Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

VERY slow internet...

Started by GarbageBug , Jun 21 2010 10:26 PM

  • Please log in to reply

#1
GarbageBug
Posted 21 June 2010 - 10:26 PM

GarbageBug

    New Member

  • Member
  • Pip
  • 1 posts
Not a hardware or driver issue; aircard works with other computer, other aircards have same problems on subject computer, no device conflicts. Not a issue with services or background programs; systematically went through all with MSCONFIG. I am hoping it is virus/malware and can be solved before having to do clean install. One problem I am having is not being able to get updates or download programs directly to the computer; having to ferry things with thumb drives...
So I have run Mbam, gmer, avast, and otl...have logs for all but mbam, avast, and gmer gave no indication of hits so I am including only the OTL log (as it wont let me put them all here) Thank You in Advance...



OTL logfile created on: 6/21/2010 3:52:29 PM - Run 3
OTL by OldTimer - Version 3.2.6.1 Folder = C:\Users\Bill\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 45.00% Memory free
7.00 Gb Paging File | 5.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 294.33 Gb Total Space | 216.09 Gb Free Space | 73.42% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 298.02 Gb Total Space | 263.25 Gb Free Space | 88.33% Space Free | Partition Type: FAT32
I: Drive not present or media not loaded

Computer Name: BILL-PC
Current User Name: Bill
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/06/21 09:09:04 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Bill\Desktop\OTL.exe
PRC - [2010/03/16 19:05:26 | 000,704,432 | ---- | M] () -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
PRC - [2009/12/02 12:21:50 | 000,316,736 | ---- | M] (C-motech Co.,Ltd) -- C:\Program Files\Sprint\Sprint SmartView\RDVCHG.exe
PRC - [2009/11/24 18:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/11/24 18:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/11/24 18:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/11/24 18:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/11/24 18:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/11/11 04:32:26 | 000,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
PRC - [2009/11/06 17:58:02 | 004,793,088 | ---- | M] (Space Sciences Laboratory) -- C:\Program Files\BOINC\boincmgr.exe
PRC - [2009/11/06 17:58:02 | 000,058,112 | ---- | M] (Space Sciences Laboratory) -- C:\Program Files\BOINC\boinctray.exe
PRC - [2009/11/06 17:58:00 | 000,783,104 | ---- | M] (Space Sciences Laboratory) -- C:\Program Files\BOINC\boinc.exe
PRC - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009/08/18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009/07/31 15:00:10 | 001,626,112 | ---- | M] (Eastman Kodak Company) -- C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
PRC - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/05/04 12:15:26 | 000,279,960 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\AiO\Center\EKDiscovery.exe
PRC - [2009/04/17 12:08:26 | 000,032,768 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\AiO\Center\KodakSvc.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/12 12:53:46 | 000,254,036 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_98f8d2d0\stacsv.exe
PRC - [2008/05/02 02:44:08 | 000,805,392 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2008/05/02 02:40:56 | 000,076,304 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
PRC - [2008/01/20 21:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/12/12 15:08:46 | 000,155,648 | ---- | M] (Sprint Spectrum, L.L.C) -- C:\Program Files\Novatel Wireless\Sprint\Sprint PCS Connection Manager\OSCMUtilityService.exe
PRC - [2007/11/07 18:26:44 | 001,945,688 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImage\TimounterMonitor.exe
PRC - [2007/11/07 18:18:28 | 000,148,760 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2007/11/07 18:18:22 | 000,406,808 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2007/11/07 18:14:04 | 001,165,120 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe
PRC - [2007/10/15 09:15:08 | 001,410,344 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2007/10/15 09:14:48 | 000,202,024 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe


========== Modules (SafeList) ==========

MOD - [2010/06/21 09:09:04 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Bill\Desktop\OTL.exe
MOD - [2009/04/11 01:28:21 | 002,241,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msi.dll
MOD - [2009/04/11 01:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2009/03/29 23:42:16 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4016_none_d0893820442e7fe
4\msvcr80.dll
MOD - [2008/05/02 02:42:50 | 000,045,584 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\lgscroll.dll
MOD - [2008/01/20 21:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2008/01/20 21:24:15 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sfc_os.dll
MOD - [2006/11/02 04:46:13 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sfc.dll
MOD - [2006/11/02 04:46:07 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msiltcfg.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/03/16 19:05:26 | 000,704,432 | ---- | M] () [Auto | Running] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2010/03/16 19:05:26 | 000,704,432 | ---- | M] () [Auto | Running] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloFileInfoList)
SRV - [2009/12/02 12:21:50 | 000,120,128 | ---- | M] (SmithMicro Inc.) [On_Demand | Stopped] -- C:\Program Files\Sprint\Sprint SmartView\RcAppSvc.exe -- (SprintRcAppSvc)
SRV - [2009/12/02 12:19:28 | 000,124,224 | ---- | M] (SmithMicro Inc.) [On_Demand | Stopped] -- C:\Program Files\Sprint\Sprint SmartView\ConAppsSvc.exe -- (CASprint)
SRV - [2009/11/24 18:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/11/24 18:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/11/24 18:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/11/24 18:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009/11/11 04:32:26 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-093009-130223)
SRV - [2009/09/28 10:42:50 | 000,109,056 | ---- | M] (ArcSoft Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/09/24 20:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009/05/04 12:15:26 | 000,279,960 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files\Kodak\AiO\Center\EKDiscovery.exe -- (Kodak AiO Network Discovery Service)
SRV - [2009/04/26 15:29:24 | 000,090,352 | ---- | M] (PC Pitstop LLC) [Disabled | Stopped] -- C:\Program Files\PCPitstop\PCPitstopScheduleService.exe -- (PCPitstop Scheduling)
SRV - [2009/04/17 12:08:26 | 000,032,768 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files\Kodak\AiO\center\KodakSvc.exe -- (KodakSvc)
SRV - [2009/03/12 12:53:46 | 000,254,036 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_98f8d2d0\stacsv.exe -- (STacSV)
SRV - [2008/05/02 02:42:06 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/12 15:08:46 | 000,155,648 | ---- | M] (Sprint Spectrum, L.L.C) [Auto | Running] -- C:\Program Files\Novatel Wireless\Sprint\Sprint PCS Connection Manager\OSCMUtilityService.exe -- (OSCM Utility Service)
SRV - [2007/11/07 18:18:22 | 000,406,808 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)


========== Driver Services (SafeList) ==========

DRV - [2010/01/12 16:24:00 | 000,030,880 | ---- | M] (Intel Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\iqvw32.sys -- (NAL)
DRV - [2009/12/18 10:58:52 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2009/12/02 13:12:46 | 000,028,288 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swmsflt.sys -- (swmsflt)
DRV - [2009/12/02 12:12:46 | 000,171,400 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SWNC5E00.sys -- (SWNC5E00) Sierra Wireless MUX NDIS Driver (#00)
DRV - [2009/12/02 12:12:46 | 000,142,848 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swmx00.sys -- (swmx00) Sierra Wireless USB MUX Driver (#00)
DRV - [2009/12/02 12:12:36 | 000,018,816 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2009/12/02 12:12:34 | 000,038,680 | ---- | M] (PCTEL Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pctnullport.sys -- (Nmea)
DRV - [2009/12/02 12:10:58 | 000,032,408 | ---- | M] (Smith Micro Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\PCTINDIS5.sys -- (PCTINDIS5)
DRV - [2009/11/24 18:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009/11/24 18:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/11/24 18:49:48 | 000,053,328 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2009/11/24 18:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009/11/24 18:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009/09/08 10:40:14 | 000,020,392 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\elrawdsk.sys -- (ElRawDisk)
DRV - [2009/08/28 15:16:18 | 000,218,616 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2009/03/12 12:53:46 | 000,398,336 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2009/02/26 12:39:50 | 004,569,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2008/10/15 12:58:26 | 000,222,720 | ---- | M] (Novatel Wireless Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NWADIenum.sys -- (NWADI)
DRV - [2008/10/15 12:58:26 | 000,174,336 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nwusbser2.sys -- (NWUSBPort2)
DRV - [2008/10/15 12:58:26 | 000,174,336 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nwusbser.sys -- (NWUSBPort)
DRV - [2008/10/15 12:58:26 | 000,174,336 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nwusbmdm.sys -- (NWUSBModem)
DRV - [2008/10/15 12:58:26 | 000,020,480 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NwUsbCdFil.sys -- (NWUSBCDFIL)
DRV - [2008/06/14 19:54:10 | 000,008,413 | ---- | M] (RealNetworks, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\mcstrm.sys -- (MCSTRM)
DRV - [2008/05/18 13:00:30 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008/05/08 14:35:28 | 000,400,864 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2008/05/08 14:35:28 | 000,040,064 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\Windows\System32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2008/05/08 14:35:27 | 000,120,992 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2008/02/29 03:13:24 | 000,036,880 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2008/02/29 03:13:16 | 000,035,344 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2008/01/20 21:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/20 21:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/20 21:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/20 21:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/20 21:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/20 21:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/20 21:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/20 21:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/20 21:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/20 21:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2008/01/20 21:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/20 21:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/20 21:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/20 21:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/20 21:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/20 21:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/20 21:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/20 21:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/20 21:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/20 21:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/20 21:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/20 21:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/20 21:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/20 21:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/20 21:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/10/12 17:04:40 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PCASp50.sys -- (PCASp50)
DRV - [2007/05/11 21:00:14 | 000,045,056 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI) Intel®
DRV - [2007/03/12 09:59:00 | 000,534,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WMP54GSx86.sys -- (BCM43XX)
DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 02:30:53 | 000,464,384 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XV)
DRV - [2006/07/24 18:51:34 | 000,009,341 | ---- | M] (iolo technologies, LLC (based on original work by Bo Brantén)) [Kernel | System | Running] -- C:\Windows\System32\drivers\filedisk.sys -- (FileDisk)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = www.bing.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.msn.com/default.aspx?mypg=1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8D B1 9E 00 B5 52 CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/...?FORM=IEFM1&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://my.yahoo.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:4.0.53.0
FF - prefs.js..extensions.enabledItems: [email protected]:6.9.1
FF - prefs.js..keyword.URL: "http://www.bing.com/...?FORM=IEFM1&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/05/14 16:03:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/05/14 16:03:29 | 000,000,000 | ---D | M]

[2009/05/19 17:29:11 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\Mozilla\Extensions
[2010/06/18 19:01:08 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\cgxsb565.default\extensions
[2010/06/18 18:19:48 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\cgxsb565.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/06/18 18:19:48 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\cgxsb565.default\extensions\[email protected]
[2009/10/23 14:46:13 | 000,002,171 | ---- | M] () -- C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\cgxsb565.default\searchplugins\bing.xml
[2010/06/18 19:01:08 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/06/23 00:35:04 | 000,001,619 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\FFToolbar.xml

O1 HOSTS File: ([2008/05/15 11:18:28 | 000,239,248 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.1001-search.info
O1 - Hosts: 127.0.0.1 1001-search.info
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 8369 more lines...
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImage\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [boincmgr] C:\Program Files\BOINC\boincmgr.exe (Space Sciences Laboratory)
O4 - HKLM..\Run: [boinctray] C:\Program Files\BOINC\boinctray.exe (Space Sciences Laboratory)
O4 - HKLM..\Run: [DhtTrayApp] C:\Program Files\Dolby\Dolby Home Theater\DHTTray.exe ()
O4 - HKLM..\Run: [EKIJ5000StatusMonitor] C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [iolo Startup] C:\Program Files\iolo\Common\Lib\ioloLManager.exe (iolo technologies, LLC)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [RDVCHG] C:\Program Files\Sprint\Sprint SmartView\RDVCHG.exe (C-motech Co.,Ltd)
O4 - HKLM..\Run: [Sprint SmartView] C:\Program Files\Sprint\Sprint SmartView\SprintSV.exe (Sprint)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll (Google Inc.)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} http://zone.msn.com/...UI.cab55579.cab (StagingUI Object)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} http://www.pogo.com/...erInstaller.CAB (Reg Error: Key error.)
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} http://zone.msn.com/...dy.cab55579.cab (MSN Games – Buddy Invite)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace....ploader1006.cab (Reg Error: Key error.)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail....NPUplden-us.cab (MSN Photo Upload Tool)
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} http://zone.msn.com/...at.cab55579.cab (ZonePAChat Object)
O16 - DPF: {64D01C7F-810D-446E-A07E-16C764235644} http://zone.msn.com/...t/atomaders.cab (AtlAtomadersCtlAttrib Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} https://www.battlefi...er_4.0.17.0.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} http://zone.msn.com/...he.cab75406.cab (MSN Games – Texas Holdem Poker)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...ro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} http://zone.msn.com/...xy.cab55579.cab (MSN Games – Game Communicator)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcp.../pcpitstop2.dll (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file:///C:/Windows/Java/classes/xmldso.cab (Reg Error: Key error.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Bill\Pictures\Grand Canyon\Clouds, Canyons, Rivers, Et.Al\GC 2-05\DSCN0415.JPG
O24 - Desktop BackupWallPaper: C:\Users\Bill\Pictures\Grand Canyon\Clouds, Canyons, Rivers, Et.Al\GC 2-05\DSCN0415.JPG
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O30 - LSA: Authentication Packages - (relog_ap) - C:\Windows\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2007/11/26 21:39:06 | 000,000,000 | ---D | M] - H:\autorun -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2008/01/20 21:34:27 | 000,000,000 | ---D | M]
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: midi - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\Windows\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.imaadpcm - C:\Windows\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\Windows\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\Windows\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\Windows\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.iyuv - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - C:\Windows\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\Windows\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.uyvy - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yuy2 - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvu9 - C:\Windows\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvyu - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\Windows\System32\msacm32.drv (Microsoft Corporation)

CREATERESTOREPOINT
Error creating restore point.

========== Files/Folders - Created Within 90 Days ==========

[2010/06/21 15:47:06 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Users\Bill\Desktop\OTL.exe
[2010/06/21 10:18:07 | 000,000,000 | ---D | C] -- C:\Users\Bill\Desktop\malware remover
[2010/06/18 18:55:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2010/06/18 18:47:38 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\Sprint
[2010/06/18 18:40:01 | 000,000,000 | ---D | C] -- C:\Program Files\Sierra Wireless
[2010/06/18 18:40:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PctelEapPeer Authentication
[2010/06/18 18:35:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Sprint
[2010/06/17 15:07:18 | 000,000,000 | ---D | C] -- C:\Program Files\Sierra Wireless(65)
[2010/06/17 15:07:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PctelEapPeer Authentication(17)
[2010/06/17 13:54:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Sprint(423)
[2010/06/04 03:00:28 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2010/05/14 16:03:16 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/05/14 16:02:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/05/14 16:02:00 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\Apple
[2010/05/14 16:01:58 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/05/09 11:17:56 | 000,444,416 | ---- | C] (OldTimer Tools) -- C:\Users\Bill\Desktop\TFC.exe
[2010/04/16 16:07:02 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/04/16 16:07:00 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\temp
[2010/04/16 15:55:16 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/04/16 14:12:27 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Local\Threat Expert
[2010/04/16 12:07:12 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010/04/16 12:07:12 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010/04/16 12:07:12 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010/04/16 11:39:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2010/04/16 11:23:34 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/04/14 16:19:28 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/04/14 14:40:11 | 000,093,056 | ---- | C] (GMER) -- C:\kxldqpod.sys
[2010/04/14 14:38:59 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/04/09 15:03:10 | 000,000,000 | ---D | C] -- C:\Program Files\jk
[2010/04/06 21:13:00 | 000,000,000 | ---D | C] -- C:\Users\Bill\2008-06-05
[2010/04/06 19:44:11 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/04/05 18:10:08 | 010,936,414 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\idtcpl.cpl
[2010/04/05 18:10:08 | 000,536,576 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\idtmini1.exe
[2010/04/05 18:08:40 | 000,404,992 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stcplx.dll
[2010/04/05 18:08:40 | 000,398,336 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\drivers\stwrt.sys
[2010/04/05 18:08:39 | 000,432,128 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stapi32.dll
[2010/04/05 18:08:39 | 000,171,520 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\st322000.dll
[2010/04/05 18:08:00 | 000,000,000 | ---D | C] -- C:\Program Files\AUD_allOS_D20001.0x_PV_IDTGUI_v105
[2010/04/05 17:27:35 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2010/04/05 17:27:28 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Roaming\SystemRequirementsLab
[2010/03/29 16:19:45 | 000,000,000 | ---D | C] -- C:\Users\Bill\Documents\03-29-2010
[2010/03/28 10:46:50 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2010/03/26 09:33:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\IOSUBSYS
[2010/03/26 09:29:32 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Downloads

========== Files - Modified Within 90 Days ==========

[2010/06/21 15:53:25 | 004,718,592 | ---- | M] () -- C:\Users\Bill\ntuser.dat
[2010/06/21 15:44:05 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/06/21 15:24:58 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{50C24095-7417-40BF-A356-78B4F9776159}.job
[2010/06/21 14:44:00 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/06/21 14:43:03 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\Kodak AiO Scheduled Maintenance.job
[2010/06/21 14:22:46 | 000,003,792 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/06/21 14:22:45 | 000,003,792 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/06/21 10:30:11 | 000,004,966 | ---- | M] () -- C:\Users\Bill\Documents\cc_20100621_102946.reg
[2010/06/21 10:28:05 | 000,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/06/21 10:28:05 | 000,595,446 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/06/21 10:28:05 | 000,101,144 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/06/21 10:22:48 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/06/21 10:22:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/06/21 10:19:58 | 000,524,288 | -HS- | M] () -- C:\Users\Bill\NTUSER.DAT{efb219f5-4998-11df-afa3-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms
[2010/06/21 10:19:58 | 000,065,536 | -HS- | M] () -- C:\Users\Bill\NTUSER.DAT{efb219f5-4998-11df-afa3-806e6f6e6963}.TM.blf
[2010/06/21 09:09:04 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Bill\Desktop\OTL.exe
[2010/06/18 19:08:07 | 003,828,568 | -H-- | M] () -- C:\Users\Bill\AppData\Local\IconCache.db
[2010/06/18 18:40:08 | 000,001,863 | ---- | M] () -- C:\Users\Public\Desktop\Sprint SmartView.lnk
[2010/06/18 18:22:37 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\DriverCure.job
[2010/06/18 18:08:33 | 000,524,288 | -HS- | M] () -- C:\Users\Bill\NTUSER.DAT{e6710975-7957-11df-9a54-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms
[2010/06/18 18:08:33 | 000,065,536 | -HS- | M] () -- C:\Users\Bill\NTUSER.DAT{e6710975-7957-11df-9a54-806e6f6e6963}.TM.blf
[2010/06/16 17:03:46 | 000,524,288 | -HS- | M] () -- C:\Users\Bill\NTUSER.DAT{e6710975-7957-11df-9a54-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms
[2010/06/05 18:00:00 | 000,000,440 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration.job
[2010/06/04 02:35:01 | 000,000,414 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version2.job
[2010/05/24 15:27:20 | 000,022,016 | ---- | M] () -- C:\Users\Bill\Documents\Meds.doc
[2010/05/14 16:03:24 | 000,001,686 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/05/09 11:53:38 | 000,008,940 | ---- | M] () -- C:\Users\Bill\Documents\may2010ccleaner.reg
[2010/05/09 11:17:58 | 000,444,416 | ---- | M] (OldTimer Tools) -- C:\Users\Bill\Desktop\TFC.exe
[2010/05/07 11:51:03 | 000,031,100 | R--- | M] () -- C:\Users\Bill\Desktop\Calvin.jpg
[2010/05/01 11:19:00 | 000,327,976 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/04/30 14:43:28 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/04/18 17:47:08 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010/04/16 18:53:40 | 000,138,056 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010/04/16 18:53:40 | 000,138,056 | ---- | M] () -- C:\Users\Bill\AppData\Roaming\PnkBstrK.sys
[2010/04/16 18:53:21 | 002,407,792 | ---- | M] () -- C:\Windows\System32\pbsvc_heroes.exe
[2010/04/16 16:05:05 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010/04/16 15:56:13 | 000,524,288 | -HS- | M] () -- C:\Users\Bill\NTUSER.DAT{efb219f5-4998-11df-afa3-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms
[2010/04/16 15:48:25 | 000,524,288 | -HS- | M] () -- C:\Users\Bill\NTUSER.DAT{178aa29b-4410-11df-8a3d-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms
[2010/04/16 15:48:25 | 000,065,536 | -HS- | M] () -- C:\Users\Bill\NTUSER.DAT{178aa29b-4410-11df-8a3d-806e6f6e6963}.TM.blf
[2010/04/14 15:18:33 | 000,083,160 | ---- | M] () -- C:\Users\Bill\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/04/14 14:40:11 | 000,093,056 | ---- | M] (GMER) -- C:\kxldqpod.sys
[2010/04/14 14:28:17 | 000,000,082 | ---- | M] () -- C:\Users\Bill\Documents\march142010.reg
[2010/04/13 15:47:10 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010/04/13 15:47:09 | 000,161,280 | ---- | M] () -- C:\Users\Bill\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/09 16:48:47 | 000,524,288 | -HS- | M] () -- C:\Users\Bill\NTUSER.DAT{178aa29b-4410-11df-8a3d-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms
[2010/04/09 15:26:03 | 000,001,923 | ---- | M] () -- C:\Users\Bill\Desktop\System Mechanic Professional.lnk
[2010/04/09 14:44:52 | 000,524,288 | -HS- | M] () -- C:\Users\Bill\NTUSER.DAT{a49ab418-3554-11df-8874-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms
[2010/04/09 14:44:52 | 000,065,536 | -HS- | M] () -- C:\Users\Bill\NTUSER.DAT{a49ab418-3554-11df-8874-806e6f6e6963}.TM.blf
[2010/04/07 16:51:36 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLdu.DAT
[2010/04/06 21:09:28 | 000,000,859 | ---- | M] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2010/04/03 19:39:45 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2010/04/03 15:30:22 | 000,001,630 | ---- | M] () -- C:\Users\Bill\Desktop\CCleaner.lnk
[2010/04/03 15:07:30 | 000,000,680 | ---- | M] () -- C:\Users\Bill\AppData\Local\d3d9caps.dat
[2010/03/29 13:44:59 | 000,024,576 | ---- | M] () -- C:\Users\Bill\Documents\BILL.doc
[2010/03/28 09:52:34 | 000,016,056 | ---- | M] () -- C:\Windows\System32\results.xml
[2010/03/26 09:32:59 | 000,000,772 | ---- | M] () -- C:\Users\Bill\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk

========== Files Created - No Company Name ==========

[2010/06/21 10:30:08 | 000,004,966 | ---- | C] () -- C:\Users\Bill\Documents\cc_20100621_102946.reg
[2010/06/18 18:40:08 | 000,001,863 | ---- | C] () -- C:\Users\Public\Desktop\Sprint SmartView.lnk
[2010/06/16 10:03:57 | 000,524,288 | -HS- | C] () -- C:\Users\Bill\NTUSER.DAT{e6710975-7957-11df-9a54-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms
[2010/06/16 10:03:57 | 000,524,288 | -HS- | C] () -- C:\Users\Bill\NTUSER.DAT{e6710975-7957-11df-9a54-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms
[2010/06/16 10:03:57 | 000,065,536 | -HS- | C] () -- C:\Users\Bill\NTUSER.DAT{e6710975-7957-11df-9a54-806e6f6e6963}.TM.blf
[2010/05/14 16:03:24 | 000,001,686 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/05/09 11:53:36 | 000,008,940 | ---- | C] () -- C:\Users\Bill\Documents\may2010ccleaner.reg
[2010/05/07 11:51:05 | 000,031,100 | R--- | C] () -- C:\Users\Bill\Desktop\Calvin.jpg
[2010/04/16 18:53:40 | 000,138,056 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010/04/16 18:53:40 | 000,138,056 | ---- | C] () -- C:\Users\Bill\AppData\Roaming\PnkBstrK.sys
[2010/04/16 18:53:24 | 000,189,248 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2010/04/16 18:53:21 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2010/04/16 18:53:20 | 002,407,792 | ---- | C] () -- C:\Windows\System32\pbsvc_heroes.exe
[2010/04/16 15:49:43 | 000,524,288 | -HS- | C] () -- C:\Users\Bill\NTUSER.DAT{efb219f5-4998-11df-afa3-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms
[2010/04/16 15:49:43 | 000,524,288 | -HS- | C] () -- C:\Users\Bill\NTUSER.DAT{efb219f5-4998-11df-afa3-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms
[2010/04/16 15:49:43 | 000,065,536 | -HS- | C] () -- C:\Users\Bill\NTUSER.DAT{efb219f5-4998-11df-afa3-806e6f6e6963}.TM.blf
[2010/04/16 12:07:12 | 000,261,632 | ---- | C] () -- C:\Windows\PEV.exe
[2010/04/16 12:07:12 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/04/16 12:07:12 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/04/16 12:07:12 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010/04/16 12:07:12 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/04/14 14:28:17 | 000,000,082 | ---- | C] () -- C:\Users\Bill\Documents\march142010.reg
[2010/04/09 14:46:13 | 000,524,288 | -HS- | C] () -- C:\Users\Bill\NTUSER.DAT{178aa29b-4410-11df-8a3d-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms
[2010/04/09 14:46:13 | 000,524,288 | -HS- | C] () -- C:\Users\Bill\NTUSER.DAT{178aa29b-4410-11df-8a3d-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms
[2010/04/09 14:46:13 | 000,065,536 | -HS- | C] () -- C:\Users\Bill\NTUSER.DAT{178aa29b-4410-11df-8a3d-806e6f6e6963}.TM.blf
[2010/04/05 18:05:40 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2010/04/05 18:05:40 | 000,121,232 | ---- | C] () -- C:\Windows\System32\IScrNB.bmp
[2010/04/03 15:07:30 | 000,000,680 | ---- | C] () -- C:\Users\Bill\AppData\Local\d3d9caps.dat
[2010/03/28 09:59:53 | 000,001,904 | ---- | C] () -- C:\Windows\System32\SetupBD.din
[2010/03/28 09:52:34 | 000,016,056 | ---- | C] () -- C:\Windows\System32\results.xml
[2010/03/26 09:32:59 | 000,000,859 | ---- | C] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2010/03/26 09:32:59 | 000,000,772 | ---- | C] () -- C:\Users\Bill\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk
[2010/03/17 22:47:46 | 000,073,216 | RHS- | C] () -- C:\Windows\System32\PCTINDIS5N.dll
[2009/12/02 13:12:46 | 000,028,288 | ---- | C] () -- C:\Windows\System32\drivers\swmsflt.sys
[2009/10/23 13:40:01 | 000,012,800 | ---- | C] () -- C:\Windows\System32\EKDeviceServices.dll
[2009/09/17 18:43:23 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2008/09/15 12:35:57 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008/09/10 15:40:49 | 000,000,137 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2008/05/20 14:32:41 | 002,315,688 | ---- | C] () -- C:\Windows\System32\Incinerator.dll
[2008/05/20 14:29:16 | 000,074,703 | ---- | C] () -- C:\Windows\System32\mfc45.dll
[2008/05/18 13:00:30 | 000,717,296 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2008/05/13 15:58:20 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/04/18 18:28:12 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1472.dll
[2008/02/11 19:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2008/01/02 10:57:36 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008/01/02 10:47:22 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2008/01/02 10:47:22 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2008/01/02 10:47:22 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== LOP Check ==========

[2008/10/28 11:54:48 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\App Launcher Gadget
[2009/05/15 23:38:06 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\Bytemobile
[2010/06/18 18:19:47 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\DAEMON Tools
[2010/06/18 18:19:47 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\DAEMON Tools Pro
[2010/03/21 20:37:22 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\DMCache
[2010/03/20 20:00:43 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\DriverCure
[2010/06/18 18:19:47 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\IDM
[2010/06/18 18:19:47 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\iolo
[2010/03/21 20:37:22 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\LimeWire
[2008/07/25 17:41:33 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\Nikon
[2008/06/14 18:29:04 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\Printer Info Cache
[2008/11/10 16:17:35 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\Sierra Wireless
[2008/09/17 09:38:40 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\Skinux
[2009/05/15 23:43:27 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\Sprint
[2010/06/18 18:19:48 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\SystemRequirementsLab
[2009/10/23 14:45:39 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\Temp
[2008/05/17 21:15:51 | 000,000,000 | ---D | M] -- C:\Users\Bill\AppData\Roaming\Template
[2010/06/18 18:22:37 | 000,000,378 | ---- | M] () -- C:\Windows\Tasks\DriverCure.job
[2010/06/05 18:00:00 | 000,000,440 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Registration.job
[2010/06/04 02:35:01 | 000,000,414 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Update Version2.job
[2010/06/21 10:19:59 | 000,032,628 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/06/21 15:24:58 | 000,000,416 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{50C24095-7417-40BF-A356-78B4F9776159}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2006/09/18 16:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/04/11 01:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2008/05/09 04:51:22 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2010/04/16 16:06:58 | 000,025,105 | ---- | M] () -- C:\ComboFix.txt
[2010/04/16 12:21:07 | 000,027,463 | ---- | M] () -- C:\combofixlog.txt
[2006/09/18 16:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2010/06/18 18:42:09 | 002,162,574 | ---- | M] () -- C:\drivers.log
[2008/10/10 17:22:16 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/04/14 14:40:11 | 000,093,056 | ---- | M] (GMER) -- C:\kxldqpod.sys
[2010/05/09 11:20:55 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt
[2008/10/10 17:22:16 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/04/18 14:51:48 | 000,000,686 | ---- | M] () -- C:\OTLspec.txt
[2010/06/21 10:22:01 | 3789,033,472 | -HS- | M] () -- C:\pagefile.sys
[2010/04/16 11:42:51 | 000,000,350 | ---- | M] () -- C:\rkill.log
[2008/03/14 10:34:50 | 000,000,405 | ---- | M] () -- C:\sysprep.xml

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2009/07/31 14:58:00 | 000,192,512 | ---- | M] (Eastman Kodak Company) -- C:\Windows\System32\spool\prtprocs\w32x86\EKIJ5000PPR.dll
[2006/11/02 07:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2007/04/09 13:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\mdippr.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009/03/08 06:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009/03/08 06:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2010/03/17 22:47:46 | 000,073,216 | RHS- | M] () Unable to obtain MD5 -- C:\Windows\System32\PCTINDIS5N.dll
[2009/04/11 01:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009/04/11 01:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2008/01/20 22:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008/01/20 22:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008/01/20 22:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 05:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 05:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\user32.dll /md5 >
[2009/04/11 01:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll

< %systemroot%\system32\ws2_32.dll /md5 >
[2008/01/20 21:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ws2_32.dll

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

========== Alternate Data Streams ==========

@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8
< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP