Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

error message proxy.dll [Closed]


  • This topic is locked This topic is locked

#1
chiquis

chiquis

    New Member

  • Member
  • Pip
  • 3 posts
i keeep getting this message antisvc_jncbfxnk.exe_ unable to locate component. this application has failed to satrt because proxy.dll was not found. re installing the application may fix this problem. i already did the steps of the malvare cleaning guide but it didnot work, pleaseeeee ehelpppp
  • 0

Advertisements


#2
chiquis

chiquis

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
OTL logfile created on: 5/5/2010 2:44:11 PM - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\cami\Downloads
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,013.00 Mb Total Physical Memory | 295.00 Mb Available Physical Memory | 29.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 44.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 100.14 Gb Total Space | 59.81 Gb Free Space | 59.72% Space Free | Partition Type: NTFS
Drive D: | 11.64 Gb Total Space | 1.87 Gb Free Space | 16.06% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: CAMI-PC
Current User Name: cami
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/05/05 14:42:53 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\cami\Downloads\OTL.exe
PRC - [2010/04/09 08:26:34 | 000,449,160 | ---- | M] () -- C:\WINDOWS\System32\qvvnxwsh\atisvc_jncbfxnk.exe
PRC - [2010/03/23 16:27:33 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2010/03/20 19:24:49 | 001,201,640 | ---- | M] (Webroot Software, Inc. ) -- C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe
PRC - [2010/03/09 07:18:07 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\ieuser.exe
PRC - [2010/01/26 17:58:38 | 000,256,280 | R--- | M] (Adobe Systems, Inc.) -- C:\WINDOWS\System32\Macromed\Flash\FlashUtil10e.exe
PRC - [2009/11/06 15:19:58 | 006,515,784 | ---- | M] (Webroot Software, Inc.) -- C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe
PRC - [2009/11/06 12:00:22 | 004,048,240 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) -- C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
PRC - [2009/11/06 12:00:22 | 000,165,232 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) -- C:\Program Files\Webroot\WebrootSecurity\SSU.exe
PRC - [2009/09/30 19:58:42 | 000,026,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2009/02/26 15:24:50 | 000,097,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
PRC - [2007/11/12 00:18:43 | 001,006,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/10/03 16:45:02 | 000,358,936 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/10/03 16:44:58 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007/07/12 05:00:36 | 000,132,496 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
PRC - [2006/09/19 09:07:28 | 000,827,392 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe


========== Modules (SafeList) ==========

MOD - [2010/05/05 14:42:53 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\cami\Downloads\OTL.exe
MOD - [2010/04/09 08:26:34 | 000,214,007 | ---- | M] () -- C:\WINDOWS\System32\qvvnxwsh\ATIDLL_febuxlor.dll
MOD - [2006/11/02 02:44:49 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msscript.ocx
MOD - [2006/11/02 02:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/04/09 08:26:34 | 000,449,160 | ---- | M] () [Auto | Running] -- C:\WINDOWS\System32\qvvnxwsh\atisvc_jncbfxnk.exe -- (atisvc_jncbfxnk)
SRV - [2010/03/20 19:24:49 | 001,201,640 | ---- | M] (Webroot Software, Inc. ) [Auto | Running] -- C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe -- (WRConsumerService)
SRV - [2009/11/06 12:00:22 | 004,048,240 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Auto | Running] -- C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe -- (WebrootSpySweeperService)
SRV - [2007/11/12 00:18:43 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/10/03 16:45:02 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2007/08/31 12:15:06 | 000,176,128 | ---- | M] (Starz Entertainment Group LLC) [On_Demand | Stopped] -- C:\Program Files\Vongo\VongoService.exe -- (Vongo Service)
SRV - [2007/03/05 11:30:06 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb)


========== Driver Services (SafeList) ==========

DRV - [2009/11/06 12:00:36 | 000,176,752 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\ssidrv.sys -- (ssidrv)
DRV - [2009/11/06 12:00:36 | 000,023,152 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\sshrmd.sys -- (sshrmd)
DRV - [2009/11/06 12:00:34 | 000,029,808 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\ssfs0bbc.sys -- (ssfs0bbc)
DRV - [2008/01/08 19:58:46 | 000,165,424 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/10/11 04:17:56 | 000,176,640 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CHDART.sys -- (HdAudAddService)
DRV - [2007/09/30 00:03:12 | 000,308,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2007/08/20 05:25:56 | 001,790,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2007/08/20 05:25:56 | 001,790,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\igdkmd32.sys -- (ialm)
DRV - [2007/07/10 07:27:56 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/06/20 04:29:56 | 000,984,064 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2007/06/20 04:28:34 | 000,208,896 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2007/06/20 04:28:22 | 000,660,480 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2007/06/18 18:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007/05/30 16:40:42 | 000,735,232 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\athr.sys -- (athr)
DRV - [2007/04/23 14:51:08 | 000,050,176 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2007/03/27 18:19:36 | 010,252,544 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3)
DRV - [2006/11/02 02:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 02:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 02:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 02:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 02:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 02:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 02:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 02:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 02:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 02:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 02:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 02:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 02:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 02:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 02:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 02:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 02:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 02:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 02:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 02:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 02:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 02:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 02:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 02:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 02:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 02:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 02:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 02:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 02:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 02:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 02:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 02:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 02:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/02 02:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 02:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 01:55:04 | 000,071,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2006/11/02 01:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 01:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 01:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 01:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 01:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 01:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 00:41:49 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2006/11/02 00:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 00:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2006/11/02 00:30:53 | 000,464,384 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\BCMWL6.SYS -- (BCM43XV)
DRV - [2006/06/28 11:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CPQBttn.sys -- (HBtnKey)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...o&pf=laptop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...a...o&pf=laptop

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2010/03/20 19:36:03 | 000,000,761 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (HP Print Clips) - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [HP Health Check Scheduler] File not found
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe ()
O4 - HKLM..\Run: [SpySweeper] C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe (Webroot Software, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - Startup: C:\Users\cami\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Users\cami\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - c:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.245.130 167.206.245.129
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\img4.jpg
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\img4.jpg
O30 - LSA: Authentication Packages - (ft Co) - File not found
O30 - LSA: Security Packages - (X2一㱷뵕 獭ㅶた搮汬) - File not found
O30 - LSA: Security Packages - (>뻯㱷뵕㱷뵕&) - File not found
O30 - LSA: Security Packages - (牲) - File not found
O30 - LSA: Security Packages - () - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/11/12 01:25:18 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 08:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\WINDOWS\System32\ias [2006/11/02 04:18:47 | 000,000,000 | ---D | M]
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 90 Days ==========

[2010/05/04 22:06:45 | 000,000,000 | ---D | C] -- C:\Users\cami\AppData\Roaming\Malwarebytes
[2010/05/04 22:06:32 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/05/04 22:06:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/05/04 22:06:28 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/05/04 22:06:26 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/05/04 22:04:57 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/05/04 22:03:04 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/05/04 20:19:03 | 000,000,000 | ---D | C] -- C:\Users\cami\AppData\Roaming\Uniblue
[2010/04/27 19:56:40 | 000,040,960 | ---- | C] ( ) -- C:\Windows\System32\rsnpstd2.dll
[2010/04/27 19:56:39 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\csnpstd2.dll
[2010/04/27 19:56:37 | 000,036,864 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd2.dll
[2010/04/27 19:56:36 | 000,036,864 | ---- | C] ( ) -- C:\Windows\System32\dsnpstd2.ax
[2010/04/27 19:56:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\snpstd2
[2010/04/26 18:48:49 | 000,000,000 | ---D | C] -- C:\Users\cami\AppData\Local\Adobe
[2010/04/19 19:18:04 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/04/09 08:26:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\qvvnxwsh
[2010/04/05 18:24:47 | 000,000,000 | ---D | C] -- C:\Users\cami\Documents\My Received Files
[2010/04/01 15:01:12 | 000,000,000 | -HSD | C] -- C:\found.000
[2010/03/27 15:52:17 | 000,000,000 | ---D | C] -- C:\Users\cami\Documents\OneNote Notebooks
[2010/03/23 17:07:59 | 000,000,000 | ---D | C] -- C:\Users\cami\AppData\Roaming\Adobe
[2010/03/23 17:02:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2010/03/20 19:56:13 | 000,000,000 | ---D | C] -- C:\Users\cami\AppData\Roaming\MSNInstaller
[2010/03/20 18:35:19 | 000,000,000 | ---D | C] -- C:\Users\cami\AppData\Local\QuickPlay
[2010/03/20 18:35:07 | 000,000,000 | ---D | C] -- C:\Users\cami\AppData\Roaming\Symantec
[2010/03/20 18:34:27 | 000,000,000 | R--D | C] -- C:\Users\cami\Searches
[2010/03/20 18:34:17 | 000,000,000 | ---D | C] -- C:\Users\cami\AppData\Roaming\Identities
[2010/03/20 18:34:14 | 000,000,000 | R--D | C] -- C:\Users\cami\Contacts
[2010/03/20 18:33:51 | 000,000,000 | ---D | C] -- C:\Users\cami\AppData\Roaming\Macromedia
[2010/03/20 18:27:39 | 000,000,000 | ---D | C] -- C:\Users\cami\AppData\Local\VirtualStore
[2010/03/20 18:24:51 | 000,000,000 | ---D | C] -- C:\Users\cami\AppData\Roaming\Hewlett-Packard
[2010/03/20 18:24:22 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2010/03/20 18:23:21 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010/03/20 18:22:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2010/03/20 18:21:58 | 000,000,000 | ---D | C] -- C:\Users\cami\AppData\Local\Downloaded Installations
[2010/03/20 18:17:41 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2010/03/20 18:14:38 | 000,000,000 | -HSD | C] -- C:\Users\cami\AppData\Local\Temporary Internet Files
[2010/03/20 18:14:38 | 000,000,000 | -HSD | C] -- C:\Users\cami\Templates
[2010/03/20 18:14:38 | 000,000,000 | -HSD | C] -- C:\Users\cami\Start Menu
[2010/03/20 18:14:38 | 000,000,000 | -HSD | C] -- C:\Users\cami\SendTo
[2010/03/20 18:14:38 | 000,000,000 | -HSD | C] -- C:\Users\cami\Recent
[2010/03/20 18:14:38 | 000,000,000 | -HSD | C] -- C:\Users\cami\PrintHood
[2010/03/20 18:14:38 | 000,000,000 | -HSD | C] -- C:\Users\cami\NetHood
[2010/03/20 18:14:38 | 000,000,000 | -HSD | C] -- C:\Users\cami\Documents\My Videos
[2010/03/20 18:14:38 | 000,000,000 | -HSD | C] -- C:\Users\cami\Documents\My Pictures
[2010/03/20 18:14:38 | 000,000,000 | -HSD | C] -- C:\Users\cami\Documents\My Music
[2010/03/20 18:14:38 | 000,000,000 | -HSD | C] -- C:\Users\cami\My Documents
[2010/03/20 18:14:38 | 000,000,000 | -HSD | C] -- C:\Users\cami\Local Settings
[2010/03/20 18:14:38 | 000,000,000 | -HSD | C] -- C:\Users\cami\AppData\Local\History
[2010/03/20 18:14:38 | 000,000,000 | -HSD | C] -- C:\Users\cami\Cookies
[2010/03/20 18:14:38 | 000,000,000 | -HSD | C] -- C:\Users\cami\Application Data
[2010/03/20 18:14:38 | 000,000,000 | -HSD | C] -- C:\Users\cami\AppData\Local\Application Data
[2010/03/20 18:14:36 | 000,000,000 | --SD | C] -- C:\Users\cami\AppData\Roaming\Microsoft
[2010/03/20 18:14:36 | 000,000,000 | R--D | C] -- C:\Users\cami\Videos
[2010/03/20 18:14:36 | 000,000,000 | R--D | C] -- C:\Users\cami\Saved Games
[2010/03/20 18:14:36 | 000,000,000 | R--D | C] -- C:\Users\cami\Pictures
[2010/03/20 18:14:36 | 000,000,000 | R--D | C] -- C:\Users\cami\Music
[2010/03/20 18:14:36 | 000,000,000 | R--D | C] -- C:\Users\cami\Links
[2010/03/20 18:14:36 | 000,000,000 | R--D | C] -- C:\Users\cami\Favorites
[2010/03/20 18:14:36 | 000,000,000 | R--D | C] -- C:\Users\cami\Downloads
[2010/03/20 18:14:36 | 000,000,000 | R--D | C] -- C:\Users\cami\Documents
[2010/03/20 18:14:36 | 000,000,000 | R--D | C] -- C:\Users\cami\Desktop
[2010/03/20 18:14:36 | 000,000,000 | -H-D | C] -- C:\Users\cami\AppData
[2010/03/20 18:14:36 | 000,000,000 | ---D | C] -- C:\Users\cami\AppData\Local\Temp
[2010/03/20 18:14:36 | 000,000,000 | ---D | C] -- C:\Users\cami\AppData\Local\Microsoft
[2010/03/20 18:14:36 | 000,000,000 | ---D | C] -- C:\Users\cami\AppData\Roaming\Media Center Programs
[2010/03/20 18:05:27 | 000,000,000 | -HSD | C] -- C:\ProgramData\Templates
[2010/03/20 18:05:27 | 000,000,000 | -HSD | C] -- C:\ProgramData\Start Menu
[2010/03/20 18:05:27 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Videos
[2010/03/20 18:05:27 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Pictures
[2010/03/20 18:05:27 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Music
[2010/03/20 18:05:27 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favorites
[2010/03/20 18:05:27 | 000,000,000 | -HSD | C] -- C:\Documents and Settings
[2010/03/20 18:05:27 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documents
[2010/03/20 18:05:27 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop
[2010/03/20 18:05:27 | 000,000,000 | -HSD | C] -- C:\ProgramData\Application Data
[2010/03/20 17:27:44 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2010/03/20 17:26:48 | 000,000,000 | ---D | C] -- C:\Program Files\MSSOAP
[2010/03/20 17:26:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2010/03/20 16:54:42 | 001,563,008 | ---- | C] (Webroot Software, Inc.) -- C:\Windows\WRSetup.dll
[2010/03/20 16:54:41 | 000,000,000 | ---D | C] -- C:\Users\cami\AppData\Roaming\Webroot
[2010/03/20 16:54:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Webroot
[2010/03/20 16:54:41 | 000,000,000 | ---D | C] -- C:\Program Files\Webroot
[2010/03/20 16:34:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion
[2010/03/20 16:34:21 | 000,000,000 | ---D | C] -- C:\Users\cami\AppData\Roaming\Yahoo!
[2010/03/20 16:18:08 | 000,000,000 | ---D | C] -- C:\Users\cami\Tracing
[2010/03/20 16:17:12 | 000,000,000 | ---D | C] -- C:\Users\cami\AppData\Local\Hewlett-Packard
[2010/03/20 16:05:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2010/03/20 16:04:49 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/03/20 16:01:37 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010/03/20 16:01:27 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010/03/20 16:01:02 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2010/03/20 16:00:38 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010/03/20 15:55:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2007/03/12 11:41:52 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd3.dll
[2005/11/23 12:55:32 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnpstd3.dll

========== Files - Modified Within 90 Days ==========

[2010/05/05 14:49:29 | 001,310,720 | -HS- | M] () -- C:\Users\cami\NTUSER.DAT
[2010/05/05 14:34:19 | 000,000,164 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2010/05/05 14:32:28 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/05/05 14:32:28 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/05/05 14:32:27 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/05/05 14:32:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/05/05 14:32:15 | 1063,272,448 | -HS- | M] () -- C:\hiberfil.sys
[2010/05/05 07:35:38 | 001,913,883 | -H-- | M] () -- C:\Users\cami\AppData\Local\IconCache.db
[2010/05/04 22:06:37 | 000,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/05/04 22:03:20 | 000,000,913 | ---- | M] () -- C:\Users\cami\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/05/04 22:03:08 | 000,000,733 | ---- | M] () -- C:\Users\cami\Desktop\NTREGOPT.lnk
[2010/05/04 22:03:08 | 000,000,714 | ---- | M] () -- C:\Users\cami\Desktop\ERUNT.lnk
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/04/12 13:19:15 | 000,716,948 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/04/12 13:19:15 | 000,618,648 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/04/12 13:19:15 | 000,104,024 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/04/09 08:26:33 | 002,152,608 | ---- | M] () -- C:\1324791.dll
[2010/03/27 15:52:15 | 000,001,111 | ---- | M] () -- C:\Users\cami\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
[2010/03/23 17:03:39 | 000,077,136 | ---- | M] () -- C:\Users\cami\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/03/23 16:58:57 | 000,000,749 | RH-- | M] () -- C:\Windows\WindowsShell.Manifest
[2010/03/23 16:55:58 | 000,312,336 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/03/23 16:43:50 | 001,654,487 | ---- | M] () -- C:\Windows\System32\wlan.tmf
[2010/03/20 19:55:51 | 000,001,997 | ---- | M] () -- C:\Users\Public\Desktop\MSN Installer.lnk
[2010/03/20 19:36:03 | 000,000,761 | ---- | M] () -- C:\Windows\System32\drivers\etc\HOSTS
[2010/03/20 19:24:46 | 000,001,809 | ---- | M] () -- C:\Users\Public\Desktop\Webroot AntiVirus.lnk
[2010/03/20 19:23:20 | 000,000,164 | ---- | M] () -- C:\Windows\install.dat
[2010/03/20 19:03:51 | 000,001,656 | ---- | M] () -- C:\Windows\tasks\wrSpySweeper_L8BEE779BB245456F9ECC6F9EDA2F035D.job
[2010/03/20 19:03:50 | 000,001,642 | ---- | M] () -- C:\Windows\tasks\wrSpySweeper_L7DC1C0608F9945C29C52CA4154830F25.job
[2010/03/20 18:45:48 | 031,522,816 | ---- | M] () -- C:\Windows\ocsetup_install_NetFx3.etl
[2010/03/20 18:45:48 | 000,065,536 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
[2010/03/20 18:45:48 | 000,049,152 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
[2010/03/20 18:34:07 | 000,000,081 | ---- | M] () -- C:\Windows\System32\LOG
[2010/03/20 18:34:06 | 000,000,044 | ---- | M] () -- C:\Windows\System\hpsysdrv.dat
[2010/03/20 18:24:36 | 000,001,851 | ---- | M] () -- C:\Users\Public\Desktop\Internet & Digital Services.lnk
[2010/03/20 18:15:06 | 000,000,000 | RHS- | M] () -- C:\Windows\System32\drivers\103C_HP_cNB_Presario C700 Notebook PC_Y5335KV_0U_QCND80433V3_E460271-001_4A_I30D9_SHP_V83.1F_F.23_T080103_WV3-0_L409_M1014_J120_7Intel_86FD_91.60_#071112_N10EC8139;168C001C_(KC590UA#ABA)_XMOBILE_CN10_Z_2F.23.MRK
[2010/03/20 18:14:38 | 000,000,020 | -HS- | M] () -- C:\Users\cami\ntuser.ini
[2010/03/20 15:51:21 | 000,000,943 | ---- | M] () -- C:\Users\cami\Desktop\Launch Internet Explorer Browser.lnk
[2010/03/20 15:41:54 | 000,524,288 | -HS- | M] () -- C:\Users\cami\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010/03/20 15:41:54 | 000,524,288 | -HS- | M] () -- C:\Users\cami\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/03/20 15:41:54 | 000,065,536 | -HS- | M] () -- C:\Users\cami\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf

========== Files Created - No Company Name ==========

[2010/05/04 22:06:37 | 000,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/05/04 22:03:20 | 000,000,913 | ---- | C] () -- C:\Users\cami\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/05/04 22:03:08 | 000,000,733 | ---- | C] () -- C:\Users\cami\Desktop\NTREGOPT.lnk
[2010/05/04 22:03:08 | 000,000,714 | ---- | C] () -- C:\Users\cami\Desktop\ERUNT.lnk
[2010/04/27 19:57:03 | 000,040,960 | ---- | C] () -- C:\Windows\vsnpstd2.exe
[2010/04/27 19:56:58 | 000,015,541 | ---- | C] () -- C:\Windows\snpstd2.ini
[2010/04/27 19:56:58 | 000,013,023 | ---- | C] () -- C:\Windows\snpstd2.src
[2010/04/27 19:56:57 | 000,053,248 | ---- | C] () -- C:\Windows\System32\dsnpstd2.dll
[2010/04/27 19:56:45 | 000,302,720 | ---- | C] () -- C:\Windows\System32\drivers\snpstd2.sys
[2010/04/27 19:56:31 | 000,020,480 | ---- | C] () -- C:\Windows\usnpstd2.exe
[2010/03/27 15:52:15 | 000,001,111 | ---- | C] () -- C:\Users\cami\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
[2010/03/23 16:43:50 | 001,654,487 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2010/03/22 10:30:18 | 002,152,608 | ---- | C] () -- C:\1324791.dll
[2010/03/22 10:23:49 | 000,000,402 | R--- | C] () -- C:\Windows\System32\msxml4.inf
[2010/03/20 19:55:51 | 000,001,997 | ---- | C] () -- C:\Users\Public\Desktop\MSN Installer.lnk
[2010/03/20 19:24:46 | 000,001,809 | ---- | C] () -- C:\Users\Public\Desktop\Webroot AntiVirus.lnk
[2010/03/20 18:41:32 | 031,522,816 | ---- | C] () -- C:\Windows\ocsetup_install_NetFx3.etl
[2010/03/20 18:41:32 | 000,065,536 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
[2010/03/20 18:41:32 | 000,049,152 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
[2010/03/20 18:35:14 | 000,000,000 | ---- | C] () -- C:\Users\cami\AppData\Local\QSwitch.txt
[2010/03/20 18:35:14 | 000,000,000 | ---- | C] () -- C:\Users\cami\AppData\Local\DSwitch.txt
[2010/03/20 18:35:14 | 000,000,000 | ---- | C] () -- C:\Users\cami\AppData\Local\AtStart.txt
[2010/03/20 18:34:07 | 000,000,081 | ---- | C] () -- C:\Windows\System32\LOG
[2010/03/20 18:34:06 | 000,000,044 | ---- | C] () -- C:\Windows\System\hpsysdrv.dat
[2010/03/20 18:24:39 | 000,002,045 | ---- | C] () -- C:\Users\Public\Desktop\MSN.lnk
[2010/03/20 18:24:39 | 000,001,865 | ---- | C] () -- C:\Users\Public\Desktop\HP Total Care Advisor.lnk
[2010/03/20 18:24:36 | 000,001,851 | ---- | C] () -- C:\Users\Public\Desktop\Internet & Digital Services.lnk
[2010/03/20 18:15:06 | 000,000,000 | RHS- | C] () -- C:\Windows\System32\drivers\103C_HP_cNB_Presario C700 Notebook PC_Y5335KV_0U_QCND80433V3_E460271-001_4A_I30D9_SHP_V83.1F_F.23_T080103_WV3-0_L409_M1014_J120_7Intel_86FD_91.60_#071112_N10EC8139;168C001C_(KC590UA#ABA)_XMOBILE_CN10_Z_2F.23.MRK
[2010/03/20 18:14:38 | 000,524,288 | -HS- | C] () -- C:\Users\cami\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010/03/20 18:14:38 | 000,524,288 | -HS- | C] () -- C:\Users\cami\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/03/20 18:14:38 | 000,065,536 | -HS- | C] () -- C:\Users\cami\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/03/20 18:14:38 | 000,000,020 | -HS- | C] () -- C:\Users\cami\ntuser.ini
[2010/03/20 18:14:37 | 000,262,144 | -H-- | C] () -- C:\Users\cami\ntuser.dat.LOG1
[2010/03/20 18:14:37 | 000,000,000 | -H-- | C] () -- C:\Users\cami\ntuser.dat.LOG2
[2010/03/20 18:14:36 | 001,310,720 | -HS- | C] () -- C:\Users\cami\NTUSER.DAT
[2010/03/20 18:03:08 | 000,001,656 | ---- | C] () -- C:\Windows\tasks\wrSpySweeper_L8BEE779BB245456F9ECC6F9EDA2F035D.job
[2010/03/20 18:02:58 | 000,001,642 | ---- | C] () -- C:\Windows\tasks\wrSpySweeper_L7DC1C0608F9945C29C52CA4154830F25.job
[2010/03/20 16:51:01 | 000,000,164 | ---- | C] () -- C:\Windows\install.dat
[2010/03/20 16:02:52 | 1063,272,448 | -HS- | C] () -- C:\hiberfil.sys
[2010/03/20 15:51:21 | 000,000,943 | ---- | C] () -- C:\Users\cami\Desktop\Launch Internet Explorer Browser.lnk
[2009/11/06 12:00:28 | 000,031,088 | ---- | C] () -- C:\Windows\System32\wrLZMA.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2008/01/25 06:05:11 | 000,155,648 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2007/08/20 05:34:08 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1318.dll
[2007/08/20 05:25:00 | 000,910,720 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007/08/20 05:10:18 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/11/02 05:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 00:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2004/02/27 16:36:18 | 000,015,498 | ---- | C] () -- C:\Windows\snpstd3.ini

========== LOP Check ==========

[2010/03/20 19:56:15 | 000,000,000 | ---D | M] -- C:\Users\cami\AppData\Roaming\MSNInstaller
[2010/05/04 20:19:03 | 000,000,000 | ---D | M] -- C:\Users\cami\AppData\Roaming\Uniblue
[2010/05/05 07:36:07 | 000,024,882 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT
[2010/03/20 19:03:50 | 000,001,642 | ---- | M] () -- C:\WINDOWS\Tasks\wrSpySweeper_L7DC1C0608F9945C29C52CA4154830F25.job
[2010/03/20 19:03:51 | 000,001,656 | ---- | M] () -- C:\WINDOWS\Tasks\wrSpySweeper_L8BEE779BB245456F9ECC6F9EDA2F035D.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2010/04/09 08:26:33 | 002,152,608 | ---- | M] () -- C:\1324791.dll
[2007/11/12 01:25:18 | 000,000,074 | ---- | M] () -- C:\autoexec.bat
[2006/11/02 02:53:57 | 000,438,840 | RHS- | M] () -- C:\bootmgr
[2006/09/18 14:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2010/05/05 14:32:15 | 1063,272,448 | -HS- | M] () -- C:\hiberfil.sys
[2007/11/12 01:01:32 | 000,000,371 | -H-- | M] () -- C:\IPH.PH
[2010/05/05 14:32:13 | 1377,198,080 | -HS- | M] () -- C:\pagefile.sys
[2009/09/01 13:46:12 | 000,196,608 | ---- | M] () -- C:\{02379B89-CCA6-424B-AAC7-553F42EC24B9}.dll
[2009/08/25 15:30:29 | 000,077,824 | ---- | M] () -- C:\{06792611-F3E6-4B53-B577-71E15998738D}.dll
[2009/08/25 15:30:55 | 000,196,608 | ---- | M] () -- C:\{13F1D69E-E27D-4B43-8D1C-4C85E4E48A1A}.dll
[2009/08/25 15:30:39 | 000,192,512 | ---- | M] () -- C:\{3D0CA2BA-C55E-41D9-A054-933ED4066011}.dll
[2009/09/01 13:46:12 | 000,196,608 | ---- | M] () -- C:\{5E027D7F-4174-4B4E-8CBC-94AD92935FEC}.dll
[2009/08/25 15:30:55 | 000,196,608 | ---- | M] () -- C:\{8A0723F0-54AA-4743-8C2F-12207EE45E7D}.dll
[2009/09/01 13:46:12 | 000,196,608 | ---- | M] () -- C:\{9F2AA053-55F6-4620-B799-27617F6D792F}.dll
[2009/08/25 15:30:35 | 000,118,784 | ---- | M] () -- C:\{A024FAFE-2980-469A-B7F9-9DE9ED7BBCD5}.dll
[2009/07/26 00:38:57 | 000,561,152 | ---- | M] () -- C:\{A42D5CBC-DE22-4581-80AE-BA8DE0E8C756}.dll
[2009/08/25 15:30:55 | 000,196,608 | ---- | M] () -- C:\{AA1EDF20-1E87-4684-8103-4E3B21A8023D}.dll
[2009/09/01 13:46:12 | 000,196,608 | ---- | M] () -- C:\{AF176021-0D36-4056-B0AB-F1ABCAA53E76}.dll
[2009/08/25 15:30:55 | 000,196,608 | ---- | M] () -- C:\{B7A40752-F826-4E36-B916-522B5745C317}.dll
[2009/09/01 13:46:12 | 000,196,608 | ---- | M] () -- C:\{B9562DA3-93DB-485F-AE97-0D63260BBF78}.dll
[2009/08/25 15:30:55 | 000,196,608 | ---- | M] () -- C:\{C0B9F0CE-E8D9-41B6-BFF5-45B8645A7352}.dll
[2009/09/01 13:46:12 | 000,196,608 | ---- | M] () -- C:\{CCEEBE81-9F03-4768-AA6F-D627C8BC1A92}.dll
[2009/09/01 13:48:18 | 000,118,784 | ---- | M] () -- C:\{CED32574-295A-453C-BB4E-6602EB69BFD8}.dll
[2009/07/26 00:47:23 | 001,433,600 | ---- | M] () -- C:\{D4DA7247-F810-4136-99B4-61B0DABEAB1B}.dll
[2009/09/01 13:46:36 | 000,077,824 | ---- | M] () -- C:\{DB495FA3-CD09-4D9E-B4D0-9732FD1C3BC0}.dll
[2009/08/25 15:30:55 | 000,196,608 | ---- | M] () -- C:\{EBE098B6-0BA8-49BF-944B-AB0ED336F75E}.dll
[2009/08/25 15:30:31 | 000,086,016 | ---- | M] () -- C:\{F2B353A6-0A6C-49B8-B8EB-AAC62C93158B}.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2010/03/09 09:49:34 | 000,347,136 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\dxtmsft.dll
[2010/03/09 09:49:34 | 000,214,528 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\dxtrans.dll
[2006/11/02 02:47:18 | 000,228,968 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\rsaenh.dll
[2007/11/12 00:26:47 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\SLC.dll
[2009/11/06 12:00:28 | 000,031,088 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\System32\wrLZMA.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2006/11/02 03:34:05 | 000,008,192 | ---- | M] () -- C:\WINDOWS\System32\config\COMPONENTS.SAV
[2006/11/02 03:34:05 | 000,020,480 | ---- | M] () -- C:\WINDOWS\System32\config\DEFAULT.SAV
[2006/11/02 03:34:05 | 000,008,192 | ---- | M] () -- C:\WINDOWS\System32\config\SECURITY.SAV
[2006/11/02 03:34:08 | 010,133,504 | ---- | M] () -- C:\WINDOWS\System32\config\SOFTWARE.SAV
[2006/11/02 03:34:08 | 001,826,816 | ---- | M] () -- C:\WINDOWS\System32\config\SYSTEM.SAV

< %systemroot%\system32\drivers\*.sys /90 >
[2010/03/23 16:44:48 | 000,258,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\acpi.sys
[2010/03/23 16:28:02 | 000,021,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\atapi.sys
[2010/03/23 16:28:02 | 000,109,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ataport.sys
[2010/03/23 16:44:48 | 000,028,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\battc.sys
[2010/03/23 16:44:48 | 000,014,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\CmBatt.sys
[2010/03/23 16:44:49 | 000,020,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\compbatt.sys
[2010/03/20 18:26:38 | 000,396,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\http.sys
[2010/03/23 16:22:57 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\i8042prt.sys
[2010/03/23 16:28:02 | 000,017,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\intelide.sys
[2010/03/23 16:22:57 | 000,035,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kbdclass.sys
[2010/03/23 16:22:57 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kbdhid.sys
[2010/03/23 16:42:41 | 000,408,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ksecdd.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/03/23 16:38:30 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\monitor.sys
[2010/03/23 16:22:57 | 000,034,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mouclass.sys
[2010/03/23 16:44:16 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mrxdav.sys
[2010/02/23 06:14:41 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mrxsmb.sys
[2010/02/23 06:14:51 | 000,211,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mrxsmb10.sys
[2010/02/23 06:14:42 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mrxsmb20.sys
[2010/03/20 18:54:35 | 000,213,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\netio.sys
[2010/03/23 16:38:30 | 001,060,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ntfs.sys
[2010/03/23 16:28:02 | 000,154,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nwifi.sys
[2010/03/23 16:28:02 | 000,045,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\pciidex.sys
[2010/03/23 16:03:12 | 000,113,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rmcast.sys
[2010/03/23 16:22:57 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sermouse.sys
[2010/03/23 16:46:41 | 000,306,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\srv.sys
[2010/03/20 18:25:30 | 000,130,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\srv2.sys
[2010/03/23 16:46:41 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\srvnet.sys
[2010/02/18 05:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tcpip.sys
[2010/02/18 05:04:30 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\TUNMP.SYS
[2010/02/18 05:04:38 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tunnel.sys
[2010/03/23 16:28:02 | 000,211,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\volsnap.sys
[2010/03/23 16:22:58 | 000,495,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\Wdf01000.sys
[2010/03/23 16:22:58 | 000,035,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\WdfLdr.sys
[2010/03/23 16:44:49 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wmiacpi.sys

< >

< >
  • 0

#3
chiquis

chiquis

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
OTL Extras logfile created on: 5/5/2010 2:44:11 PM - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\cami\Downloads
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,013.00 Mb Total Physical Memory | 295.00 Mb Available Physical Memory | 29.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 44.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 100.14 Gb Total Space | 59.81 Gb Free Space | 59.72% Space Free | Partition Type: NTFS
Drive D: | 11.64 Gb Total Space | 1.87 Gb Free Space | 16.06% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: CAMI-PC
Current User Name: cami
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"" =

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"" =
"C:\Program Files\Vongo\VongoService.exe" = C:\Program Files\Vongo\VongoService.exe:*:enabled:VongoService -- (Starz Entertainment Group LLC)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- (EarthLink, Inc.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{56FB246A-D9E0-4462-B172-AFBFD29E3BCE}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D30072F7-F612-44A7-99B1-B02449A17F3F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1D153740-F5F1-4477-A780-2F27D643099B}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{455A6F8E-9B2B-4357-9D9B-6469ABF27DD5}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{4582A34F-3EE5-4643-9B3F-1C87C653B55C}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{50789C6E-2968-4795-B1A5-CB0903F58867}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{5F3258DF-E58A-4022-AE80-193775E56132}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{7FCFED6C-0C4E-4096-A4DB-CBD2EAAC799E}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{8B760CE0-56AA-4C08-8AE3-077596718A18}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{947F097D-8B49-4ACA-80B6-1AA2B404327A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{95E2F717-F762-45CD-97AD-77C9E5591DF6}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{96BA7409-4F24-4808-AE89-500A8910A762}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{CFC3E763-6F9C-4A1F-AB3A-C289D4FA0A98}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{DC734CC8-0ED3-4AA3-AE07-A3C0B117BC54}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{DDB741A2-817C-420D-9440-C0194567D49A}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{E3CD7F8B-13AD-46BA-A142-7CC4C51F1166}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{FF474905-9776-4B53-B8A4-052E3CC84284}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"TCP Query User{FE96CA9A-D6AF-47F3-B749-9F27A3E7BD2C}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{0BC560C2-C664-4804-B5CF-860E3F259DE4}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06E74B9B-631F-4378-BF3A-40D868450C05}" = HPPhotoSmartPhotobookHolidayPack1
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{082F8ABA-84D5-4837-9DFC-F365D91A07D4}" = HP Smart Web Printing
"{11B83AD3-7A46-4C2E-A568-9505981D4C6F}" = HP Update
"{11BB336F-0E58-4977-B866-F24FA334616B}" = HP Active Support Library
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{172AEB5E-CBB2-4CDD-A4CF-388600825839}" = HPPhotoSmartPhotobookPlayfulPack1
"{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{1FCC574F-AFA2-4432-9EF1-79CA7BA73431}_is1" = Webroot AntiVirus with Spy Sweeper
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{209CDA54-D390-46A2-A97C-7BF61734418D}" = WeatherBug Gadget
"{2284D904-C138-4B58-93EC-5C362AB5130A}" = The Sims™ Life Stories
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{250E9609-E830-43EB-B379-DAB7546A2422}" = muvee autoProducer 6.1
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{28EDCE9C-3304-4331-8AB3-F3EBE94C35B4}" = HP Help and Support
"{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.30 E2
"{3F5B6210-0903-4DC6-8034-8F488AA3A782}" = Spy Sweeper Core
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 3.6
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{865DB1C9-D5E4-408B-B37D-9927E605BD2D}" = ESU for Microsoft Vista
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89E052B2-5CA5-4B7A-AF0C-28CA2836B030}" = HPPhotoSmartPhotobookModernPack1
"{8C3AE2D1-854D-4650-A73D-C7CC7EE36B80}" = Vongo
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9885A11E-60E4-417C-B58B-8B31B21C0B8A}" = HP Easy Setup - Frontend
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Touch Pad Driver
"{A07840FC-CE63-4CB8-8030-EF4B9805925A}" = HPPhotoSmartDiscLabel_PaperLabel
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0
"{AC95121F-1576-45B8-82F7-3911D27882E6}" = HPPhotoSmartPhotobookScrapbookPack1
"{ADFB9653-F44C-460C-BF58-189CC552DFFE}" = hpphotosmartdisclabelplugin
"{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}" = Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista
"{b02df929-29a7-4fd2-9a70-81a644b635f7}" = HP Total Care Advisor
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4E91E95-A5BA-4E50-A465-DB7EFEB176E8}" = HPPhotoSmartDiscLabel_PrintOnDisc
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BD0E2B92-3814-46F0-893B-4612EA010C7E}" = HP Customer Experience Enhancements
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}" = HP Wireless Assistant
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{D7358B07-4F10-4014-9869-7999578BE8ED}" = HP User Guides 0093
"{DD3C88A0-C53C-41D0-A21B-6D021981D23E}" = HPPhotoSmartDiscLabelContent1
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{EADAA6F7-991F-4CE9-B5CE-FCF3D81F7C7D}" = USB PC Camera (SN9C103)
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F5577101-33CC-4711-8235-3A95BCD49DB0}" = EA Link
"{F636EE9A-F9EC-4606-BCFA-77DD0E210788}" = HPPhotoSmartDiscLabel_Tattoo
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F7F3B252-E772-48AA-93EB-7964BC326067}" = MSCU for Microsoft Vista
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AIM_6" = AIM 6
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"ERUNT_is1" = ERUNT 1.1j
"HDMI" = Intel® Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{F5577101-33CC-4711-8235-3A95BCD49DB0}" = EA Link
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSNINST" = MSN
"SlingMedia.QPSlingPlayer_is1" = QuickPlay SlingPlayer 0.4.4
"TVWiz" = Intel® TV Wizard
"ViewpointMediaPlayer" = Viewpoint Media Player
"WildTangent hp Master Uninstall" = My HP Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/4/2010 6:33:41 PM | Computer Name = cami-PC | Source = WerSvc | ID = 5007
Description =

Error - 5/4/2010 8:56:21 PM | Computer Name = cami-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6000.17037, time stamp
0x4b9658a0, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception
code 0xc0000096, fault offset 0x00210ff1, process id 0x48cc, application start time
0x01caebddc3868f40.

Error - 5/4/2010 9:58:00 PM | Computer Name = cami-PC | Source = EventSystem | ID = 4621
Description =

Error - 5/4/2010 10:43:11 PM | Computer Name = cami-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6000.17037, time stamp
0x4b9658a0, faulting module ntdll.dll, version 6.0.6000.16386, time stamp 0x4549bdc9,
exception code 0xc0000005, fault offset 0x0003b15f, process id 0xed4, application
start time 0x01caebf7ab370d6d.

Error - 5/5/2010 12:07:52 AM | Computer Name = cami-PC | Source = WerSvc | ID = 5007
Description =

Error - 5/5/2010 1:06:28 AM | Computer Name = cami-PC | Source = WerSvc | ID = 5007
Description =

Error - 5/5/2010 1:17:08 AM | Computer Name = cami-PC | Source = EventSystem | ID = 4621
Description =

Error - 5/5/2010 1:25:11 AM | Computer Name = cami-PC | Source = Application Hang | ID = 1002
Description = The program Explorer.EXE version 6.0.6000.16771 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1d8 Start Time: 01caec1275b1de0e Termination Time: 0

Error - 5/5/2010 1:44:59 AM | Computer Name = cami-PC | Source = Application Hang | ID = 1002
Description = The program HPAdvisor.exe version 1.4.19.2433 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 8d8 Start Time: 01caec159c769d48 Termination Time: 134

Error - 5/5/2010 10:35:53 AM | Computer Name = cami-PC | Source = EventSystem | ID = 4621
Description =

[ System Events ]
Error - 4/28/2010 11:34:15 PM | Computer Name = cami-PC | Source = DCOM | ID = 10010
Description =

Error - 5/1/2010 1:24:19 AM | Computer Name = cami-PC | Source = DCOM | ID = 10010
Description =

Error - 5/4/2010 8:56:57 PM | Computer Name = cami-PC | Source = DCOM | ID = 10010
Description =

Error - 5/4/2010 9:50:37 PM | Computer Name = cami-PC | Source = DCOM | ID = 10010
Description =

Error - 5/4/2010 9:57:58 PM | Computer Name = cami-PC | Source = DCOM | ID = 10010
Description =

Error - 5/4/2010 10:57:15 PM | Computer Name = cami-PC | Source = DCOM | ID = 10010
Description =

Error - 5/5/2010 12:51:13 AM | Computer Name = cami-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 5/5/2010 1:17:12 AM | Computer Name = cami-PC | Source = DCOM | ID = 10010
Description =

Error - 5/5/2010 1:41:12 AM | Computer Name = cami-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 10:26:31 PM on 5/4/2010 was unexpected.

Error - 5/5/2010 9:53:49 AM | Computer Name = cami-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 11:31:55 PM on 5/4/2010 was unexpected.


< End of report >
  • 0

#4
CatByte

CatByte

    GeekU Teacher

  • GeekU Moderator
  • 2,704 posts
  • MVP
Hi,

Please do the following:

Posted Image
Download GMER Rootkit Scanner from here or here.
  • Extract the contents of the zipped file to desktop.
  • Double click GMER.exe. If asked to allow gmer.sys driver to load, please consent .
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.

    Posted Image
    Click the image to enlarge it
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • IAT/EAT
    • Drives/Partition other than Systemdrive (typically C:\)
    • Show All (don't miss this one)
  • Then click the Scan button & wait for it to finish.
  • Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file which cannot be uploaded to your post.
  • Save it where you can easily find it, such as your desktop, and attach it in your reply.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

  • 0

#5
CatByte

CatByte

    GeekU Teacher

  • GeekU Moderator
  • 2,704 posts
  • MVP
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP