Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Blue Screen Error 0X00000077

Started by Kim Clasen Hamacher , Sep 10 2011 01:01 AM

  • Please log in to reply

#1
Kim Clasen Hamacher
Posted 10 September 2011 - 01:01 AM

Kim Clasen Hamacher

    New Member

  • Member
  • Pip
  • 1 posts
1. Recently installed XP's SP3 and several MS updates.
2. About a month ago I had to install MS Office (Home and Student 2010), an Entrada editing platform for work, and IE8
I have had problems with Word giving me error messages about potentially losing work, but I think this is related to the Entrada platform.
3. Computer has been running progressively slower over the past month and IE8 seems to 'run over' into my other apps if I Alt+Tab frequently, and IE8 also has stopped responding more frequently, every other day or so, so that I have to close it from the Task Manager
4. I added 2 sticks of RAM (Kingston 1GB 240-Pin DDR2 SDRAM DDR2 800 (PC2 6400) Desktop Memory Model KVR800D2N5/1G) hoping to speed things up. Previously had 2 sticks of factory RAM - I'm not sure if they are even working??
5. Today I got the BSoD twice! I haven't seen that in years!

Anyhow I haven't run any other checks. You're my first stop. Here's what OTL gave me:

OTL logfile created on: 9/9/2011 11:27:43 PM - Run 1
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Documents and Settings\Hamacher\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.14 Gb Available Physical Memory | 57.01% Memory free
5.27 Gb Paging File | 4.03 Gb Available in Paging File | 76.55% Paging File free
Paging file location(s): C:\pagefile.sys 3500 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 182.10 Gb Free Space | 78.20% Space Free | Partition Type: NTFS
Drive D: | 422.29 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: HAMACHERKIM | User Name: Hamacher | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/09 23:26:38 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Hamacher\Desktop\OTL.exe
PRC - [2011/08/08 18:28:02 | 000,977,408 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) -- C:\Documents and Settings\Hamacher\Local Settings\Application Data\Apps\Evernote\Evernote\EvernoteClipper.exe
PRC - [2011/07/04 04:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/07/04 04:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/03/31 22:11:52 | 000,428,640 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
PRC - [2011/03/22 23:56:40 | 000,687,448 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2011/03/01 23:14:08 | 000,190,808 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2011/03/01 23:13:44 | 000,203,096 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
PRC - [2011/01/12 19:01:28 | 006,129,496 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Vid HD\Vid.exe
PRC - [2010/02/21 18:46:02 | 001,101,824 | ---- | M] (Zhorn Software) -- C:\Program Files\stickies\stickies.exe
PRC - [2010/02/21 18:14:03 | 000,160,328 | ---- | M] (Siber Systems) -- C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
PRC - [2010/01/12 10:07:44 | 000,033,792 | ---- | M] (Palm) -- C:\Program Files\Palm, Inc\novacom\x86\novacomd.exe
PRC - [2009/12/08 13:38:16 | 003,474,848 | ---- | M] (Webshots.com) -- C:\Program Files\Webshots\3.1.5.7617\Webshots.scr
PRC - [2009/11/10 16:39:26 | 005,244,216 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
PRC - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/14 06:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/09/05 14:06:56 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\RocketFish\RF5.1\Surround Mixer\CTSysVol.exe
PRC - [2007/04/01 09:02:38 | 000,568,176 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2006/09/11 20:59:28 | 000,172,032 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
PRC - [2006/09/11 20:56:02 | 000,135,227 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
PRC - [2006/09/11 20:55:42 | 000,065,599 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
PRC - [2006/04/13 17:14:26 | 000,020,543 | ---- | M] (Apache Software Foundation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe
PRC - [2005/10/03 13:04:04 | 000,102,400 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
PRC - [2005/09/16 02:37:04 | 000,057,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe


========== Modules (No Company Name) ==========

MOD - [2011/09/09 13:02:30 | 001,560,064 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11090901\algo.dll
MOD - [2011/09/09 10:20:53 | 000,208,544 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11090901\aswRep.dll
MOD - [2011/04/19 12:39:46 | 000,315,392 | ---- | M] () -- C:\Documents and Settings\Hamacher\Local Settings\Application Data\Apps\Evernote\Evernote\libtidy.dll
MOD - [2011/04/19 12:39:44 | 000,433,664 | ---- | M] () -- C:\Documents and Settings\Hamacher\Local Settings\Application Data\Apps\Evernote\Evernote\libxml2.dll
MOD - [2011/03/31 22:06:54 | 000,181,592 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\SharedBin\LvApi11.dll
MOD - [2011/03/30 18:25:42 | 000,331,608 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
MOD - [2011/03/22 23:56:40 | 000,687,448 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
MOD - [2011/03/01 23:15:28 | 000,126,808 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2011/03/01 23:15:28 | 000,027,480 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2011/03/01 23:15:04 | 000,340,824 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2011/03/01 23:14:42 | 007,954,776 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2011/03/01 23:14:30 | 002,143,576 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2011/03/01 23:13:44 | 000,203,096 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
MOD - [2011/01/12 18:57:34 | 000,751,616 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\vpxmd.dll
MOD - [2011/01/12 18:55:28 | 000,027,472 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\SDL.dll
MOD - [2010/02/21 18:46:02 | 000,049,152 | ---- | M] () -- C:\Program Files\stickies\shook70.dll
MOD - [2010/02/05 11:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2009/11/10 16:39:24 | 000,929,792 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\yui.dll
MOD - [2009/11/03 16:51:42 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009/04/22 14:53:56 | 000,969,040 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtNetwork4.dll
MOD - [2009/04/09 16:04:56 | 002,141,008 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtCore4.dll
MOD - [2009/03/03 15:18:08 | 000,138,064 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\plugins\imageformats\qjpeg4.dll
MOD - [2009/03/03 15:18:06 | 000,035,152 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\plugins\imageformats\qico4.dll
MOD - [2009/03/03 15:18:06 | 000,029,008 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\plugins\imageformats\qgif4.dll
MOD - [2009/03/03 15:17:46 | 011,311,952 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtWebKit4.dll
MOD - [2009/03/03 15:17:46 | 000,363,856 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtXml4.dll
MOD - [2009/03/03 15:17:44 | 000,200,016 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtSql4.dll
MOD - [2009/03/03 15:17:40 | 000,475,472 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtOpenGL4.dll
MOD - [2009/03/03 15:17:38 | 007,704,400 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtGui4.dll
MOD - [2009/03/03 15:17:32 | 000,291,664 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\phonon4.dll
MOD - [2009/02/25 23:39:00 | 000,065,536 | R--- | M] () -- C:\WINDOWS\system32\P17.dll
MOD - [2008/04/14 06:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 06:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2007/04/01 09:00:28 | 002,842,624 | ---- | M] () -- C:\WINDOWS\system32\btwicons.dll
MOD - [2007/04/01 08:57:16 | 000,053,248 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2006/09/11 20:59:28 | 000,172,032 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
MOD - [2006/04/13 17:14:26 | 000,876,544 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\libeay32.dll
MOD - [2006/04/13 17:14:26 | 000,159,744 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\ssleay32.dll
MOD - [2006/04/13 17:14:26 | 000,024,691 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_auth.so
MOD - [2005/10/03 13:04:04 | 000,102,400 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe


========== Win32 Services (SafeList) ==========

SRV - [2011/07/04 04:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/03/31 22:11:52 | 000,428,640 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2010/01/12 10:07:44 | 000,033,792 | ---- | M] (Palm) [Auto | Running] -- C:\Program Files\Palm, Inc\novacom\x86\novacomd.exe -- (NovacomD)
SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2006/09/11 20:59:28 | 000,172,032 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
SRV - [2006/09/11 20:56:02 | 000,135,227 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe -- (nSvcIp)
SRV - [2006/09/11 20:55:42 | 000,065,599 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe -- (nSvcLog)
SRV - [2006/04/13 17:14:26 | 000,020,543 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe -- (ForcewareWebInterface)
SRV - [2005/10/03 13:04:04 | 000,102,400 | ---- | M] () [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor4.0)


