Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Laptop Acting Buggy


  • Please log in to reply

#1
asolarpc

asolarpc

    Member

  • Member
  • PipPip
  • 34 posts
Hi, I am not sure what happened but last week my laptop started making a funny noise and then went into a blue screen dumping the physical memory. I coudl nto reboot it or anything until the next morning and then it ran "oddly", like soemthing was controlling all the resources, and then I got the same blue screen dumpng physical memory again. I finally was able to get Chkdsk to run but it took me three tries. I ahve had this laptop on all day today and it seems to be "ok" but the mouse seems jerky, as indicated by the cursor on the screen.

So, I am wondering if perhaps I have a virus or something again. Thanks for checking out the logs and letting me know what is going on. Also, anything referencing "kristal" can be changed or removed. Kristal was a hotel I lived at for 9 months back in 2008 - 2009 and I am not sure how "kristal got used as a naming convention.
  • 0

Advertisements


#2
asolarpc

asolarpc

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
TFC log

TFC Log, 07-31-10, 0605, (copied from TFC window)

Getting user folders.

Stopping running processes.

Emptying Temp folders.


User: Administrator
->Temp folder emptied: 7807360 bytes
->Temporary Internet Files folder emptied: 701691 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 52142 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: user
->Temp folder emptied: 96476214 bytes
->Temporary Internet Files folder emptied: 2048423 bytes
->Java cache emptied: 15269 bytes
->Flash cache emptied: 6102 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 90112 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 805180 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes

Emptying RecycleBin. Do not interrupt.

RecycleBin emptied: 3063219 bytes
Process complete!

Total Files Cleaned = 106.00 mb
  • 0

#3
asolarpc

asolarpc

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
MBAM log

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4310

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

7/31/2010 11:26:32 AM
mbam-log-2010-07-31 (11-26-32).txt

Scan type: Full scan (C:\|D:\|E:\|)
Objects scanned: 213746
Time elapsed: 5 hour(s), 12 minute(s), 51 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
  • 0

#4
asolarpc

asolarpc

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
GMER log

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-07-31 21:25:17
Windows 5.1.2600 Service Pack 3
Running: cti5r725.exe; Driver: C:\DOCUME~1\user\LOCALS~1\Temp\kwtyapod.sys


---- User code sections - GMER 1.0.15 ----

.text C:\WINDOWS\system32\SearchIndexer.exe[332] kernel32.dll!WriteFile 7C810E27 7 Bytes JMP 00585C0C C:\WINDOWS\system32\MSSRCH.DLL (mssrch.dll/Microsoft Corporation)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[2052] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [008B2E70] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[2052] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [008B2C30] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[2052] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [008B2C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[2052] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [008B2C40] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----
  • 0

#5
asolarpc

asolarpc

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
otl log

OTL logfile created on: 7/31/2010 9:28:12 PM - Run 4
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Documents and Settings\user\Desktop\Downloads\Geeks to go\Fifth
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 58.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.89 Gb Total Space | 12.57 Gb Free Space | 22.49% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 1.92 Gb Total Space | 1.92 Gb Free Space | 100.00% Space Free | Partition Type: FAT
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: KRISTALAPTS
Current User Name: user
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 360 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/07/13 22:10:44 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\desktop\Downloads\Geeks to go\Fifth\OTL.exe
PRC - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2010/03/25 21:40:42 | 000,203,312 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MpCmdRun.exe
PRC - [2008/09/12 21:37:41 | 000,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2010/07/13 22:10:44 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\desktop\Downloads\Geeks to go\Fifth\OTL.exe
MOD - [2008/04/13 18:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe -- (RoxLiveShare9)
SRV - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008/09/12 21:37:41 | 000,611,664 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice)
SRV - [2008/05/29 18:57:22 | 000,198,184 | ---- | M] (ActivIdentity) [Auto | Stopped] -- C:\Program Files\ActivIdentity\ActivClient\accoca.exe -- (accoca)
SRV - [2006/06/26 10:33:56 | 000,091,696 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2006/06/26 10:33:42 | 000,099,888 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- c:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2003/03/13 21:44:22 | 000,049,152 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service)
SRV - [2002/09/20 17:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Stopped] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))
SRV - [2002/08/29 06:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\tcpsvcs.exe -- (SimpTcp)
SRV - [2001/09/10 20:08:50 | 000,032,256 | ---- | M] (C-Dilla Ltd) [Disabled | Stopped] -- C:\WINDOWS\system32\drivers\CDANTSRV.EXE -- (C-DillaSrv)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS -- (MRESP50)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS -- (MREMP50)
DRV - [2010/03/25 21:30:22 | 000,151,216 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\MpFilter.sys -- (MpFilter)
DRV - [2009/05/21 15:00:00 | 000,057,984 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SCR3XX2K.sys -- (SCR3XX2K)
DRV - [2009/03/25 06:29:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/04/13 12:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/13 12:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008/04/13 12:46:20 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\61883.sys -- (61883)
DRV - [2008/04/13 12:46:20 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avc.sys -- (Avc)
DRV - [2008/04/13 12:46:09 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msdv.sys -- (MSDV)
DRV - [2008/04/13 12:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2006/06/26 10:33:40 | 000,023,472 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2006/06/26 10:33:36 | 001,952,816 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2006/06/26 10:33:28 | 001,587,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2006/06/22 16:29:46 | 000,038,960 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2006/06/22 16:29:28 | 000,720,176 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV302AV.SYS -- (PID_08A0) Logitech QuickCam IM(PID_08A0)
DRV - [2006/06/22 16:29:27 | 000,012,080 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lv302af.sys -- (pepifilter)
DRV - [2004/05/21 11:16:50 | 000,245,760 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CamDrL20.sys -- (PhilCam8116_XP) Logitech QuickCam Pro 3000(PID_08B1)
DRV - [2004/03/10 06:42:24 | 000,012,953 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\itchfltr.sys -- (itchfltr)
DRV - [2004/03/03 02:50:00 | 000,037,887 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidUsb.sys -- (LHidUsb)
DRV - [2004/03/03 02:50:00 | 000,014,095 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LCcfltr.sys -- (LCcfltr)
DRV - [2003/11/01 15:59:29 | 000,011,861 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) WPA Security Protocol (IEEE 802.1x)
DRV - [2003/10/15 11:07:38 | 000,012,288 | R--- | M] (Matsushita Electric Industrial Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mtdv2ku2.sys -- (MTDVC2)
DRV - [2003/10/11 02:39:52 | 000,011,648 | R--- | M] (Matsushita Electric Industrial Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mtdv2ks2.sys -- (MTDVC2_ENUM)
DRV - [2003/07/29 15:25:52 | 000,322,720 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2003/04/24 17:39:38 | 000,248,448 | ---- | M] (Trident Microsystems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tridxpm.sys -- (tridxp)
DRV - [2003/02/14 12:59:14 | 001,169,792 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2003/02/12 11:03:54 | 000,015,143 | ---- | M] (TOSHIBA) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tossdpci.sys -- (pciSd)
DRV - [2003/02/10 18:27:12 | 000,025,888 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tsdhd.sys -- (tsdhd)
DRV - [2003/01/31 18:45:56 | 000,090,416 | ---- | M] (Matsushita Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf)
DRV - [2002/12/13 01:41:48 | 000,099,577 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2002/12/10 04:53:24 | 000,236,121 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CamDrL21.sys -- (PhilCam8116) Logitech QuickCam Pro 3000(PID_08B0)
DRV - [2002/11/08 03:50:00 | 000,070,238 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lmouflt2.sys -- (LMouFlt2)
DRV - [2002/11/08 03:50:00 | 000,023,838 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHIDFLT2.SYS -- (LHidFlt2)
DRV - [2002/10/04 11:04:10 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2002/09/02 14:16:36 | 000,026,880 | ---- | M] (ALi Corporation.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ALiAGP.sys -- (ALiAGP)
DRV - [2002/08/29 06:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2002/08/29 06:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2002/08/29 06:00:00 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2002/08/28 17:00:48 | 000,231,552 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ac97ali.sys -- (aliadwdm)
DRV - [2002/08/28 16:59:26 | 000,154,624 | ---- | M] (Lucent Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wlluc48.sys -- (wlluc48)
DRV - [2002/08/22 02:42:00 | 000,057,088 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\stc2.sys -- (SCRx31 USB Reader)
DRV - [2002/06/28 17:29:12 | 000,156,672 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wlags48b.sys -- (wlags48b)
DRV - [2002/06/21 00:53:28 | 000,005,300 | ---- | M] (Toshiba Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\TVALD.SYS -- (TVALD)
DRV - [2002/01/24 15:43:40 | 000,006,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tbiosdrv.sys -- (TBiosDrv)
DRV - [2001/12/18 00:54:32 | 000,026,112 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aliirda.sys -- (ALiIRDA)
DRV - [2001/09/13 20:53:02 | 000,005,936 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\TVALG.SYS -- (TVALG)
DRV - [2001/09/10 20:09:46 | 000,057,392 | ---- | M] (Macrovision) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CDANT.SYS -- (C-Dilla)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.toshiba.com
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.toshiba.com
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1269710847-3187388976-795915168-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\S-1-5-21-1269710847-3187388976-795915168-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo....=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-1269710847-3187388976-795915168-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\S-1-5-21-1269710847-3187388976-795915168-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1269710847-3187388976-795915168-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>



O1 HOSTS File: ([2010/07/18 13:03:09 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1269710847-3187388976-795915168-1005\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-1269710847-3187388976-795915168-1005\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [accrdsub] C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity)
O4 - HKLM..\Run: [HughesNetTools_McciTrayApp] C:\Program Files\HughesNetTools\1\McciTrayApp_SSR.exe File not found
O4 - HKLM..\Run: [Logitech Utility] C:\WINDOWS\LOGI_MWX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe (Logitech Inc.)
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PmProxy] C:\Program Files\Analog Devices\SoundMAX\PmProxy.exe (adi)
O4 - HKLM..\Run: [TouchED] C:\Program Files\Toshiba\TouchED\TouchED.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Tpwrtray] C:\WINDOWS\System32\TPWRTRAY.EXE (TOSHIBA Corporation)
O4 - HKU\S-1-5-21-1269710847-3187388976-795915168-1005..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1269710847-3187388976-795915168-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1269710847-3187388976-795915168-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1269710847-3187388976-795915168-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1269710847-3187388976-795915168-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKU\S-1-5-21-1269710847-3187388976-795915168-1005\..Trusted Domains: ([]msn in My Computer)
O15 - HKU\S-1-5-21-1269710847-3187388976-795915168-1005\..Trusted Domains: af.mil ([*.plk] https in Trusted sites)
O15 - HKU\S-1-5-21-1269710847-3187388976-795915168-1005\..Trusted Domains: af.mil ([afrl] https in Trusted sites)
O15 - HKU\S-1-5-21-1269710847-3187388976-795915168-1005\..Trusted Domains: af.mil ([kirtland.afrl] https in Trusted sites)
O15 - HKU\S-1-5-21-1269710847-3187388976-795915168-1005\..Trusted Domains: af.mil ([outlook.plk] https in Trusted sites)
O15 - HKU\S-1-5-21-1269710847-3187388976-795915168-1005\..Trusted Domains: af.mil ([webmail.kirtland] https in Trusted sites)
O15 - HKU\S-1-5-21-1269710847-3187388976-795915168-1005\..Trusted Domains: compuserve.com ([login] http in Trusted sites)
O15 - HKU\S-1-5-21-1269710847-3187388976-795915168-1005\..Trusted Domains: microsoft.com ([*.update] http in Trusted sites)
O15 - HKU\S-1-5-21-1269710847-3187388976-795915168-1005\..Trusted Domains: microsoft.com ([*.update] https in Trusted sites)
O15 - HKU\S-1-5-21-1269710847-3187388976-795915168-1005\..Trusted Domains: windowsupdate.com ([download] http in Trusted sites)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1232364992522 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1220308917567 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} http://tools.ebayimg...l_v1-0-29-0.cab (EPUImageControl Class)
O16 - DPF: {CAEAFE12-7726-4C39-B620-2601216CFBB5} http://phughescw.hug.../Mcci_6-1-0.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 67.142.171.10 67.142.171.11
O18 - Protocol\Handler\x-excid {9D6CC632-1337-4a33-9214-2DA092E776F4} - c:\WINDOWS\Downloaded Program Files\mimectl.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ackpbsc: DllName - C:\WINDOWS\system32\ackpbsc.dll - C:\WINDOWS\system32\ackpbsc.dll (ActivIdentity)
O20 - Winlogon\Notify\acunlock: DllName - C:\Program Files\ActivIdentity\ActivClient\acunlock.dll - C:\Program Files\ActivIdentity\ActivClient\acunlock.dll (ActivIdentity)
O24 - Desktop WallPaper: C:\WINDOWS\Toshiba.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Toshiba.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 360 Days ==========

[2010/07/27 03:43:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/07/27 03:42:33 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010/07/27 03:42:33 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/07/27 03:42:33 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/07/27 03:42:33 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/07/25 20:03:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Desktop\Pictures 2010-07-25
[2010/07/18 21:44:59 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/07/18 13:13:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010/07/18 00:14:00 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/07/14 22:47:58 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2010/07/13 22:55:39 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2010/07/13 22:37:14 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials
[2010/07/11 14:30:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/07/11 14:30:00 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/07/11 12:52:02 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/07/08 22:36:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Desktop\Utilities
[2010/07/08 22:34:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Desktop\Games
[2010/07/08 22:33:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Desktop\HughesNet
[2010/07/08 22:27:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\My Documents\PowerPoint Documents
[2010/07/08 22:24:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\My Documents\Adobe Documents
[2010/07/08 22:23:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\My Documents\Word Documents
[2010/07/08 22:21:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\My Documents\Excel Documents
[2010/07/08 01:48:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/07/08 01:48:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/06/10 19:33:50 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2010/05/08 00:43:30 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
[2010/04/19 23:30:08 | 000,285,696 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll
[2010/03/31 20:41:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\My Documents\jk marsh
[2010/03/31 00:16:34 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\PresentationHostProxy.dll
[2010/03/31 00:10:40 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\PresentationHost.exe
[2010/03/25 21:30:22 | 000,151,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MpFilter.sys
[2010/03/11 21:43:22 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2010/03/06 16:37:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\Motive
[2010/03/06 16:37:26 | 000,528,384 | ---- | C] (Motive Communications, Inc.) -- C:\WINDOWS\System32\McciExecute.exe
[2010/03/06 16:34:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Motive
[2010/03/06 16:34:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Motive
[2010/03/05 08:37:40 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asycfilt.dll
[2010/02/28 01:05:12 | 000,000,000 | ---D | C] -- C:\Downloads
[2010/02/11 22:33:11 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\6to4svc.dll
[2010/01/13 19:59:27 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2010/01/13 08:01:25 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cabview.dll
[2010/01/09 17:47:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\My Documents\lottery
[2010/01/08 22:29:10 | 000,000,000 | R-SD | C] -- C:\Documents and Settings\user\My Documents\My Stationery
[2010/01/07 03:49:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2010/01/05 00:32:26 | 000,000,000 | ---D | C] -- C:\Program Files\HughesNetStatusMeter
[2010/01/04 20:58:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010/01/04 20:53:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Adobe
[2010/01/04 20:53:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2009/12/24 00:59:40 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wintrust.dll
[2009/12/16 12:43:27 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2009/12/14 01:08:23 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csrsrv.dll
[2009/11/27 11:11:44 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msyuv.dll
[2009/11/27 10:07:35 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvidc32.dll
[2009/11/27 10:07:35 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsbyuv.dll
[2009/11/27 10:07:34 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iyuv_32.dll
[2009/11/27 10:07:34 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrle32.dll
[2009/11/15 15:52:57 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2009/11/15 15:52:46 | 000,230,912 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMLM9I.DLL
[2009/11/15 15:52:42 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\CanonIJ Uninstaller Information
[2009/11/15 15:52:32 | 001,323,008 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC190C.DLL
[2009/11/15 15:52:32 | 000,200,704 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC190L.DLL
[2009/11/15 15:52:32 | 000,188,416 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNC190O.DLL
[2009/11/15 15:52:32 | 000,098,304 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC190I.DLL
[2009/11/15 15:52:16 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2009/11/15 15:28:59 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys
[2009/11/15 01:05:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ActivIdentity
[2009/11/15 01:05:43 | 000,000,000 | ---D | C] -- C:\Program Files\ActivIdentity
[2009/11/14 15:04:36 | 000,000,000 | ---D | C] -- C:\Program Files\SCM Microsystems
[2009/11/14 14:58:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2009/11/08 01:44:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\Malwarebytes
[2009/11/08 01:44:10 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/11/08 01:44:08 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/11/08 01:44:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/11/08 01:44:08 | 000,000,000 | ---D | C] -- C:\Program Files\kazMalwarebytes' Anti-Malware
[2009/11/08 01:38:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\Recent
[2009/11/08 01:34:38 | 000,000,000 | ---D | C] -- C:\Program Files\kazCCleaner
[2009/11/08 01:30:49 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/11/07 01:07:08 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netfxperf.dll
[2009/10/20 23:38:36 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\strmfilt.dll
[2009/10/20 23:38:36 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpapi.dll
[2009/10/20 10:20:16 | 000,265,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\http.sys
[2009/10/13 04:30:16 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oakley.dll
[2009/10/12 07:38:19 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rastls.dll
[2009/10/12 07:38:18 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\raschap.dll
[2009/10/05 06:14:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
[2009/10/04 16:26:23 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft
[2009/10/03 09:57:25 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache
[2009/10/03 06:30:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Citrix
[2009/09/29 23:23:52 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\user\IECompatCache
[2009/09/26 10:46:34 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\user\PrivacIE
[2009/09/26 10:43:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\Windows Search
[2009/09/26 10:37:36 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\user\IETldCache
[2009/09/26 10:15:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2009/09/26 10:00:56 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009/09/26 09:10:33 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2009/09/26 09:07:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\Windows Desktop Search
[2009/09/26 09:04:37 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Desktop Search
[2009/09/26 09:04:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\GroupPolicy
[2009/09/26 09:01:48 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mimefilt.dll
[2009/09/26 09:01:47 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nlhtml.dll
[2009/09/26 09:01:44 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\offfilt.dll
[2009/09/26 09:00:15 | 000,016,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2009/09/26 08:57:08 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2009/09/26 08:25:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Tracing
[2009/09/26 08:25:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft
[2009/09/26 00:04:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office Outlook Connector
[2009/09/26 00:01:23 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2009/09/25 23:33:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2009/09/25 23:31:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2009/09/25 23:30:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2009/09/25 07:35:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2009/09/25 03:21:03 | 000,730,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/09/25 03:20:57 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2009/09/25 03:20:51 | 002,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2009/09/25 03:20:41 | 002,024,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2009/09/25 03:09:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009/09/25 00:44:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2009/09/25 00:44:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2009/09/25 00:44:21 | 000,000,000 | ---D | C] -- C:\Program Files\msn
[2009/09/25 00:44:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2009/09/25 00:04:54 | 000,455,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2009/09/24 23:59:29 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2009/09/24 23:59:04 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2009/09/24 23:58:33 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2009/09/24 23:58:18 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2009/09/24 23:58:16 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll
[2009/09/24 23:58:14 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll
[2009/09/24 23:58:13 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2009/09/24 23:58:12 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2009/09/24 23:58:04 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll
[2009/09/24 23:57:46 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2009/09/24 23:57:46 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2009/09/24 23:57:45 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2009/09/24 23:57:43 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2009/09/24 23:57:42 | 001,372,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2009/09/24 23:57:38 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2009/09/24 23:57:38 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2009/09/24 23:57:12 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2009/09/24 23:57:12 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2009/09/24 23:57:12 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2009/09/24 23:57:12 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2009/09/24 23:56:51 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2009/09/24 23:56:50 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2009/09/24 23:56:50 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2009/09/24 23:56:49 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2009/09/24 23:56:48 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2009/09/24 23:56:29 | 000,144,384 | ---- | C] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\System32\drivers\hdaudbus.sys
[2009/09/24 23:56:18 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2009/09/24 23:56:18 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll
[2009/09/24 23:56:18 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2009/09/24 23:56:18 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2009/09/24 23:56:18 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll
[2009/09/24 23:56:17 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2009/09/24 23:56:17 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll
[2009/09/24 23:56:10 | 000,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2009/09/24 23:56:10 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2009/09/24 23:56:10 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2009/09/24 23:56:10 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2009/09/24 23:56:10 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll
[2009/09/24 23:56:10 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll
[2009/09/24 23:56:07 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2009/09/24 23:56:07 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2009/09/24 23:55:54 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2009/09/24 23:55:54 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2009/09/24 23:55:42 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2009/09/24 23:32:13 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2009/09/24 22:21:22 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2009/09/24 22:20:13 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll
[2009/09/24 22:17:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Application Data\Temp
[2009/09/23 22:00:44 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2009/09/23 21:56:42 | 000,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2009/09/23 21:56:42 | 000,016,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2009/09/04 15:03:36 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msasn1.dll

========== Files - Modified Within 360 Days ==========

[2010/07/31 13:33:10 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/07/31 03:43:31 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/07/31 03:42:17 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/07/31 03:41:39 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/07/29 21:14:27 | 009,437,184 | ---- | M] () -- C:\Documents and Settings\user\NTUSER.DAT
[2010/07/29 21:14:27 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\user\ntuser.ini
[2010/07/29 21:14:08 | 005,346,822 | -H-- | M] () -- C:\Documents and Settings\user\Local Settings\Application Data\IconCache.db
[2010/07/28 01:14:21 | 000,088,576 | ---- | M] () -- C:\Documents and Settings\user\Desktop\FE983100
[2010/07/27 03:41:57 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/07/27 03:41:57 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/07/27 03:41:57 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/07/27 03:41:57 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/07/27 03:41:56 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010/07/26 21:43:07 | 015,431,569 | ---- | M] () -- C:\Documents and Settings\user\Desktop\34875390-J-Parsson-Dying-of-Money.pdf
[2010/07/25 20:05:18 | 000,009,728 | ---- | M] () -- C:\Documents and Settings\user\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/18 13:04:04 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/07/18 13:03:09 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/07/18 07:38:28 | 678,577,152 | ---- | M] () -- C:\Documents and Settings\user\My Documents\PersonalHD.pst
[2010/07/18 07:38:28 | 650,134,528 | ---- | M] () -- C:\Documents and Settings\user\My Documents\PersonalHD2.pst
[2010/07/18 00:14:09 | 000,000,282 | RHS- | M] () -- C:\boot.ini
[2010/07/17 23:17:59 | 000,046,080 | ---- | M] () -- C:\Documents and Settings\user\My Documents\okoboji Invoice 2010-07-17.doc
[2010/07/16 21:41:20 | 000,044,032 | ---- | M] () -- C:\Documents and Settings\user\Desktop\geekstogo.doc
[2010/07/13 22:38:40 | 000,069,872 | ---- | M] () -- C:\Documents and Settings\user\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/07/13 22:37:17 | 000,000,830 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Security Essentials.lnk
[2010/07/08 22:02:42 | 000,411,956 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100708-220313.backup
[2010/06/27 03:06:02 | 000,537,534 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/06/27 03:06:02 | 000,466,984 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/06/27 03:06:02 | 000,080,176 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/06/14 08:31:20 | 000,744,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2010/06/11 03:57:15 | 000,271,784 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/06/11 03:40:35 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/06/11 03:38:51 | 000,000,760 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/06/01 11:37:48 | 000,221,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2010/05/06 04:41:53 | 000,916,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2010/05/06 04:41:52 | 005,950,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2010/05/06 04:41:52 | 001,209,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2010/05/06 04:41:52 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
[2010/05/06 04:41:52 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2010/05/06 04:41:52 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
[2010/05/06 04:41:51 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[2010/05/06 04:41:51 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2010/05/06 04:41:51 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
[2010/05/06 04:41:51 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2010/05/06 04:41:51 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
[2010/05/06 04:41:51 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2010/05/06 04:41:50 | 001,985,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2010/05/06 04:41:50 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl
[2010/05/06 04:41:50 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
[2010/05/06 04:41:50 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
[2010/05/06 04:41:50 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2010/05/06 04:41:49 | 011,076,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2010/05/06 04:41:48 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2010/05/06 04:41:48 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll
[2010/05/06 04:41:48 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
[2010/05/05 07:30:57 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2010/05/05 07:30:57 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[2010/05/01 23:22:50 | 001,851,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys
[2010/05/01 23:22:50 | 001,851,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/26 15:58:12 | 000,256,512 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2010/04/19 23:30:08 | 000,285,696 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll
[2010/04/19 23:30:08 | 000,285,696 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\atmfd.dll
[2010/04/14 22:53:06 | 000,056,756 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/04/06 04:52:46 | 002,462,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WMVCore.dll
[2010/04/06 04:52:46 | 002,462,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\WMVCore.dll
[2010/03/31 00:16:34 | 000,099,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\PresentationHostProxy.dll
[2010/03/31 00:10:40 | 000,295,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\PresentationHost.exe
[2010/03/25 21:30:22 | 000,151,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MpFilter.sys
[2010/03/14 09:33:56 | 000,006,733 | ---- | M] () -- C:\Documents and Settings\user\My Documents\lollipop.htm
[2010/03/10 00:15:52 | 000,420,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\vbscript.dll
[2010/03/10 00:15:52 | 000,420,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vbscript.dll
[2010/03/05 08:37:40 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asycfilt.dll
[2010/03/05 08:37:40 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\asycfilt.dll
[2010/02/24 07:11:07 | 000,455,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2010/02/17 09:10:28 | 002,189,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntoskrnl.exe
[2010/02/17 09:10:28 | 002,189,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2010/02/16 08:08:49 | 002,146,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2010/02/16 07:25:04 | 002,066,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntkrnlpa.exe
[2010/02/16 07:25:04 | 002,066,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2010/02/16 07:25:04 | 002,024,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2010/02/11 22:33:11 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\6to4svc.dll
[2010/02/11 06:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tcpip6.sys
[2010/02/11 06:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpip6.sys
[2010/02/05 12:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\System32\quartz.dll
[2010/02/05 12:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\System32\dllcache\quartz.dll
[2010/01/29 09:01:30 | 000,691,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2010/01/29 08:43:39 | 000,307,260 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\l3codeca.acm
[2010/01/29 08:43:39 | 000,143,422 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\l3codecx.ax
[2010/01/13 08:01:25 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cabview.dll
[2009/12/31 10:50:03 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2009/12/24 00:59:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wintrust.dll
[2009/12/16 12:43:27 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2009/12/16 12:43:27 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2009/12/14 01:08:23 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csrsrv.dll
[2009/12/14 01:08:23 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\csrsrv.dll
[2009/12/08 23:53:44 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jscript.dll
[2009/12/08 23:53:44 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jscript.dll
[2009/12/08 03:23:28 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shlwapi.dll
[2009/11/27 11:11:44 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msyuv.dll
[2009/11/27 10:07:35 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvidc32.dll
[2009/11/27 10:07:35 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsbyuv.dll
[2009/11/27 10:07:34 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avifil32.dll
[2009/11/27 10:07:34 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\avifil32.dll
[2009/11/27 10:07:34 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iyuv_32.dll
[2009/11/27 10:07:34 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrle32.dll
[2009/11/21 09:51:42 | 001,206,508 | ---- | M] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/11/21 09:51:04 | 000,471,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2009/11/14 15:06:53 | 000,000,880 | ---- | M] () -- C:\WINDOWS\HBCIKRNL.INI
[2009/11/08 15:27:19 | 000,000,668 | ---- | M] () -- C:\Documents and Settings\user\My Documents\46679 Carnegie Bay Rd, Alexandria Bay, NY 13607.kmz
[2009/11/07 01:07:08 | 000,049,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netfxperf.dll
[2009/10/25 06:11:34 | 000,077,312 | ---- | M] () -- C:\WINDOWS\MBR.exe
[2009/10/23 09:28:37 | 003,558,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2009/10/20 23:38:36 | 000,075,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\strmfilt.dll
[2009/10/20 23:38:36 | 000,075,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\strmfilt.dll
[2009/10/20 23:38:36 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\httpapi.dll
[2009/10/20 23:38:36 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpapi.dll
[2009/10/20 10:20:16 | 000,265,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\http.sys
[2009/10/15 10:28:26 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\t2embed.dll
[2009/10/15 10:28:26 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll
[2009/10/15 10:28:26 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fontsub.dll
[2009/10/15 10:28:26 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll
[2009/10/13 04:30:16 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\oakley.dll
[2009/10/13 04:30:16 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oakley.dll
[2009/10/12 07:38:19 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rastls.dll
[2009/10/12 07:38:19 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rastls.dll
[2009/10/12 07:38:18 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\raschap.dll
[2009/10/12 07:38:18 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\raschap.dll
[2009/09/26 12:17:30 | 000,335,291 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100708-220242.backup
[2009/09/26 12:14:12 | 000,335,291 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20090926-121730.backup
[2009/09/26 12:07:28 | 000,335,291 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20090926-121412.backup
[2009/09/26 08:58:42 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2009/09/26 08:58:42 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2009/09/26 00:01:16 | 000,000,020 | ---- | M] () -- C:\WINDOWS\˙ZÁ
[2009/09/25 07:40:35 | 000,000,067 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2009/09/25 03:10:52 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2009/09/25 00:34:24 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2009/09/11 08:18:39 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msv1_0.dll
[2009/09/04 15:03:36 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msasn1.dll
[2009/08/26 02:00:21 | 000,247,326 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\strmdll.dll
[2009/08/26 02:00:21 | 000,247,326 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\strmdll.dll
[2009/08/25 03:17:27 | 000,354,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhttp.dll
[2009/08/06 20:24:18 | 000,327,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2009/08/06 20:24:18 | 000,327,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2009/08/06 20:24:18 | 000,209,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2009/08/06 20:24:18 | 000,021,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll.mui
[2009/08/06 20:24:12 | 000,015,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl.mui
[2009/08/06 20:24:10 | 000,217,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2009/08/06 20:24:10 | 000,044,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wups2.dll
[2009/08/06 20:24:10 | 000,035,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2009/08/06 20:24:10 | 000,035,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2009/08/06 20:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2009/08/06 20:24:06 | 000,015,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2009/08/06 20:24:04 | 000,096,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdm.dll
[2009/08/06 20:24:04 | 000,096,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cdm.dll
[2009/08/06 20:24:00 | 000,017,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll.mui
[2009/08/06 20:23:54 | 000,575,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2009/08/06 20:23:54 | 000,575,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2009/08/06 20:23:46 | 001,929,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2009/08/06 20:23:46 | 000,274,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2009/08/06 20:23:46 | 000,016,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui

========== Files Created - No Company Name ==========

[2010/07/28 01:14:21 | 000,088,576 | ---- | C] () -- C:\Documents and Settings\user\Desktop\FE983100
[2010/07/26 21:43:07 | 015,431,569 | ---- | C] () -- C:\Documents and Settings\user\Desktop\34875390-J-Parsson-Dying-of-Money.pdf
[2010/07/25 20:03:22 | 000,009,728 | ---- | C] () -- C:\Documents and Settings\user\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/18 00:14:09 | 000,000,212 | ---- | C] () -- C:\Boot.bak
[2010/07/18 00:14:03 | 000,260,272 | ---- | C] () -- C:\cmldr
[2010/07/17 23:59:17 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/07/17 23:59:17 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/07/17 23:17:58 | 000,046,080 | ---- | C] () -- C:\Documents and Settings\user\My Documents\okoboji Invoice 2010-07-17.doc
[2010/07/16 21:41:20 | 000,044,032 | ---- | C] () -- C:\Documents and Settings\user\Desktop\geekstogo.doc
[2010/07/13 22:37:17 | 000,000,830 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Security Essentials.lnk
[2010/04/14 22:53:06 | 000,056,756 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/03/14 09:33:55 | 000,006,733 | ---- | C] () -- C:\Documents and Settings\user\My Documents\lollipop.htm
[2010/03/06 16:37:26 | 000,000,085 | ---- | C] () -- C:\WINDOWS\System32\h53unin.bat
[2009/11/15 01:07:10 | 000,041,238 | ---- | C] () -- C:\WINDOWS\ac60AirForceImage.bmp
[2009/11/14 15:06:53 | 000,000,880 | ---- | C] () -- C:\WINDOWS\HBCIKRNL.INI
[2009/11/10 23:27:09 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2009/11/08 15:27:19 | 000,000,668 | ---- | C] () -- C:\Documents and Settings\user\My Documents\46679 Carnegie Bay Rd, Alexandria Bay, NY 13607.kmz
[2009/09/26 00:01:14 | 000,000,020 | ---- | C] () -- C:\WINDOWS\˙ZÁ
[2009/09/24 23:56:36 | 000,001,261 | ---- | C] () -- C:\WINDOWS\System32\pid.inf
[2009/03/03 12:18:04 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2008/09/17 06:05:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2008/05/29 18:57:22 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\aicext.dll
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/04/17 07:29:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/06/26 10:33:40 | 000,023,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2004/12/01 12:54:18 | 000,000,061 | ---- | C] () -- C:\WINDOWS\PureEdgeAPI.ini
[2004/12/01 12:54:14 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\MSQOLE.DLL
[2004/10/09 13:17:36 | 000,000,051 | ---- | C] () -- C:\WINDOWS\iTouch.ini
[2004/09/26 10:02:34 | 000,005,993 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2004/09/26 10:02:05 | 000,000,256 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2004/09/20 11:36:55 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2004/05/22 10:04:42 | 000,000,087 | ---- | C] () -- C:\WINDOWS\TELEPHON.INI
[2004/05/21 23:04:42 | 000,000,430 | ---- | C] () -- C:\WINDOWS\winphone.INI
[2004/05/21 22:13:01 | 000,000,024 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004/05/21 22:12:50 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2004/05/21 18:25:16 | 000,000,037 | ---- | C] () -- C:\WINDOWS\progman.ini
[2004/05/21 18:24:12 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/01/27 06:13:02 | 000,421,888 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib_dec.dll
[2003/11/01 15:59:28 | 000,651,264 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2003/11/01 15:59:28 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2003/08/12 17:55:07 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/08/12 16:00:23 | 000,000,052 | ---- | C] () -- C:\WINDOWS\intuprof.ini
[2003/08/12 16:00:04 | 000,000,608 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2003/08/12 15:52:19 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\getnode.dll
[2003/08/12 15:47:23 | 000,000,040 | ---- | C] () -- C:\WINDOWS\swupdate.ini
[2003/08/12 15:35:10 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2003/08/12 15:35:10 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2003/08/12 15:35:10 | 000,009,149 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2003/08/12 15:35:10 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2003/08/12 15:29:34 | 000,006,528 | ---- | C] () -- C:\WINDOWS\System32\drivers\Tbiosdrv.sys
[2003/08/12 15:26:34 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2003/08/12 11:39:17 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2003/08/12 11:09:22 | 000,000,382 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2003/04/24 17:32:58 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\TVCtrl.dll
[2003/04/24 17:32:36 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\Multview.dll
[2003/04/24 17:32:12 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\LCDCtrl.dll
[2003/04/24 17:31:48 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\GenCtrl.dll
[2003/04/24 17:31:22 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\CRTCtrl.dll
[2003/04/24 17:31:00 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ColorCtr.dll
[2003/02/26 16:47:14 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\MimicICM.dll
[2003/01/07 08:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[1999/01/27 05:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1998/10/11 02:07:38 | 000,088,576 | ---- | C] () -- C:\WINDOWS\System32\Iticheck.dll
[1997/06/13 08:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
< End of report >
  • 0

#6
asolarpc

asolarpc

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
attach log


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 11/1/2003 3:59:41 PM
System Uptime: 7/31/2010 3:39:31 AM (19 hours ago)

Motherboard: TOSHIBA | | Portable PC
Processor: Intel® Pentium® 4 CPU 2.80GHz | uFC-PGA Socket | 2789/133mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 56 GiB total, 12.569 GiB free.
D: is CDROM ()
E: is Removable

==== Disabled Device Manager Items =============

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Atheros AR5001X+ Wireless Network Adapter
Device ID: PCI\VEN_168C&DEV_0013&SUBSYS_7058144F&REV_01\3&61AAA01&0&80
Manufacturer: Atheros
Name: Atheros AR5001X+ Wireless Network Adapter
PNP Device ID: PCI\VEN_168C&DEV_0013&SUBSYS_7058144F&REV_01\3&61AAA01&0&80
Service: AR5211

==== System Restore Points ===================

RP204: 5/21/2010 4:33:19 AM - System Checkpoint
RP205: 5/22/2010 8:52:08 AM - System Checkpoint
RP206: 5/23/2010 8:58:22 AM - System Checkpoint
RP207: 5/24/2010 4:12:56 PM - System Checkpoint
RP208: 5/26/2010 12:26:19 AM - System Checkpoint
RP209: 5/26/2010 3:00:23 AM - Software Distribution Service 3.0
RP210: 5/29/2010 8:16:55 AM - System Checkpoint
RP211: 5/30/2010 9:33:05 AM - System Checkpoint
RP212: 5/31/2010 2:52:09 PM - System Checkpoint
RP213: 6/1/2010 9:15:26 PM - System Checkpoint
RP214: 6/3/2010 11:34:04 PM - System Checkpoint
RP215: 6/4/2010 3:00:25 AM - Software Distribution Service 3.0
RP216: 6/5/2010 6:43:43 AM - System Checkpoint
RP217: 6/6/2010 10:48:57 AM - System Checkpoint
RP218: 6/9/2010 10:36:31 PM - System Checkpoint
RP219: 6/11/2010 3:00:54 AM - Software Distribution Service 3.0
RP220: 6/12/2010 9:43:02 AM - System Checkpoint
RP221: 6/13/2010 8:34:47 PM - System Checkpoint
RP222: 6/15/2010 7:02:15 AM - System Checkpoint
RP223: 6/16/2010 11:31:48 PM - System Checkpoint
RP224: 6/18/2010 1:10:50 AM - System Checkpoint
RP225: 6/27/2010 2:57:41 AM - Software Distribution Service 3.0
RP226: 6/30/2010 11:02:21 PM - System Checkpoint
RP227: 7/1/2010 11:48:29 PM - System Checkpoint
RP228: 7/3/2010 8:49:01 AM - System Checkpoint
RP229: 7/4/2010 11:32:44 AM - System Checkpoint
RP230: 7/6/2010 6:05:22 PM - System Checkpoint
RP231: 7/8/2010 8:07:39 PM - System Checkpoint
RP232: 7/9/2010 11:21:07 PM - System Checkpoint
RP233: 7/11/2010 2:37:21 AM - System Checkpoint
RP234: 7/13/2010 3:21:52 AM - System Checkpoint
RP235: 7/15/2010 3:00:35 AM - Software Distribution Service 3.0
RP236: 7/15/2010 5:54:40 PM - Software Distribution Service 3.0
RP237: 7/16/2010 9:12:10 PM - Software Distribution Service 3.0
RP238: 7/17/2010 10:14:10 PM - Software Distribution Service 3.0
RP239: 7/18/2010 9:25:29 PM - Removed Acrobat.com
RP240: 7/18/2010 9:27:24 PM - Removed Apple Software Update
RP241: 7/18/2010 9:36:09 PM - Removed Bonjour
RP242: 7/18/2010 9:38:32 PM - Removed HughesNet Status Meter
RP243: 7/18/2010 9:39:52 PM - Configured iPod Updater 2004-08-06
RP244: 7/18/2010 9:40:47 PM - Removed Java 2 Runtime Environment, SE v1.4.2_06
RP245: 7/18/2010 9:44:25 PM - Removed QuickTime
RP246: 7/18/2010 9:58:51 PM - Removed Windows Live ID Sign-in Assistant
RP247: 7/18/2010 9:59:15 PM - Removed Windows Live Sync
RP248: 7/18/2010 9:59:38 PM - Removed Windows Live Upload Tool
RP249: 7/18/2010 10:08:19 PM - Removed MobileMe Control Panel
RP250: 7/21/2010 5:57:44 PM - Software Distribution Service 3.0
RP251: 7/22/2010 7:28:21 PM - Software Distribution Service 3.0
RP252: 7/24/2010 1:39:24 AM - System Checkpoint
RP253: 7/24/2010 7:04:24 AM - Software Distribution Service 3.0
RP254: 7/24/2010 7:24:03 PM - Software Distribution Service 3.0
RP255: 7/25/2010 8:33:42 PM - Software Distribution Service 3.0
RP256: 7/26/2010 8:52:09 PM - Software Distribution Service 3.0
RP257: 7/27/2010 3:41:32 AM - Installed Java™ 6 Update 20
RP258: 7/28/2010 5:10:55 AM - Software Distribution Service 3.0
RP259: 7/29/2010 9:11:19 PM - Software Distribution Service 3.0
RP260: 7/31/2010 3:56:02 AM - Software Distribution Service 3.0

==== Installed Programs ======================


3ivx D4 4.5.1 Decoder (remove only)
ActivClient CAC 6.1 AFR
Ad-Aware
Adobe Flash Player 10 ActiveX
Adobe Reader 9.3.3
ALi AGP Driver 2.00
Alps Pointing-device Driver
Apple Application Support
Apple Mobile Device Support
Atheros Client Utility
Canon MP190 series MP Drivers
CCleaner
Citrix XenApp Web Plugin
Compatibility Pack for the 2007 Office system
Course 12, Version 5
DBsign Web Signer
Dogz (remove only)
Drag'n Drop CD+DVD
DVD-RAM Driver
ERUNT 1.1j
ESET Online Scanner v3
Google Earth
Google Update Helper
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
ICS Viewer 6.0
InterVideo WinDVD 4
iTunes
Java Auto Updater
Java™ 6 Update 20
Java™ 6 Update 5
Logitech Audio Echo Cancellation Component
Logitech Desktop Messenger
Logitech iTouch Software
Logitech MouseWare 9.75
Logitech Print Service
Logitech QuickCam
Logitech Resource Center
Logitech Video Enumerator
Logitech® Camera Driver
Malwarebytes' Anti-Malware
Microsoft .NET Framework (English)
Microsoft .NET Framework (English) v1.0.3705
Microsoft .NET Framework 1.0 Hotfix (KB928367)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Live Add-in 1.4
Microsoft Office Outlook Connector
Microsoft Office Professional Edition 2003
Microsoft Outlook Web Access S/MIME
Microsoft Search Enhancement Pack
Microsoft Security Essentials
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C Runtime
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Windows Journal Viewer
Motorola Driver Installation 3.2.0
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser (KB933579)
Napster for Windows Media Player
Notebook Maximizer
Realtek Fast Ethernet Adapter Driver
Safari
SCR3xxx Smart Card Reader
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Skype™ 3.8
Software Suite
SoundMAX
Spybot - Search & Destroy
SurfHere by Toshiba
TOSHIBA Access
TOSHIBA ConfigFree
TOSHIBA Console
TOSHIBA Controls
Toshiba Hotkey Utility for Display Devices
TOSHIBA Power Saver
Toshiba Registration
TOSHIBA SD Memory Card Format
TOSHIBA Software Modem
TOSHIBA Software Upgrades
Toshiba Tbiosdrv Driver
TOSHIBA TouchPad On/Off Utility V2.05.00
TOSHIBA Utilities
UMVPLStandalone
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB973874)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Viewpoint Media Player
WebFldrs XP
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0
Windows XP Service Pack 3
WinZip 14.5
Yahoo! Address AutoComplete
Yahoo! Internet Mail
Yahoo! Messenger Explorer Bar

==== Event Viewer Messages From Past Week ========

7/31/2010 6:03:54 AM, error: Service Control Manager [7034] - The SoundMAX Agent Service service terminated unexpectedly. It has done this 1 time(s).
7/31/2010 6:03:54 AM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
7/31/2010 6:03:53 AM, error: Service Control Manager [7034] - The SeaPort service terminated unexpectedly. It has done this 1 time(s).
7/31/2010 6:03:53 AM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
7/31/2010 6:03:52 AM, error: Service Control Manager [7034] - The Logitech Process Monitor service terminated unexpectedly. It has done this 1 time(s).
7/31/2010 6:03:52 AM, error: Service Control Manager [7034] - The ActivClient Middleware Service service terminated unexpectedly. It has done this 1 time(s).
7/31/2010 6:03:52 AM, error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.
7/31/2010 6:03:52 AM, error: Service Control Manager [7031] - The Lavasoft Ad-Aware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
7/31/2010 6:03:52 AM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/31/2010 3:42:20 AM, error: Application Popup [877] - There was error [DATABASE OPEN FAILED] processing the driver database.
7/29/2010 8:47:01 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Spooler service.
7/28/2010 9:59:29 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
7/28/2010 9:03:41 PM, error: Service Control Manager [7022] - The Windows Search service hung on starting.
7/28/2010 12:53:49 AM, error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0.
7/28/2010 12:50:59 AM, error: Disk [11] - The driver detected a controller error on \Device\Harddisk0\D.
7/28/2010 12:50:37 AM, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
7/28/2010 11:05:45 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the iPod Service service to connect.
7/28/2010 11:05:45 PM, error: Service Control Manager [7000] - The iPod Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/28/2010 11:05:44 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
7/28/2010 11:05:08 PM, error: Service Control Manager [7022] - The Automatic Updates service hung on starting.
7/28/2010 11:04:07 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Windows Search service to connect.
7/28/2010 11:04:07 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the SSDP Discovery Service service to connect.
7/28/2010 11:04:07 PM, error: Service Control Manager [7001] - The Windows Media Player Network Sharing Service service depends on the Universal Plug and Play Device Host service which failed to start because of the following error: The dependency service or group failed to start.
7/28/2010 11:04:07 PM, error: Service Control Manager [7001] - The Universal Plug and Play Device Host service depends on the SSDP Discovery Service service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
7/28/2010 11:04:07 PM, error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/28/2010 11:04:07 PM, error: Service Control Manager [7000] - The SSDP Discovery Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/28/2010 10:08:45 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
7/28/2010 10:00:47 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Fips intelppm IPSec MpFilter MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip
7/28/2010 10:00:47 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
7/28/2010 10:00:47 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
7/28/2010 10:00:47 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBT service which failed to start because of the following error: A device attached to the system is not functioning.
7/28/2010 10:00:47 PM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
7/28/2010 10:00:12 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
7/27/2010 3:16:06 AM, error: Service Control Manager [7023] - The HID Input Service service terminated with the following error: The specified module could not be found.

==== End Of File ===========================
  • 0

#7
asolarpc

asolarpc

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
DDS (Ver_10-03-17.01) - NTFSx86
Run by user at 22:08:59.03 on Sat 07/31/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1503.870 [GMT -6:00]

AV: Microsoft Security Essentials *On-access scanning enabled* (Updated) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
FW: COMODO Firewall Pro *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
svchost.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\user\Desktop\Downloads\Geeks to go\Sixth\dds.com

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = <local>
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
EB: &Yahoo! Messenger: {4528bbe0-4e08-11d5-ad55-00010333d0ad} - c:\program files\yahoo!\messenger\yhexbmes0521.dll
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [Yahoo! Pager] c:\program files\yahoo!\messenger\ypager.exe -quiet
mRun: [PmProxy] c:\program files\analog devices\soundmax\PmProxy.exe
mRun: [Apoint] c:\program files\apoint2k\Apoint.exe
mRun: [TouchED] c:\program files\toshiba\touched\TouchED.Exe
mRun: [Tpwrtray] TPWRTRAY.EXE
mRun: [LogitechCommunicationsManager] "c:\program files\common files\logitech\lcommgr\Communications_Helper.exe"
mRun: [Logitech Utility] Logi_MwX.Exe
mRun: [accrdsub] "c:\program files\actividentity\activclient\accrdsub.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [HughesNetTools_McciTrayApp] c:\program files\hughesnettools\1\McciTrayApp_SSR.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [MSSE] "c:\program files\microsoft security essentials\msseces.exe" -hide -runkey
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Trusted Zone: af.mil\*.plk
Trusted Zone: af.mil\afrl
Trusted Zone: af.mil\kirtland.afrl
Trusted Zone: af.mil\outlook.plk
Trusted Zone: af.mil\webmail.kirtland
Trusted Zone: compuserve.com\login
Trusted Zone: microsoft.com\*.update
Trusted Zone: windowsupdate.com\download
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1232364992522
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1220308917567
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} - hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-29-0.cab
DPF: {CAEAFE12-7726-4C39-B620-2601216CFBB5} - hxxp://phughescw.hughes.motive.com/wizlet/spaceway/static/controls/Mcci_6-1-0.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-160-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: x-excid - {9D6CC632-1337-4a33-9214-2DA092E776F4} - c:\windows\downloaded program files\mimectl.dll
Notify: ackpbsc - c:\windows\system32\ackpbsc.dll
Notify: acunlock - c:\program files\actividentity\activclient\acunlock.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

============= SERVICES / DRIVERS ===============

R0 ALiAGP;ALi AGP Bus Filter Driver;c:\windows\system32\drivers\ALiAGP.SYS [2003-8-12 26880]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-3-25 151216]
R2 aawservice;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\aawservice.exe [2008-5-12 611664]
R3 tridxp;tridxp;c:\windows\system32\drivers\tridxpm.sys [2003-4-24 248448]
S2 accoca;ActivClient Middleware Service;c:\program files\actividentity\activclient\accoca.exe [2008-5-29 198184]
S3 ALiIRDA;ALi Infrared Device Driver;c:\windows\system32\drivers\aliirda.sys [2003-8-12 26112]
S3 SCR3XX2K;SCR3xx USB SmartCardReader;c:\windows\system32\drivers\SCR3XX2K.sys [2009-5-21 57984]
S3 SCRx31 USB Reader;SCRx31 USB Reader;c:\windows\system32\drivers\stc2.sys [2002-8-22 57088]
S3 wlags48b;Wireless LAN PCCard Driver;c:\windows\system32\drivers\wlags48b.sys [2003-8-12 156672]

=============== Created Last 30 ================

2010-07-27 09:42:33 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-18 06:14:00 0 d-sha-r- C:\cmdcons
2010-07-18 05:59:17 77312 ----a-w- c:\windows\MBR.exe
2010-07-18 05:59:17 256512 ----a-w- c:\windows\PEV.exe
2010-07-15 04:47:58 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2010-07-14 08:19:18 37248 ----a-w- c:\windows\system32\drivers\ISAPNP.SYS
2010-07-14 04:55:39 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-07-14 04:37:14 0 d-----w- c:\program files\Microsoft Security Essentials
2010-07-11 18:52:02 0 d-----w- c:\program files\ESET

==================== Find3M ====================

2010-05-06 10:41:53 916480 ----a-w- c:\windows\system32\wininet.dll
2009-09-25 09:08:28 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012009092520090926\index.dat

============= FINISH: 22:09:54.58 ===============
  • 0

#8
asolarpc

asolarpc

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Procexp log

Process PID CPU Private Bytes Working Set Description Company Name
System Idle Process 0 98.02 0 K 16 K
services.exe 852 0.99 1,792 K 7,600 K Services and Controller app Microsoft Corporation
procexp.exe 3828 0.99 7,980 K 12,464 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com
wmpnscfg.exe 2052 1,016 K 8,132 K Windows Media Player Network Sharing Service Configuration Application Microsoft Corporation
wmpnetwk.exe 1492 5,640 K 21,600 K Windows Media Player Network Sharing Service Microsoft Corporation
winlogon.exe 808 9,208 K 19,980 K Windows NT Logon Application Microsoft Corporation
System 4 0 K 228 K
svchost.exe 1136 2,488 K 18,712 K Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1016 3,080 K 19,480 K Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1172 1,884 K 18,200 K Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1304 24,832 K 52,068 K Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1504 1,204 K 17,064 K Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1116 1,504 K 17,548 K Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1828 2,672 K 18,752 K Generic Host Process for Win32 Services Microsoft Corporation
spoolsv.exe 168 3,432 K 19,856 K Spooler SubSystem App Microsoft Corporation
smss.exe 456 168 K 900 K Windows NT Session Manager Microsoft Corporation
searchindexer.exe 332 19,824 K 35,096 K Microsoft Windows Search Indexer Microsoft Corporation
scardsvr.exe 212 864 K 16,208 K Smart Card Resource Management Server Microsoft Corporation
MsMpEng.exe 2728 158,468 K 93,660 K AntiMalware Service Executable Microsoft Corporation
MDM.EXE 1508 924 K 15,772 K Machine Debug Manager Microsoft Corporation
lsass.exe 864 3,820 K 1,248 K LSA Shell (Export Version) Microsoft Corporation
Interrupts n/a 0 K 0 K Hardware Interrupts
explorer.exe 3624 24,688 K 44,412 K Windows Explorer Microsoft Corporation
DPCs n/a 0 K 0 K Deferred Procedure Calls
csrss.exe 776 1,676 K 6,888 K Client Server Runtime Process Microsoft Corporation
AppleMobileDeviceService.exe 868 1,792 K 8,564 K Apple Mobile Device Service Apple Inc.
alg.exe 2572 1,136 K 16,932 K Application Layer Gateway Service Microsoft Corporation
aawservice.exe 2920 9,176 K 17,592 K Ad-Aware Service Lavasoft
  • 0

#9
asolarpc

asolarpc

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Hello? Anybody there? I have not received a reply to my post, comments or help on my logs, etc.

Edited by asolarpc, 03 August 2010 - 09:03 PM.

  • 0

#10
asolarpc

asolarpc

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Hello? Anybody there? I have not received any replies to my post, or the logs, etc.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP