\Users\Devin\AppData\Local\Adobe [2009/10/07 21:18:26 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT [2009/09/11 08:42:50 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\IObit [2009/09/28 18:55:34 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft [2009/10/04 09:31:43 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2009/09/11 14:21:29 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Minitab 15 [2009/09/29 11:34:31 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\SUPERAntiSpyware [2009/10/04 10:08:20 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro [2009/10/07 21:29:13 | 00,499,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kerberos.dll [2009/10/07 21:29:11 | 00,213,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msv1_0.dll [2009/10/07 21:29:11 | 00,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdigest.dll [2009/10/07 21:29:10 | 00,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schannel.dll [2009/10/07 21:29:08 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secur32.dll [2009/10/07 21:18:50 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT [2009/10/05 13:30:06 | 00,000,000 | ---D | C] -- C:\Users\Devin\Desktop\New Folder [2009/10/04 14:13:55 | 00,000,000 | ---D | C] -- C:\ComboFix [2009/10/04 14:13:52 | 00,318,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CF15537.exe [2009/10/04 14:13:26 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\swsc.exe [2009/10/04 14:12:58 | 00,000,000 | ---D | C] -- C:\Qoobox [2009/10/04 14:12:52 | 00,318,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmd.execf [2009/10/04 09:31:45 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2009/09/29 16:59:33 | 00,000,000 | -HSD | C] -- C:\Config.Msi [2009/09/23 08:38:10 | 00,000,000 | ---D | C] -- C:\Users\Devin\Desktop\SpiderPics [2009/09/11 14:22:42 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\E177E04D548C4006A465EEB92D3DE021 [2009/09/09 15:24:09 | 00,512,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2009/09/09 15:22:22 | 00,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netiohlp.dll [2009/09/09 15:22:16 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NETSTAT.EXE [2009/09/09 15:22:16 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ARP.EXE [2009/09/09 15:22:16 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TCPSVCS.EXE [2009/09/09 15:22:15 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ROUTE.EXE [2009/09/09 15:22:15 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MRINFO.EXE [2009/09/09 15:22:15 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\finger.exe [2009/09/09 15:22:15 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\HOSTNAME.EXE [2009/09/09 15:22:13 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll [2009/09/09 15:20:12 | 02,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVCORE.DLL [2009/09/09 15:20:11 | 02,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll [2009/09/09 15:19:45 | 00,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlansec.dll [2009/09/09 15:19:45 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanmsm.dll [2009/09/09 15:19:45 | 00,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\L2SecHC.dll [2009/05/05 17:45:16 | 00,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxinpa.dll [2009/05/05 17:45:16 | 00,339,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxiesc.dll [2009/05/05 17:45:13 | 00,647,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxpmui.dll [2009/05/05 17:45:10 | 01,105,920 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxserv.dll [2009/05/05 17:45:10 | 00,843,776 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxusb1.dll [2009/05/05 17:45:09 | 00,569,344 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxlmpm.dll [2009/05/05 17:45:09 | 00,053,248 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxprox.dll [2009/05/05 17:45:08 | 00,663,552 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxhbn3.dll [2009/05/05 17:45:07 | 00,376,832 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxcomm.dll [2009/05/05 17:45:06 | 00,851,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxcomc.dll ========== Files - Modified Within 30 Days ========== [2009/10/07 21:39:11 | 00,000,880 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job [2009/10/07 21:37:07 | 00,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2009/10/07 21:37:05 | 00,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2009/10/07 21:37:03 | 00,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2009/10/07 21:36:58 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2009/10/07 21:36:22 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2009/10/07 21:36:00 | 42,228,20352 | -HS- | M] () -- C:\hiberfil.sys [2009/10/07 21:30:54 | 00,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2009/10/07 21:30:34 | 03,325,788 | -H-- | M] () -- C:\Users\Devin\AppData\Local\IconCache.db [2009/10/07 21:29:52 | 01,945,084 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1007020.00B\Cat.DB [2009/10/07 21:28:00 | 00,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2009/10/07 21:18:27 | 00,000,723 | ---- | M] () -- C:\Users\Devin\Desktop\NTREGOPT.lnk [2009/10/07 21:18:27 | 00,000,704 | ---- | M] () -- C:\Users\Devin\Desktop\ERUNT.lnk [2009/10/06 21:14:59 | 00,000,680 | ---- | M] () -- C:\Users\Devin\AppData\Local\d3d9caps.dat [2009/10/05 13:55:54 | 00,690,960 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2009/10/05 13:55:54 | 00,595,684 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2009/10/05 13:55:54 | 00,101,350 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2009/10/05 13:53:56 | 28,141,788 | ---- | M] () -- C:\Users\Devin\Desktop\New Spider Pics.zip [2009/10/04 14:13:27 | 00,008,704 | ---- | M] () -- C:\Windows\SysNative\drivers\PROCEXP90.SYS [2009/10/04 14:12:53 | 00,318,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\cmd.execf [2009/10/04 14:12:53 | 00,318,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\CF15537.exe [2009/10/04 10:08:20 | 00,001,888 | ---- | M] () -- C:\Users\Devin\Desktop\HijackThis.lnk [2009/10/04 09:31:48 | 00,000,808 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2009/09/30 20:26:49 | 00,222,720 | ---- | M] () -- C:\Users\Devin\Desktop\HI-frozen-samples-labels.doc [2009/09/30 16:01:50 | 00,038,400 | ---- | M] () -- C:\Users\Devin\Desktop\HI-taxa.xls [2009/09/30 16:01:13 | 01,921,024 | ---- | M] () -- C:\Users\Devin\Desktop\HI-tullgren-samples-tosort-labels(2).doc [2009/09/28 18:58:49 | 00,015,688 | ---- | M] () -- C:\Windows\SysNative\lsdelete.exe [2009/09/28 18:55:58 | 00,001,009 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk [2009/09/27 19:32:30 | 00,209,920 | ---- | M] () -- C:\Users\Devin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/09/21 10:34:00 | 00,032,768 | ---- | M] () -- C:\Users\Devin\Desktop\Spider collection list.xls [2009/09/11 14:22:14 | 00,000,064 | ---- | M] () -- C:\Windows\minitab.ini [2009/09/10 20:27:31 | 00,002,239 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk [2009/09/10 20:13:14 | 00,583,296 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1007020.00B\cchpx64.sys [2009/09/10 20:13:13 | 00,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1007020.00B\isolate.ini [2009/09/10 16:26:26 | 00,172,592 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS [2009/09/10 16:26:26 | 00,007,440 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT [2009/09/10 16:26:26 | 00,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF [2009/09/10 14:54:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2009/09/10 14:53:52 | 00,022,104 | ---- | M] () -- C:\Windows\SysNative\drivers\mbam.sys [2009/09/09 16:09:43 | 64,545,9883 | ---- | M] () -- C:\Windows\MEMORY.DMP ========== Files - No Company Name ========== [2009/10/07 21:29:14 | 01,692,160 | ---- | C] () -- C:\Windows\SysNative\lsasrv.dll [2009/10/07 21:29:14 | 00,656,384 | ---- | C] () -- C:\Windows\SysNative\kerberos.dll [2009/10/07 21:29:14 | 00,268,800 | ---- | C] () -- C:\Windows\SysNative\msv1_0.dll [2009/10/07 21:29:11 | 00,338,944 | ---- | C] () -- C:\Windows\SysNative\schannel.dll [2009/10/07 21:29:11 | 00,205,312 | ---- | C] () -- C:\Windows\SysNative\wdigest.dll [2009/10/07 21:29:10 | 00,515,656 | ---- | C] () -- C:\Windows\SysNative\drivers\ksecdd.sys [2009/10/07 21:29:09 | 00,011,264 | ---- | C] () -- C:\Windows\SysNative\lsass.exe [2009/10/07 21:29:08 | 00,094,720 | ---- | C] () -- C:\Windows\SysNative\secur32.dll [2009/10/07 21:18:27 | 00,000,723 | ---- | C] () -- C:\Users\Devin\Desktop\NTREGOPT.lnk [2009/10/07 21:18:27 | 00,000,704 | ---- | C] () -- C:\Users\Devin\Desktop\ERUNT.lnk [2009/10/05 13:53:53 | 28,141,788 | ---- | C] () -- C:\Users\Devin\Desktop\New Spider Pics.zip [2009/10/04 14:13:27 | 00,008,704 | ---- | C] () -- C:\Windows\SysNative\drivers\PROCEXP90.SYS [2009/10/04 10:08:20 | 00,001,888 | ---- | C] () -- C:\Users\Devin\Desktop\HijackThis.lnk [2009/10/04 09:31:48 | 00,000,808 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2009/09/30 16:01:50 | 00,038,400 | ---- | C] () -- C:\Users\Devin\Desktop\HI-taxa.xls [2009/09/30 16:01:42 | 00,222,720 | ---- | C] () -- C:\Users\Devin\Desktop\HI-frozen-samples-labels.doc [2009/09/30 16:01:05 | 01,921,024 | ---- | C] () -- C:\Users\Devin\Desktop\HI-tullgren-samples-tosort-labels(2).doc [2009/09/28 20:03:40 | 00,015,688 | ---- | C] () -- C:\Windows\SysNative\lsdelete.exe [2009/09/28 18:59:05 | 00,068,640 | ---- | C] () -- C:\Windows\SysNative\drivers\Lbd.sys [2009/09/28 18:55:58 | 00,001,009 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk [2009/09/23 08:28:00 | 00,000,680 | ---- | C] () -- C:\Users\Devin\AppData\Local\d3d9caps.dat [2009/09/22 20:34:51 | 00,022,104 | ---- | C] () -- C:\Windows\SysNative\drivers\mbam.sys [2009/09/18 21:50:22 | 00,032,768 | ---- | C] () -- C:\Users\Devin\Desktop\Spider collection list.xls [2009/09/11 14:22:18 | 00,000,006 | -HS- | C] () -- C:\Users\Devin\AppData\Local\desktop.ini [2009/09/11 14:22:14 | 00,000,064 | ---- | C] () -- C:\Windows\minitab.ini [2009/09/10 16:52:27 | 00,031,280 | R--- | C] () -- C:\Windows\SysNative\drivers\SymIMV.sys [2009/09/09 15:24:09 | 00,753,152 | ---- | C] () -- C:\Windows\SysNative\jscript.dll [2009/09/09 15:22:24 | 01,418,840 | ---- | C] () -- C:\Windows\SysNative\drivers\tcpip.sys [2009/09/09 15:22:22 | 00,141,312 | ---- | C] () -- C:\Windows\SysNative\netiohlp.dll [2009/09/09 15:22:17 | 00,032,256 | ---- | C] () -- C:\Windows\SysNative\NETSTAT.EXE [2009/09/09 15:22:16 | 00,023,040 | ---- | C] () -- C:\Windows\SysNative\ARP.EXE [2009/09/09 15:22:16 | 00,012,800 | ---- | C] () -- C:\Windows\SysNative\MRINFO.EXE [2009/09/09 15:22:15 | 00,021,504 | ---- | C] () -- C:\Windows\SysNative\ROUTE.EXE [2009/09/09 15:22:15 | 00,011,264 | ---- | C] () -- C:\Windows\SysNative\finger.exe [2009/09/09 15:22:15 | 00,010,752 | ---- | C] () -- C:\Windows\SysNative\TCPSVCS.EXE [2009/09/09 15:22:15 | 00,010,240 | ---- | C] () -- C:\Windows\SysNative\HOSTNAME.EXE [2009/09/09 15:22:13 | 00,017,920 | ---- | C] () -- C:\Windows\SysNative\netevent.dll [2009/09/09 15:20:15 | 02,900,480 | ---- | C] () -- C:\Windows\SysNative\WMVCORE.DLL [2009/09/09 15:20:11 | 03,547,136 | ---- | C] () -- C:\Windows\SysNative\mf.dll [2009/09/09 15:19:47 | 02,608,803 | ---- | C] () -- C:\Windows\SysNative\wlan.tmf [2009/09/09 15:19:45 | 00,615,936 | ---- | C] () -- C:\Windows\SysNative\wlansvc.dll [2009/09/09 15:19:45 | 00,376,832 | ---- | C] () -- C:\Windows\SysNative\wlansec.dll [2009/09/09 15:19:45 | 00,353,280 | ---- | C] () -- C:\Windows\SysNative\wlanmsm.dll [2009/09/09 15:19:45 | 00,157,184 | ---- | C] () -- C:\Windows\SysNative\L2SecHC.dll [2009/09/09 15:19:45 | 00,097,792 | ---- | C] () -- C:\Windows\SysNative\wlanhlp.dll [2009/09/09 15:19:45 | 00,086,528 | ---- | C] () -- C:\Windows\SysNative\wlanapi.dll [2009/06/28 18:11:17 | 00,000,376 | ---- | C] () -- C:\Windows\ODBC.INI [2009/05/05 17:48:00 | 00,081,920 | ---- | C] () -- C:\Windows\SysWow64\lxdxcaps.dll [2009/05/05 17:48:00 | 00,069,632 | ---- | C] () -- C:\Windows\SysWow64\lxdxcnv4.dll [2009/05/05 17:47:59 | 00,782,336 | ---- | C] () -- C:\Windows\SysWow64\lxdxdrs.dll [2009/05/05 17:45:18 | 00,348,160 | ---- | C] () -- C:\Windows\SysWow64\LXDXinst.dll [2009/05/05 17:45:17 | 00,335,872 | ---- | C] () -- C:\Windows\SysWow64\lxdxcomx.dll [2009/05/04 17:52:38 | 00,000,415 | ---- | C] () -- C:\Windows\ArcView9x.INI [2009/05/03 17:25:00 | 00,000,307 | ---- | C] () -- C:\Windows\olx98NT.sys [2009/05/03 10:20:43 | 00,815,104 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2009/05/03 10:20:43 | 00,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2009/05/02 18:11:12 | 00,209,920 | ---- | C] () -- C:\Users\Devin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/05/01 18:13:54 | 03,325,788 | -H-- | C] () -- C:\Users\Devin\AppData\Local\IconCache.db [2009/05/01 17:15:31 | 00,000,000 | ---- | C] () -- C:\Users\Devin\AppData\Local\QSwitch.txt [2009/05/01 17:15:31 | 00,000,000 | ---- | C] () -- C:\Users\Devin\AppData\Local\DSwitch.txt [2009/05/01 17:15:31 | 00,000,000 | ---- | C] () -- C:\Users\Devin\AppData\Local\AtStart.txt [2009/05/01 17:12:43 | 00,102,992 | ---- | C] () -- C:\Users\Devin\AppData\Local\GDIPFONTCACHEV1.DAT [2008/01/20 16:50:05 | 00,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini [2008/01/20 16:49:49 | 00,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2006/11/02 05:25:49 | 00,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini [2006/11/02 05:25:49 | 00,000,174 | -HS- | C] () -- C:\Program Files (x86)\desktop.ini [2006/11/02 02:34:27 | 00,000,240 | ---- | C] () -- C:\Windows\win.ini [2006/11/02 02:34:27 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini [1997/06/25 15:24:16 | 00,040,448 | ---- | C] () -- C:\Windows\SysWow64\RegObj.dll ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < %systemroot%\system32\eventlog.dll > < %systemroot%\system32\scecli.dll > [2008/01/20 16:50:28 | 00,177,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\scecli.dll < %systemroot%\netlogon.dll > < %systemroot%\system32\cngaudit.dll > [2006/11/01 23:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cngaudit.dll < %systemroot%\system32\sceclt.dll > < %systemroot%\ntelogon.dll > < %systemroot%\system32\logevent.dll > < End of report > ------------------------------------------ OTL Extras logfile created on: 10/7/2009 9:49:24 PM - Run 1 OTL by OldTimer - Version 3.0.18.4 Folder = C:\Users\Devin\Downloads 64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.93 Gb Total Physical Memory | 2.47 Gb Available Physical Memory | 62.72% Memory free 4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 285.51 Gb Total Space | 160.45 Gb Free Space | 56.20% Space Free | Partition Type: NTFS Drive D: | 12.58 Gb Total Space | 1.99 Gb Free Space | 15.80% Space Free | Partition Type: NTFS E: Drive not present or media not loaded Drive F: | 976.13 Mb Total Space | 776.89 Mb Free Space | 79.59% Space Free | Partition Type: FAT G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DEVIN-PC Current User Name: Devin Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe () .hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html[@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) .inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE () .ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE () .js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe () .jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe () .txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE () .vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe () .vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe () .wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe () .wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe () [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) .reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 () batfile [open] -- "%1" %* File not found batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 () cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 () cmdfile [open] -- "%1" %* File not found cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 () comfile [open] -- "%1" %* File not found cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* () exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" () inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 () inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 () inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 () inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 () InternetShortcut [print] -- rundll32.exe C:\Windows\system32\mshtml.dll,PrintHTML "%1" () jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 () jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* () jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 () jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 () jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* () jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 () piffile [open] -- "%1" %* File not found regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" () regfile [merge] -- Reg Error: Key error. regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" () scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l () scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 () txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 () txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" () vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 () vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* () vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 () vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 () vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* () vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 () wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 () wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* () wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 () wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* () Directory [cmd] -- cmd.exe /s /k pushd "%V" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [open] -- regedit.exe "%1" (Microsoft Corporation) regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "oobe_av" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{3A959E3B-5207-4B4F-BE1E-12B52CFDB994}" = lport=6881 | protocol=6 | dir=in | name=utorrent | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0036BB63-F235-4167-A222-96C4DF734EE1}" = protocol=6 | dir=in | app=c:\windows\system32\lxdxcfg.exe | "{09569911-157F-43A7-A0B1-D36B8C293D12}" = protocol=17 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe | "{162D1024-333A-4888-BF01-315E6B14F450}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdxpswx.exe | "{18BE2E1F-E022-43B6-90C9-7B8452B528F0}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{1993DD7D-8912-46AD-B0D7-E41F4C116CAF}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 3600-4600 series\lxdxlscn.exe | "{23FD002B-2BF2-483A-BFAE-E76A2AE8019C}" = protocol=6 | dir=in | app=c:\windows\syswow64\lxdxcoms.exe | "{28FB58D5-BB38-4B95-B16D-53926F61380A}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe | "{2C2019C8-1AC6-4538-A084-656A9A614A1F}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe | "{3234670D-0661-4AE4-9716-9413367C83E9}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe | "{330C5932-F2C3-4369-A530-7DE00923CCA7}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 3600-4600 series\lxdxmon.exe | "{399BAD5A-DF9E-4CC9-A41E-F2181754B6DB}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{3B8A8D53-851D-4B6C-978F-B14B605DC93F}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 3600-4600 series\lxdxlscn.exe | "{3CA42766-F94B-4741-B823-219BCA7054B8}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe | "{3D3A8387-0BC0-4FFC-8A57-92BFE20910B4}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe | "{3E411316-B102-4511-9C27-18A3805D808C}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe | "{48095521-2A14-43FE-84C0-8CF98E0EAE22}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\tv\qp.exe | "{4F0CD115-A33F-4DBD-A25E-B64A3BD6CD3E}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdxtime.exe | "{587B513D-03B5-46F4-A9A6-C50D0F88448A}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe | "{5B73C43F-5B72-40B2-8E34-8EBB8C15DCA5}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe | "{69F494F6-D540-4620-B025-3BB92BE85FED}" = protocol=17 | dir=in | app=c:\windows\system32\lxdxcfg.exe | "{6F3F9243-54E6-47C7-AF5C-ACDC05BA20AE}" = protocol=17 | dir=in | app=c:\windows\system32\lxdxcoms.exe | "{7D5767E9-692A-49A8-9D3C-D83BACF1B4B6}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{83645274-B6B2-496B-81C6-2F59FCD35E9A}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe | "{87466DFE-B3C9-47FA-B3C2-72AD6255049A}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdxpswx.exe | "{90BDC210-D255-442B-B82D-C68A2572AEA9}" = protocol=17 | dir=in | app=c:\windows\syswow64\lxdxcoms.exe | "{96FB22F8-8906-4865-82A0-8CB2007005DA}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe | "{9FAEB943-AEED-4E60-8DFC-AA1A3D727AE1}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 3600-4600 series\lxdxmon.exe | "{AF9112BD-67CF-418F-9CFC-960AB592408B}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdxtime.exe | "{B8937FCE-B2C0-45C9-8131-CBA041D2EECF}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe | "{C7F27452-5D86-42FF-BE06-4027007113EF}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{CD8FDB42-DCEF-4E04-8CD0-E0DB5CBE90C9}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{D73809E9-864E-4F36-BEF5-CD3677CAB4D5}" = protocol=6 | dir=in | app=c:\windows\system32\lxdxcoms.exe | "{D97B4816-AD23-4145-80ED-F6E9D273751F}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe | "{E0A9913A-72B9-4B10-B573-CEC8DE680054}" = protocol=6 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe | "{FD83A241-6D30-4784-9054-625543ACC3B6}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\tv\qpservice.exe | "{FE2B0415-85BB-43AC-A6CC-1D6484FE4C63}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.6204 "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{0E6C415F-7708-4A8F-9509-11C98988BDCA}" = Apple Mobile Device Support "{2F97CE84-9C33-4631-821B-85EA371EA254}" = ProtectSmart Hard Drive Protection "{4FFA2088-8317-3B14-93CD-4C699DB37843}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 "{5AB0C6D3-E546-44C2-8B63-C9044FCC9AC0}" = iTunes "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{DAE239CE-EB9D-4EB3-B0D4-528D6BAA48FD}" = Bonjour "{F1568AA6-5982-4AFB-A871-C68E4328BC3B}" = HP MediaSmart SmartMenu "07B260955637F1FF7587ED2AA87459040DD09BF7" = Windows Driver Package - ENE (enecir) HIDClass (09/04/2008 2.6.0.0) "45A7283175C62FAC673F913C1F532C5361F97841" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0) "Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter "HDMI" = Intel® Graphics Media Accelerator Driver "Lexmark 3600-4600 Series" = Lexmark 3600-4600 Series "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "SynTPDeinstKey" = Synaptics Pointing Device Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR "{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam "{021C4C4F-C93C-4425-BFFD-C2D16776BFAE}" = Visual C++ 8.0 Runtime Setup Package (x64) "{07A8ED9E-B98E-437F-B750-241B412BE924}" = Garmin USB Drivers "{082FA29F-143B-47ED-B66A-A11F0E6EA4A9}" = DNRGarmin "{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1 "{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate "{1CF65E18-6463-4D28-A476-7DA10FBCE816}" = ArcGIS Desktop Evaluation Edition "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library "{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java™ 6 Update 15 "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7 "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 L1 "{36E90C09-EB23-4EAC-8B47-12C0CA5DBD3A}" = HP User Guides 0126 "{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista "{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{47F36D92-E58E-456D-B73C-3382737E4C42}" = HP Update "{53C239F5-7E23-493D-8FB6-F8EEEA5C2154}" = Garmin Training Center "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{732A3F80-008B-4350-BD58-EC5AE98707B8}" = HP Common Access Service Library "{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762 "{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English) "{98B6FB8A-8638-4037-AD44-CF7D0EEAB875}_is1" = TypingMaster Pro "{A13D16C5-38A9-4D96-9647-59FCCAB12A85}" = Visual Basic for Applications ® Core - English "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9 "{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint "{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CC016F21-3970-11DE-B878-005056806466}" = Google Earth "{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library "{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader "{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware "{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio "{E5E29403-3D25-40C6-892B-F9FEE2A95585}" = HP Wireless Assistant "{E8020EC7-5DD8-80C9-7237-7B2E9BDA8CC6}" = muvee Reveal "{EA6EB7D0-C920-4434-B43D-0DDD0AF8F497}" = Garmin MapSource "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F617649B-2104-41C7-B15A-9F0DE2AF8F4E}" = Minitab 15 English "{FB97C283-1F3C-42D4-AE01-ADC1DC12F774}" = Visual Basic for Applications ® Core "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Ad-Aware" = Ad-Aware "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "ArcGIS Desktop Evaluation Edition" = ArcGIS Desktop Evaluation Edition "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com "ERUNT_is1" = ERUNT 1.1j "ExpertGPS_is1" = ExpertGPS 3.03 "Fragstats 3.3" = Fragstats 3.3 "Google Updater" = Google Updater "HijackThis" = HijackThis 2.0.2 "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Mozilla Firefox (3.0.14)" = Mozilla Firefox (3.0.14) "NIS" = Norton Internet Security "numpy-py2.5" = Python 2.5 numpy-1.0.3 "Python 2.5 numpy-1.0.3" = Python 2.5 numpy-1.0.3 "Python 2.5.1" = Python 2.5.1 "SlowGold" = SlowGold "Winamp" = Winamp "Xvid_is1" = Xvid 1.2.1 final uninstall ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Move Media Player" = Move Media Player "uTorrent" = µTorrent ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 9/29/2009 4:55:42 PM | Computer Name = Devin-PC | Source = WinMgmt | ID = 10 Description = Error - 9/29/2009 8:05:37 PM | Computer Name = Devin-PC | Source = WinMgmt | ID = 10 Description = Error - 9/30/2009 9:28:34 PM | Computer Name = Devin-PC | Source = WinMgmt | ID = 10 Description = Error - 10/2/2009 12:57:33 AM | Computer Name = Devin-PC | Source = WinMgmt | ID = 10 Description = Error - 10/2/2009 4:47:35 PM | Computer Name = Devin-PC | Source = WinMgmt | ID = 10 Description = Error - 10/3/2009 12:09:35 AM | Computer Name = Devin-PC | Source = WinMgmt | ID = 10 Description = Error - 10/3/2009 3:20:14 PM | Computer Name = Devin-PC | Source = WinMgmt | ID = 10 Description = Error - 10/3/2009 6:40:25 PM | Computer Name = Devin-PC | Source = WinMgmt | ID = 10 Description = Error - 10/4/2009 1:26:46 PM | Computer Name = Devin-PC | Source = WinMgmt | ID = 10 Description = Error - 10/5/2009 3:10:00 PM | Computer Name = Devin-PC | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 9/26/2009 8:16:37 PM | Computer Name = Devin-PC | Source = Service Control Manager | ID = 7000 Description = Error - 9/26/2009 8:16:37 PM | Computer Name = Devin-PC | Source = Service Control Manager | ID = 7026 Description = Error - 9/26/2009 9:50:30 PM | Computer Name = Devin-PC | Source = bowser | ID = 8003 Description = Error - 9/27/2009 6:03:22 AM | Computer Name = Devin-PC | Source = volmgr | ID = 262190 Description = Crash dump initialization failed! Error - 9/27/2009 6:03:29 AM | Computer Name = Devin-PC | Source = Application Popup | ID = 1060 Description = \SystemRoot\SysWow64\Drivers\ASPI32.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Error - 9/27/2009 6:03:31 AM | Computer Name = Devin-PC | Source = volmgr | ID = 262190 Description = Crash dump initialization failed! Error - 9/27/2009 6:03:45 AM | Computer Name = Devin-PC | Source = HTTP | ID = 15016 Description = Error - 9/27/2009 6:04:19 AM | Computer Name = Devin-PC | Source = Service Control Manager | ID = 7009 Description = Error - 9/27/2009 6:04:19 AM | Computer Name = Devin-PC | Source = Service Control Manager | ID = 7000 Description = Error - 9/27/2009 6:04:19 AM | Computer Name = Devin-PC | Source = Service Control Manager | ID = 7026 Description = < End of report > |
 |
 
|
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
Similar Topics
| Topic Title | Replies / Views | Topic Information | |||||
|---|---|---|---|---|---|---|---|
 |
4 / 5,038 | 3rd June 2008 - 05:16 PM Reign started - last by miekiemoes |
|||||
 |
24 / 2,326 | 15th January 2009 - 01:21 AM toomuchtime started - last by emeraldnzl |
|||||
|
0 / 145 | 31st May 2009 - 02:25 PM c2rlv started - last by c2rlv |
|||||
|
1 / 58 | 8th October 2009 - 02:29 AM nivedl started - last by chamber |
|||||
|
Time is now: 20th November 2009 - 08:25 PM |
Advertisements do not imply our endorsement of that product or service. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks mentioned on this page are the property of their respective owners.
© Geeks to Go, Inc. | All Rights Reserved | Privacy Policy | Advertising