========== Driver Services (SafeList) ==========

DRV - [2011/07/04 04:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/07/04 04:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/07/04 04:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/07/04 04:35:12 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/07/04 04:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/07/04 04:32:13 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/07/04 04:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/03/31 22:11:10 | 004,333,280 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech Webcam C210(UVC)
DRV - [2011/03/31 22:09:48 | 000,291,424 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2009/02/25 23:29:58 | 001,142,272 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P17.sys -- (P17)
DRV - [2007/08/30 00:00:04 | 000,067,960 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2007/08/29 23:59:56 | 000,055,352 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2007/08/29 23:59:54 | 000,149,123 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2007/08/29 23:59:44 | 000,037,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2007/08/29 23:59:40 | 000,876,384 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2007/08/29 23:59:26 | 000,539,072 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006/11/02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2006/09/11 20:45:38 | 000,019,968 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/09/11 20:45:36 | 000,057,856 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006/09/11 20:45:26 | 000,110,592 | ---- | M] (NVIDIA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\nvtcp.sys -- (NVTCP)
DRV - [2006/08/21 19:24:28 | 000,105,344 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2006/03/17 18:18:58 | 000,392,960 | R--- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2005/01/10 03:15:30 | 000,106,496 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2005/01/10 03:15:24 | 000,138,752 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2004/08/13 11:56:00 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=4.0: C:\Program Files\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MI1933~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MI1933~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\MSN Toolbar\Platform\4.0.0357.1\Firefox [2011/07/28 10:04:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011/08/05 17:40:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/08/30 21:06:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/08/30 21:06:08 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2004/08/04 13:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CTSysVol] C:\Program Files\RocketFish\RF5.1\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] File not found
O4 - HKLM..\Run: [P17Helper] C:\WINDOWS\System32\P17.dll ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKCU..\Run: [Logitech Vid] C:\Program Files\Logitech\Vid HD\Vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [RoboForm] C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - HKCU..\Run: [SetDefaultMIDI] C:\WINDOWS\MIDIDEF.EXE (Creative Technology Ltd)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\Hamacher\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Documents and Settings\Hamacher\Local Settings\Application Data\Apps\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O4 - Startup: C:\Documents and Settings\Hamacher\Start Menu\Programs\Startup\Stickies.lnk = C:\Program Files\stickies\stickies.exe (Zhorn Software)
O4 - Startup: C:\Documents and Settings\Hamacher\Start Menu\Programs\Startup\Webshots.lnk = C:\Program Files\Webshots\3.1.5.7617\Launcher.exe (Webshots.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O8 - Extra context menu item: Add to Evernote - C:\Program Files\Evernote\Evernote3\enbar.dll (Evernote Corporation)
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Documents and Settings\Hamacher\Local Settings\Application Data\Apps\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: Customize Menu - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Fill Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: RoboForm Toolbar - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Documents and Settings\Hamacher\Local Settings\Application Data\Apps\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Documents and Settings\Hamacher\Local Settings\Application Data\Apps\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Documents and Settings\Hamacher\Local Settings\Application Data\Apps\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Documents and Settings\Hamacher\Local Settings\Application Data\Apps\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E9252800} - C:\Program Files\Evernote\Evernote3\enbar.dll (Evernote Corporation)
O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E9252800} - C:\Program Files\Evernote\Evernote3\enbar.dll (Evernote Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} http://www.comcastsu...oad/tgctlsr.cab (SupportSoft Script Runner Class)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.appl...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.co...sreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...tDetection2.cab (GMNRev Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://images3.pnime...veX_Control.cab (Photo Upload Plugin Class)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D7107300-E42A-4C1C-84EB-4D783E58B88D} https://mq1webc2.spe...nstallerOCX.cab (DNInstallerOCX Class)
O16 - DPF: {D9E4E21E-60E0-11DA-91EB-00123F33E209} https://mq1webc2.spe...NInstaller2.cab (DNInstallerOCX Class)
O16 - DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} http://download.micr...04/clearadj.cab (CTAdjust Class)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://entrada.webe...nbr/ieatgpc.cab (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} http://h30155.www3.h.../qdiagh.cab?326 (QDiagHUpdateObj Class)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...trl.cab?lmi=100 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.69.150 68.87.85.102
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{48704207-45C3-4633-93BB-A540CDDF2877}: DhcpNameServer = 68.87.69.150 68.87.85.102
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EFE65ED0-1503-45E6-8B9B-8F4E39CD2CCE}: DhcpNameServer = 68.87.69.150 68.87.85.102
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Hamacher\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Hamacher\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/01/20 15:09:24 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/03/31 18:09:56 | 000,674,529 | R--- | M] () - D:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{78fa5bb2-2032-11df-bf90-001bfc3bcfe7}\Shell\AutoRun\command - "" = E:\setupSNK.exe
O33 - MountPoints2\{a2a044e8-1f69-11df-bf8e-001bfc3bcfe7}\Shell\AutoRun\command - "" = E:\setupSNK.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/09/09 23:26:29 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Hamacher\Desktop\OTL.exe
[2011/09/09 08:49:00 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2011/08/30 21:18:08 | 000,372,736 | R--- | C] (Hewlett Packard) -- C:\WINDOWS\System32\hppldcoi.dll
[2010/10/14 19:40:54 | 000,033,836 | ---- | C] (Di@monD) -- C:\Program Files\Pattern Wizard 1.6.4 Trial Resetter.exe
[2010/02/21 19:06:45 | 000,233,475 | ---- | C] (TODO: <Company name>) -- C:\Program Files\AgeCalc.exe
[2010/01/20 19:42:07 | 000,065,536 | R--- | C] ( ) -- C:\WINDOWS\System32\A3d.dll
[2009/06/01 14:27:04 | 002,414,024 | ---- | C] (Patrick Roberts Software ) -- C:\Program Files\PatternWizard_1.6.4.exe
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/09/09 23:26:38 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Hamacher\Desktop\OTL.exe
[2011/09/09 23:06:05 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/09/09 23:04:24 | 000,271,490 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2011/09/09 23:04:02 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/09/09 22:42:57 | 000,349,872 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/09/09 21:33:32 | 000,004,784 | ---- | M] () -- C:\WINDOWS\InstText.ini
[2011/09/09 20:21:14 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/09/09 20:20:44 | 000,002,493 | ---- | M] () -- C:\Documents and Settings\Hamacher\Desktop\Entrada Editor.lnk
[2011/09/09 08:59:31 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Hamacher\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/09/04 19:38:35 | 000,956,697 | ---- | M] () -- C:\Documents and Settings\Hamacher\My Documents\how_to_make_a_garterized_headband.pdf
[2011/09/04 19:38:30 | 002,470,590 | ---- | M] () -- C:\Documents and Settings\Hamacher\My Documents\carnation.pdf
[2011/09/04 19:38:10 | 001,443,583 | ---- | M] () -- C:\Documents and Settings\Hamacher\My Documents\layered_cabbage_rose.pdf
[2011/09/04 19:37:47 | 001,012,960 | ---- | M] () -- C:\Documents and Settings\Hamacher\My Documents\jewel_box_ballerina_tutorial_knotted_chrysanthemum.pdf
[2011/09/04 19:37:27 | 001,970,919 | ---- | M] () -- C:\Documents and Settings\Hamacher\My Documents\free_tutorials__how_to_use_feather_and_fabric_flowers.pdf
[2011/09/04 19:37:19 | 001,425,958 | ---- | M] () -- C:\Documents and Settings\Hamacher\My Documents\no_sew_chrysanthemum.pdf
[2011/09/02 19:45:14 | 000,000,777 | ---- | M] () -- C:\Documents and Settings\Hamacher\Start Menu\Programs\Startup\Webshots.lnk
[2011/08/31 21:08:57 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/08/30 21:24:56 | 000,207,002 | ---- | M] () -- C:\WINDOWS\hpoins46.dat
[2011/08/30 21:04:54 | 000,001,808 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2011/08/30 21:04:43 | 000,001,731 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP ePrinterCenter.lnk
[2011/08/27 20:36:07 | 000,001,518 | ---- | M] () -- C:\Documents and Settings\Hamacher\Desktop\toadocs.rtf
[2011/08/26 13:35:57 | 000,441,600 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/08/26 13:35:57 | 000,071,536 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/08/22 08:56:51 | 000,206,906 | ---- | M] () -- C:\WINDOWS\hpoins46.dat.temp
[2011/08/18 11:52:40 | 000,001,131 | ---- | M] () -- C:\Documents and Settings\Hamacher\Start Menu\Programs\Startup\EvernoteClipper.lnk
[2011/08/18 11:52:15 | 000,001,067 | ---- | M] () -- C:\Documents and Settings\Hamacher\Desktop\Evernote.lnk
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/09/04 19:38:34 | 000,956,697 | ---- | C] () -- C:\Documents and Settings\Hamacher\My Documents\how_to_make_a_garterized_headband.pdf
[2011/09/04 19:38:28 | 002,470,590 | ---- | C] () -- C:\Documents and Settings\Hamacher\My Documents\carnation.pdf
[2011/09/04 19:38:08 | 001,443,583 | ---- | C] () -- C:\Documents and Settings\Hamacher\My Documents\layered_cabbage_rose.pdf
[2011/09/04 19:37:46 | 001,012,960 | ---- | C] () -- C:\Documents and Settings\Hamacher\My Documents\jewel_box_ballerina_tutorial_knotted_chrysanthemum.pdf
[2011/09/04 19:37:25 | 001,970,919 | ---- | C] () -- C:\Documents and Settings\Hamacher\My Documents\free_tutorials__how_to_use_feather_and_fabric_flowers.pdf
[2011/09/04 19:37:18 | 001,425,958 | ---- | C] () -- C:\Documents and Settings\Hamacher\My Documents\no_sew_chrysanthemum.pdf
[2011/08/30 21:04:54 | 000,001,808 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2011/08/30 21:04:43 | 000,001,731 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP ePrinterCenter.lnk
[2011/08/30 21:01:58 | 000,207,002 | ---- | C] () -- C:\WINDOWS\hpoins46.dat
[2011/08/30 21:01:58 | 000,000,574 | ---- | C] () -- C:\WINDOWS\hpomdl46.dat
[2011/08/27 20:36:07 | 000,001,518 | ---- | C] () -- C:\Documents and Settings\Hamacher\Desktop\toadocs.rtf
[2011/08/18 11:52:40 | 000,001,131 | ---- | C] () -- C:\Documents and Settings\Hamacher\Start Menu\Programs\Startup\EvernoteClipper.lnk
[2011/08/18 11:52:15 | 000,001,067 | ---- | C] () -- C:\Documents and Settings\Hamacher\Desktop\Evernote.lnk
[2011/07/09 20:46:46 | 000,011,776 | ---- | C] () -- C:\Documents and Settings\Hamacher\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/28 14:11:27 | 000,000,115 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2011/06/27 10:56:39 | 000,206,906 | ---- | C] () -- C:\WINDOWS\hpoins46.dat.temp
[2011/06/27 10:56:39 | 000,000,574 | ---- | C] () -- C:\WINDOWS\hpomdl46.dat.temp
[2011/06/13 17:16:57 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\P17CPI.dll
[2011/06/13 17:16:55 | 000,065,536 | R--- | C] () -- C:\WINDOWS\System32\P17.dll
[2011/04/24 10:49:09 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2011/03/31 22:07:02 | 010,877,272 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll
[2011/03/31 22:07:02 | 000,102,744 | ---- | C] () -- C:\WINDOWS\System32\LogiDPPApp.exe
[2011/03/31 22:06:56 | 000,331,608 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll
[2011/03/31 21:56:00 | 000,027,872 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2011/03/22 23:58:22 | 000,014,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2011/01/11 18:05:18 | 000,008,592 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll
[2010/12/28 15:54:25 | 000,016,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2010/09/16 22:51:03 | 000,000,108 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2010/09/16 22:38:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2010/04/26 10:23:10 | 000,000,154 | ---- | C] () -- C:\WINDOWS\pwix.ini
[2010/03/27 23:28:26 | 000,038,768 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/03/04 11:45:38 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2010/03/02 22:58:02 | 000,000,145 | ---- | C] () -- C:\WINDOWS\hpgmdl01.dat
[2010/03/02 21:50:17 | 000,000,272 | ---- | C] () -- C:\WINDOWS\hpqgrcpy.INI
[2010/03/02 21:20:52 | 000,085,319 | ---- | C] () -- C:\WINDOWS\hpgins01.dat.temp
[2010/03/02 21:20:52 | 000,000,145 | ---- | C] () -- C:\WINDOWS\hpgmdl01.dat.temp
[2010/03/02 20:58:33 | 000,085,315 | ---- | C] () -- C:\WINDOWS\hpgins01.dat
[2010/02/21 18:50:23 | 000,004,784 | ---- | C] () -- C:\WINDOWS\InstText.ini
[2010/01/23 09:23:20 | 000,005,810 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2010/01/22 20:05:30 | 002,283,526 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2010/01/22 17:14:53 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/01/22 17:14:52 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/01/20 19:33:52 | 000,001,428 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2010/01/20 15:10:57 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/01/20 15:06:22 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/01/20 06:52:20 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/01/20 06:50:06 | 000,349,872 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/08/17 20:14:07 | 000,005,663 | ---- | C] () -- C:\WINDOWS\System32\Ludap17.ini
[2007/04/01 09:00:28 | 002,842,624 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2007/04/01 08:41:52 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2005/03/21 09:41:32 | 000,004,605 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/03/21 09:41:31 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/03/07 23:17:08 | 000,000,054 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2004/08/04 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 13:00:00 | 000,441,600 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 13:00:00 | 000,071,536 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2002/02/27 09:41:28 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\nsldappr32v50.dll
[2002/02/27 09:41:26 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\nsldap32v50.dll
[2002/02/27 09:41:26 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\nsldapssl32v50.dll
[2001/11/14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2001/08/08 09:44:34 | 000,000,223 | ---- | C] () -- C:\WINDOWS\System32\pspveccomm.ini
[2001/05/03 08:03:58 | 000,000,221 | ---- | C] () -- C:\WINDOWS\System32\smcelp32.ini
[1999/11/05 10:42:36 | 000,000,221 | ---- | C] () -- C:\WINDOWS\System32\pspusbct.ini
[1999/10/08 14:58:24 | 000,000,221 | ---- | C] () -- C:\WINDOWS\System32\pspusblb.ini
[1998/12/11 11:55:00 | 000,000,221 | ---- | C] () -- C:\WINDOWS\System32\pspsbext.ini
[1998/08/10 14:04:00 | 000,000,221 | ---- | C] () -- C:\WINDOWS\System32\pspfidrv.ini
[1998/08/10 14:04:00 | 000,000,221 | ---- | C] () -- C:\WINDOWS\System32\pspaudrv.ini
[1998/08/10 14:03:00 | 000,000,221 | ---- | C] () -- C:\WINDOWS\System32\pspapdrv.ini
[1998/08/10 14:03:00 | 000,000,221 | ---- | C] () -- C:\WINDOWS\System32\mcipspwa.ini
[1998/08/10 14:03:00 | 000,000,221 | ---- | C] () -- C:\WINDOWS\System32\mcipspct.ini
[1998/08/10 14:02:00 | 000,000,221 | ---- | C] () -- C:\WINDOWS\System32\pspfbase.ini
[1998/08/10 14:02:00 | 000,000,220 | ---- | C] () -- C:\WINDOWS\System32\pspwave.ini
[1998/08/10 14:02:00 | 000,000,219 | ---- | C] () -- C:\WINDOWS\System32\pspdss.ini
[1998/08/10 14:02:00 | 000,000,219 | ---- | C] () -- C:\WINDOWS\System32\pspddi.ini

========== LOP Check ==========

[2010/02/21 20:02:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\agi
[2011/03/25 11:12:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2010/02/21 19:19:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DocQscribe
[2011/06/28 14:09:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Entrada
[2010/03/04 11:48:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\espionServerData
[2010/01/22 20:47:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Geek Squad
[2010/02/21 18:16:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GoodSync
[2010/12/28 15:53:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2011/05/22 11:28:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2010/03/15 16:50:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2010/04/22 14:03:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/02/21 18:14:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RoboForm
[2011/08/05 17:48:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/06/30 13:54:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Virtualized Applications
[2011/06/21 15:52:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VirtualizedApplications
[2011/06/27 21:26:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Visan
[2011/06/29 09:38:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2010/10/01 20:31:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/03/19 20:58:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2011/08/05 17:50:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hamacher\Application Data\ActiveWords
[2010/02/21 20:02:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hamacher\Application Data\AGI
[2010/11/02 18:24:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hamacher\Application Data\Amazon
[2010/09/10 22:19:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hamacher\Application Data\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
[2011/01/22 19:28:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hamacher\Application Data\BeadTool
[2010/06/17 22:58:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hamacher\Application Data\CanuckSoftware
[2011/09/09 19:45:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hamacher\Application Data\GoodSync
[2011/04/27 20:01:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hamacher\Application Data\Leadertech
[2010/03/15 16:50:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hamacher\Application Data\NCH Swift Sound
[2010/02/28 22:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hamacher\Application Data\OpenOffice.org
[2011/07/06 10:32:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hamacher\Application Data\SoftGrid Client
[2011/09/09 23:06:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hamacher\Application Data\stickies
[2010/05/02 18:12:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hamacher\Application Data\Teleca
[2011/07/06 10:05:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hamacher\Application Data\TP
[2011/06/27 21:26:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hamacher\Application Data\Visan
[2011/06/30 13:22:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hamacher\Application Data\webex
[2010/02/21 20:02:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hamacher\Application Data\Webshots
[2010/01/22 16:42:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hamacher\Application Data\WinBatch
[2010/03/11 19:59:42 | 000,000,294 | ---- | M] () -- C:\WINDOWS\Tasks\expressSevenDaysInit.job
[2010/03/15 00:02:01 | 000,000,288 | ---- | M] () -- C:\WINDOWS\Tasks\expressShakeIcon.job

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2010/10/14 22:13:56 | 000,000,490 | ---- | M] ()(C:\Program Files\README ! ?????? !.txt) -- C:\Program Files\README ! Читать !.txt
[2010/10/14 22:13:56 | 000,000,490 | ---- | C] ()(C:\Program Files\README ! ?????? !.txt) -- C:\Program Files\README ! Читать !.txt

========== Alternate Data Streams ==========

@Alternate Data Stream - 242 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C7461AB9
@Alternate Data Stream - 151 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:333B9FFC

< End of report >

P.S. as far as my computer tech knowledge..I am a shining example of a little bit of knowledge being a VERY dangerous thing. Please use little words in your answer, if at all possible. :)
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP