Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Open With Virus

Started by Martin J , Apr 10 2010 11:28 AM

  • Please log in to reply

#1
Martin J
Posted 10 April 2010 - 11:28 AM

Martin J

    New Member

  • Member
  • Pip
  • 1 posts
Hi, after visiting a lyrics site I believe I have been infected with the "Open With" virus. When I try to open files I receive the Open with box and can not access any programs or files. I can not run anti virus or download malwarebytes. I removed my hard drive and placed it in a hd encloseure and then ran norton and malwarebytes on another computer. No viruses or malware were detected. I then put the hard drive back in my laptop and still have the same results.
Next I downloaded OTL and saved the file as OTL.com, inserted text that I found on your forum and I am posting the results that I received in two note pad files below. The files were called OTL & Extras. Can you help?

Thanks, Marty

OTL logfile created on: 4/10/2010 12:35:00 PM - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Users\David
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 60.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 91.69 Gb Total Space | 57.12 Gb Free Space | 62.29% Space Free | Partition Type: NTFS
Drive D: | 1.13 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DAVID-PC
Current User Name: David
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/04/10 12:34:14 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Users\David\OTL.com
PRC - [2010/03/13 20:49:57 | 000,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Security Suite\Engine\3.8.0.41\ccSvcHst.exe
PRC - [2008/10/29 02:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2006/11/22 21:45:28 | 000,425,648 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
PRC - [2006/11/15 00:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2006/11/01 02:40:16 | 000,077,824 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
PRC - [2006/09/12 12:03:20 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2006/08/23 20:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2006/07/20 16:54:28 | 000,040,960 | ---- | M] () -- c:\Toshiba\IVP\swupdate\swupdtmr.exe
PRC - [2006/05/25 22:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe


========== Modules (SafeList) ==========

MOD - [2010/04/10 12:34:14 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Users\David\OTL.com
MOD - [2008/01/19 03:26:34 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/03/13 20:49:57 | 000,117,640 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Security Suite\Engine\3.8.0.41\ccSvcHst.exe -- (N360)
SRV - [2008/01/19 03:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006/11/22 21:45:28 | 000,425,648 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2006/11/15 00:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2006/11/01 02:40:16 | 000,077,824 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2006/09/12 12:03:20 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006/08/23 20:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2006/07/20 16:54:28 | 000,040,960 | ---- | M] () [Auto | Running] -- c:\Toshiba\IVP\swupdate\swupdtmr.exe -- (Swupdtmr)
SRV - [2006/05/25 22:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2005/11/14 05:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 192.168.7.18:8080

FF - HKLM\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2010/04/10 12:11:46 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (EWPBrowseObject Class) - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\3.8.0.41\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [C:\Windows\system32\V0415Ext.ax] C:\Windows\System32\V0415Ext.ax (Creative Technology Ltd.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [Live! Central 2] C:\Program Files\Creative\Creative Live! Cam\Live! Central 2\CTLVCentral2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [V0415Mon.exe] C:\Windows\V0415Mon.exe (Creative Technology Ltd.)
O4 - HKCU..\Run: [Aim6] C:\Program Files\AIM6\aim6.exe (AOL LLC)
O4 - HKCU..\Run: [ares] C:\Program Files\Ares\Ares.exe File not found
O4 - HKLM..\RunOnceEx: [] File not found
O4 - Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MLB.TV NexDef Plug-in.lnk = C:\ProgramData\Autobahn\mlb-nexdef-autobahn.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint Print - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: real.com ([rhap-app-4-0] https in Trusted sites)
O15 - HKCU\..Trusted Domains: real.com ([rhapreg] https in Trusted sites)
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} http://www.musicnote...ad/mnviewer.cab (Musicnotes Viewer)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...15111/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.64.150 68.87.75.198
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton Security Suite\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop BackupWallPaper: C:\Users\David\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{6016086d-1273-11de-b195-0016d48cfa89}\Shell - "" = AutoRun
O33 - MountPoints2\{6016086d-1273-11de-b195-0016d48cfa89}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = secfile] -- "C:\Users\David\AppData\Local\ave.exe" /START "%1" %* File not found

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2010/03/13 22:08:32 | 000,000,000 | ---D | M]
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
OTL cannot create restorepoints on Vista OSs!

========== Files/Folders - Created Within 14 Days ==========

[2010/04/10 12:33:17 | 000,561,664 | ---- | C] (OldTimer Tools) -- C:\Users\David\OTL.com
[2010/04/06 11:52:47 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\MCE Logs

========== Files - Modified Within 14 Days ==========

[2010/04/10 12:34:25 | 004,456,448 | -HS- | M] () -- C:\Users\David\ntuser.dat
[2010/04/10 12:34:14 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Users\David\OTL.com
[2010/04/10 12:15:26 | 000,707,452 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/04/10 12:15:26 | 000,606,916 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/04/10 12:15:26 | 000,105,884 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/04/10 12:11:56 | 000,002,231 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/04/10 12:11:12 | 000,406,872 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/04/10 12:10:46 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/04/10 12:10:46 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/04/10 12:10:34 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/04/10 12:10:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/04/10 12:10:10 | 2137,120,768 | -HS- | M] () -- C:\hiberfil.sys
[2010/04/10 12:09:09 | 000,524,288 | -HS- | M] () -- C:\Users\David\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/04/10 12:09:09 | 000,065,536 | -HS- | M] () -- C:\Users\David\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/04/10 11:59:38 | 000,002,627 | ---- | M] () -- C:\Users\David\Desktop\Microsoft Office Word 2007.lnk
[2010/04/05 14:42:04 | 000,010,338 | -HS- | M] () -- C:\Users\David\AppData\Local\GbW53PfLB
[2010/04/05 14:42:04 | 000,010,338 | -HS- | M] () -- C:\ProgramData\GbW53PfLB
[2010/04/05 14:40:30 | 000,115,352 | ---- | M] () -- C:\Users\David\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/03/30 14:06:55 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf

========== Files Created - No Company Name ==========

[2010/04/10 11:19:00 | 2137,120,768 | -HS- | C] () -- C:\hiberfil.sys
[2010/04/05 14:40:23 | 000,010,338 | -HS- | C] () -- C:\Users\David\AppData\Local\GbW53PfLB
[2010/04/05 14:40:23 | 000,010,338 | -HS- | C] () -- C:\ProgramData\GbW53PfLB
[2010/03/30 14:06:55 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2008/07/23 18:25:31 | 000,000,034 | ---- | C] () -- C:\Users\David\jagex_runescape_preferences.dat
[2008/06/14 18:46:33 | 000,000,363 | ---- | C] () -- C:\Users\David\AppData\Local\AutobahnAcceleratorInstall.txt
[2008/04/01 22:20:05 | 000,001,425 | ---- | C] () -- C:\Users\David\AppData\Roaming\autobahn.log
[2007/08/26 10:59:28 | 000,000,445 | ---- | C] () -- C:\Users\David\Shared - Shortcut.lnk
[2007/04/03 19:20:54 | 000,001,170 | ---- | C] () -- C:\Users\David\AVS Video Converter.lnk
[2007/04/03 19:20:54 | 000,001,146 | ---- | C] () -- C:\Users\David\AVS Video ReMaker.lnk
[2007/04/03 19:20:54 | 000,001,143 | ---- | C] () -- C:\Users\David\AVS Capture Wizard.lnk
[2007/04/03 19:20:31 | 000,139,264 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2007/04/03 19:20:30 | 000,524,288 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2007/04/01 15:53:07 | 000,001,898 | ---- | C] () -- C:\Users\David\Adobe Reader 8.lnk
[2007/04/01 15:47:18 | 000,000,107 | ---- | C] () -- C:\Users\David\_Nosso_error.log
[2007/04/01 14:16:03 | 000,000,917 | ---- | C] () -- C:\Users\David\My Printer.lnk
[2007/04/01 14:14:55 | 000,001,844 | ---- | C] () -- C:\Users\David\MP Navigator 3.0.lnk
[2007/04/01 14:14:34 | 000,002,072 | ---- | C] () -- C:\Users\David\MP160 On-screen Manual.lnk
[2007/04/01 14:05:09 | 000,000,822 | ---- | C] () -- C:\Users\David\McAfee Security Center.lnk
[2007/02/11 20:38:46 | 000,001,982 | ---- | C] () -- C:\Users\David\Kodak EasyShare.lnk
[2007/02/09 22:59:22 | 000,000,921 | ---- | C] () -- C:\Users\David\Microsoft Interactive Training.lnk
[2007/02/09 22:56:31 | 000,000,794 | ---- | C] () -- C:\Windows\lrun32.ini
[2007/02/09 22:14:43 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2007/02/07 23:22:08 | 000,001,737 | ---- | C] () -- C:\Users\David\QuickTime Player.lnk
[2007/02/07 23:01:45 | 000,000,029 | ---- | C] () -- C:\Windows\atid.ini
[2007/02/07 20:25:43 | 000,027,136 | ---- | C] () -- C:\Users\David\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/02/07 20:22:14 | 000,000,020 | -HS- | C] () -- C:\Users\David\ntuser.ini
[2007/02/07 20:22:13 | 000,524,288 | -HS- | C] () -- C:\Users\David\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2007/02/07 20:22:13 | 000,524,288 | -HS- | C] () -- C:\Users\David\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2007/02/07 20:22:11 | 000,262,144 | -H-- | C] () -- C:\Users\David\ntuser.dat.LOG1
[2007/02/07 20:22:11 | 000,065,536 | -HS- | C] () -- C:\Users\David\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2007/02/07 20:22:11 | 000,000,000 | -H-- | C] () -- C:\Users\David\ntuser.dat.LOG2
[2007/02/07 20:22:10 | 004,456,448 | -HS- | C] () -- C:\Users\David\ntuser.dat
[2006/12/04 15:00:06 | 000,001,790 | ---- | C] () -- C:\Users\David\InterVideo WinDVD for TOSHIBA.lnk
[2006/11/30 21:36:51 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2006/11/30 21:26:56 | 000,002,141 | ---- | C] () -- C:\Users\David\Microsoft Office – 60 Day Trial..lnk
[2006/11/30 21:07:04 | 000,524,288 | -HS- | C] () -- C:\ProgramData\ntuser.dat{5dd96ef9-80d7-11db-a907-0016d42ca96e}.TMContainer00000000000000000002.regtrans-ms
[2006/11/30 21:07:04 | 000,524,288 | -HS- | C] () -- C:\ProgramData\ntuser.dat{5dd96ef9-80d7-11db-a907-0016d42ca96e}.TMContainer00000000000000000001.regtrans-ms
[2006/11/30 21:07:04 | 000,065,536 | -HS- | C] () -- C:\ProgramData\ntuser.dat{5dd96ef9-80d7-11db-a907-0016d42ca96e}.TM.blf
[2006/11/30 21:07:03 | 000,524,288 | -HS- | C] () -- C:\ProgramData\ntuser.dat{5dd96ee9-80d7-11db-a907-0016d42ca96e}.TMContainer00000000000000000002.regtrans-ms
[2006/11/30 21:07:03 | 000,524,288 | -HS- | C] () -- C:\ProgramData\ntuser.dat{5dd96ee9-80d7-11db-a907-0016d42ca96e}.TMContainer00000000000000000001.regtrans-ms
[2006/11/30 21:07:03 | 000,262,144 | ---- | C] () -- C:\ProgramData\ntuser.dat
[2006/11/30 21:07:03 | 000,065,536 | -HS- | C] () -- C:\ProgramData\ntuser.dat{5dd96ee9-80d7-11db-a907-0016d42ca96e}.TM.blf
[2006/11/30 21:07:03 | 000,005,120 | -H-- | C] () -- C:\ProgramData\ntuser.dat.LOG1
[2006/11/30 21:07:03 | 000,000,000 | -H-- | C] () -- C:\ProgramData\ntuser.dat.LOG2
[2006/11/30 21:04:45 | 000,001,447 | ---- | C] () -- C:\Users\David\Software Upgrades.lnk
[2006/11/30 20:55:45 | 000,001,804 | ---- | C] () -- C:\Users\David\Toshiba Direct.lnk
[2006/11/30 20:55:45 | 000,001,791 | ---- | C] () -- C:\Users\David\Office Live.lnk
[2006/11/30 20:55:45 | 000,001,742 | ---- | C] () -- C:\Users\David\eBay - The World's Online Marketplace.lnk
[2006/11/30 20:53:34 | 000,001,855 | ---- | C] () -- C:\Users\David\Toshiba Registration.lnk
[2006/11/30 20:52:32 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2006/11/30 20:52:32 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2006/11/30 20:52:32 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2006/11/30 20:52:32 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2006/11/30 20:52:32 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2006/11/30 20:52:32 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2006/11/30 20:52:11 | 000,002,361 | ---- | C] () -- C:\Users\David\Ulead DVD MovieFactory for TOSHIBA Launcher.lnk
[2006/11/30 20:34:54 | 000,001,633 | ---- | C] () -- C:\Users\David\TOSHIBA Assist.lnk
[2006/11/30 20:26:12 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2006/11/30 20:26:12 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2006/11/30 20:26:12 | 000,010,150 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2006/11/30 20:26:12 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2006/11/30 20:11:44 | 000,002,899 | ---- | C] () -- C:\Users\David\Bluetooth Stack Installation Guide.txt
[2006/11/24 11:48:44 | 000,036,864 | ---- | C] () -- C:\Windows\System32\HWS_Ctrl.dll
[2006/11/06 15:02:10 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1114.dll
[2006/11/06 13:03:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\oemdspif.dll
[2006/11/06 13:00:56 | 000,077,824 | ---- | C] () -- C:\Windows\System32\hccutils.dll
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/10/31 21:37:00 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2006/08/10 19:00:52 | 000,094,208 | ---- | C] () -- C:\Windows\System32\TosBtHcrpAPI.dll
[2006/03/09 14:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005/11/23 18:55:42 | 000,024,576 | ---- | C] () -- C:\Windows\System32\SPCtl.dll
[2005/07/23 01:30:20 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
[2000/09/08 18:53:50 | 000,073,839 | ---- | C] () -- C:\Windows\System32\KodakOneTouch.dll
[2000/01/06 20:00:00 | 000,024,448 | ---- | C] () -- C:\Windows\sysgtime.dll
[2000/01/06 20:00:00 | 000,024,448 | ---- | C] () -- C:\Windows\System32\proclsvr.drv
[1997/06/13 21:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll

========== LOP Check ==========

[2007/02/07 23:04:53 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\acccore
[2007/04/03 19:21:59 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\AVSMedia
[2007/04/01 15:27:35 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Canon
[2007/02/11 21:03:05 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\InterVideo
[2007/12/26 00:40:55 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\LimeWire
[2009/12/22 02:26:16 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\PACE Anti-Piracy
[2007/11/05 09:37:15 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Ruckus Network
[2007/03/31 22:08:12 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\ScanSoft
[2007/04/01 00:42:56 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Ulead Systems
[2007/02/07 21:35:36 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\WildTangent
[2010/04/10 12:09:12 | 000,032,596 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2007/08/26 01:18:43 | 000,000,000 | ---- | M] () -- C:\AILog.txt
[2006/09/18 17:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2008/01/19 03:45:45 | 000,333,203 | RHS- | M] () -- C:\bootmgr
[2006/11/30 19:26:05 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2006/09/18 17:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2010/04/10 12:10:10 | 2137,120,768 | -HS- | M] () -- C:\hiberfil.sys
[2007/02/16 18:03:59 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2007/06/25 22:07:30 | 000,002,058 | -H-- | M] () -- C:\IPH.PH
[2007/02/16 18:03:59 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/04/10 12:10:08 | 2450,919,424 | -HS- | M] () -- C:\pagefile.sys
[2009/12/28 02:37:42 | 000,000,086 | ---- | M] () -- C:\Setup.log


< MD5 for: AGP440.SYS >
[2008/01/19 03:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/19 03:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/19 03:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 05:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006/11/02 05:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/04/11 02:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/19 03:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008/01/19 03:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/19 03:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 05:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008/02/14 04:05:59 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008/02/14 04:05:59 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008/02/14 04:05:57 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 05:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 05:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: IASTORV.SYS >
[2008/01/19 03:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/19 03:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 05:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006/11/02 05:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: KR10N.SYS >
[2005/09/27 19:57:38 | 000,207,104 | ---- | M] (TOSHIBA CORPORATION) MD5=A1963360E74931222A67356C8AD48378 -- C:\Windows\System32\drivers\KR10N.sys
[2005/09/27 19:57:38 | 000,207,104 | ---- | M] (TOSHIBA CORPORATION) MD5=A1963360E74931222A67356C8AD48378 -- C:\Windows\System32\DriverStore\FileRepository\kr10n.inf_f8c77270\KR10N.sys

< MD5 for: NETLOGON.DLL >
[2006/11/02 05:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009/04/11 02:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/19 03:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\System32\netlogon.dll
[2008/01/19 03:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006/11/02 05:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006/11/02 05:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/19 03:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/19 03:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008/01/19 03:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\System32\scecli.dll
[2008/01/19 03:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006/11/02 05:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009/04/11 02:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2008/01/19 03:34:08 | 000,347,136 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2008/01/19 03:34:08 | 000,214,528 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2008/01/19 03:38:03 | 000,242,744 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2008/01/19 03:36:10 | 000,225,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2006/11/30 19:25:53 | 006,602,752 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006/11/30 19:25:51 | 000,102,400 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006/11/30 19:25:53 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/30 19:26:01 | 015,556,608 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/30 19:26:03 | 006,012,928 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

========== Alternate Data Streams ==========

@Alternate Data Stream - 1140 bytes -> C:\ProgramData\Microsoft:H87s2jpyXDhno7vO
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:4B7BEAFF
@Alternate Data Stream - 1105 bytes -> C:\ProgramData\Microsoft:ijlWOd95nkZfBFCLgcdkusFnDA
@Alternate Data Stream - 1099 bytes -> C:\Users\David\AppData\Local\IPahED7MC:s9FzfyikvkBsvURy8yLpSdXE
< End of report >


OTL Extras logfile created on: 4/10/2010 12:35:00 PM - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Users\David
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 60.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 91.69 Gb Total Space | 57.12 Gb Free Space | 62.29% Space Free | Partition Type: NTFS
Drive D: | 1.13 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DAVID-PC
Current User Name: David
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.exe [@ = secfile] -- C:\Users\David\AppData\Local\ave.exe File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~4\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3307843913-2429717751-3970968270-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\TOSHIBA\ivp\NetInt\Netint.exe" = C:\TOSHIBA\ivp\NetInt\Netint.exe:*:Enabled:NIE - Toshiba Software Upgrades Engine -- (TOSHIBA Corporation)
"C:\TOSHIBA\Ivp\ISM\pinger.exe" = C:\TOSHIBA\Ivp\ISM\pinger.exe:*:Enabled:Toshiba Software Upgrades Pinger -- (TOSHIBA Corporation)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{63F16750-D6EE-4E44-88FF-FBEAE889AB20}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{021360A3-95BB-4740-8E5B-F36F1D0ABA42}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{05B5403D-F4F4-45F3-9AE3-27F68A47DA87}" = protocol=6 | dir=in | app=c:\program files\ruckus player\ruckus.exe |
"{1272AE0A-DF24-4B6C-A2E5-1AE6DB7228DB}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{2B006DB6-A932-46E2-B13D-E4541B53B4BF}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{3A58C041-15BF-4399-A145-011BFE899F25}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{4BDCEFAB-309A-4C11-ACC8-42330EDBDD0C}" = protocol=17 | dir=in | app=c:\program files\yahoo!\yahoo! music jukebox\yahoomusicengine.exe |
"{540B30EC-EF47-4A86-8C4D-1F34440ABC5E}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{616ED786-76E8-48C4-87E9-E06D4947D3D5}" = protocol=17 | dir=in | app=c:\program files\ruckus player\ruckus.exe |
"{7CA7EC9F-813F-4C25-BEFF-A1688D891C72}" = protocol=6 | dir=in | app=c:\program files\yahoo!\yahoo! music jukebox\yahoomusicengine.exe |
"{7D71FA2B-9F1F-465A-A418-5F5440EC5C7A}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{80D33CD8-8B42-46A4-8DBB-F10FAB8420D7}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{98B459BD-BA75-4FAA-B73B-3D9EA4337FC0}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{A00D99BA-4166-4DF2-9134-3E2547E01388}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{A0D900EE-4B5C-4DCB-9276-8F059BFF2B70}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A5B5A7BD-C192-4216-978F-F46814F8ED59}" = protocol=17 | dir=in | app=c:\program files\ruckus player\ruckus.exe |
"{A8927CB8-2B2F-45B7-A8D2-8447E5E0604C}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{AE262922-BAD4-4B2C-ACFE-1D1F4A368EC0}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{B0C6A460-610D-4A24-9A1B-8BF103A10DAA}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{BA1E8511-9F47-4792-B6F8-68C9CA6C9E38}" = protocol=6 | dir=in | app=c:\program files\ruckus player\ruckus.exe |
"{C1BD008D-81E2-466A-8A3B-F42BF0D8EBFD}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{C32A722D-84E6-49CC-BA79-3D25E28FEA1B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{C365A5BC-F911-4B72-9226-B6DF3AA7A664}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{CA7182DF-8CC8-4CFC-ADE2-643797D4350C}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{D7401A7F-CCED-4736-809E-73B38DA07ED8}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{E274D529-5C64-48AA-B8AA-F7E956DBDAF1}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{E4DAA35F-DCCF-4468-BA29-C568C93DBBAA}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{EE26153F-E8CE-4646-8064-EE3E60B6F897}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{EEC972D9-BDD4-4C67-8A28-8D3EBC41B2A6}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{EFCB7595-D4D8-41DD-870E-3D3C0C727154}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F2B5BCCF-655A-4FE5-B3FA-A4AA60AB7158}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{FB9BECA6-FCD5-4EF0-B9A9-BA3219479ECA}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{FCA29D2E-0657-4B0F-A429-A66B0118EC91}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{FE2A9B5F-5247-459F-BC8F-11923953072B}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"TCP Query User{B30E1339-3C25-425E-9865-C818FAD6E24C}C:\programdata\autobahn\mlb-nexdef-autobahn.exe" = protocol=6 | dir=in | app=c:\programdata\autobahn\mlb-nexdef-autobahn.exe |
"UDP Query User{DC40B2A2-8995-46DB-81AA-0E18FAB082F7}C:\programdata\autobahn\mlb-nexdef-autobahn.exe" = protocol=17 | dir=in | app=c:\programdata\autobahn\mlb-nexdef-autobahn.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}" = Notifier
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{03EDED24-8375-407D-A721-4643D9768BE1}" = kgchlwn
"{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP160" = Canon MP160
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP180" = Canon MP180
"{11F3F858-4131-4FFA-A560-3FE282933B6E}" = kgchday
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{154508C0-07C5-4659-A7A0-E49968750D21}" = HLPPDOCK
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for TOSHIBA
"{25613C10-27D2-410B-942B-D922D5C3A7BE}" = Interlok driver setup x32
"{2727FBEF-3155-11D4-8F73-0050DA0F6297}" = The Sims Livin' Large
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java™ SE Runtime Environment 6
"{3CA39B0C-BA85-4D42-AC0F-1FF5F60C3353}" = OTtBPSDK
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{425A2BC2-AA64-4107-9C29-484245BBEA05}" = TOSHIBA Software Upgrades
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{56DF5C9E-6392-46D3-B366-297B14E1DAAF}" = Bonjour Core for Windows
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5F00DF7E-418B-4CD9-8EC5-781156BCC49E}" = Microsoft Money Shared Libraries
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{693C08A7-9E76-43FF-B11E-9A58175474C4}" = kgckids
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{87843A41-7808-4F2E-B13F-25C1E67CF2FD}" = ESShelp
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A8664E1-84C8-4936-891C-BC1F07797549}" = kgcvday
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90300409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9BD54685-1496-46A5-AB62-357CD140ED8B}" = kgcinvt
"{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}" = ESScore
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A1588373-1D86-4D44-86C9-78ABD190F9CC}" = kgcmove
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}" = KSU
"{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree
"{C53D16CC-E56F-47B8-906E-70AAF8EABB4F}" = Toshiba Registration
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D1973749-F5E7-40EB-B528-F2B78685B9FF}" = essvcpt
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{E18B549C-5D15-45DA-8D8F-8FD2BD946344}" = kgcbaby
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C}" = OTtBP
"{F7B05784-334C-4F76-8BAB-30ABEB7FD534}" = TIPCI
"{F958CA02-BB40-4007-894B-258729456EE4}" = QuickTime
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FDF9943A-3D5C-46B3-9679-586BD237DDEE}" = SKIN0001
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Age of Empires 2.0" = Microsoft Age of Empires II
"Agere Systems Soft Modem" = TOSHIBA Software Modem
"AIM_6" = AIM 6
"Autobahn" = MLB.TV NexDef Plug-in
"CanonMyPrinter" = Canon My Printer
"Creative Live! Central 2" = Creative Live! Central 2
"Creative VF0415" = Creative Live! Cam Video IM Ultra (VF0415) (1.01.03.00)
"Desktop Dialer" = Desktop Dialer
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-WebPrint" = Easy-WebPrint
"ENTERPRISE" = Microsoft Office Enterprise 2007
"HDMI" = Intel® Graphics Media Accelerator Driver
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for TOSHIBA
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{F7B05784-334C-4F76-8BAB-30ABEB7FD534}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Press Interactive Training" = Microsoft Interactive Training
"Money2007b" = Microsoft Money Essentials
"MP Navigator 3.0" = Canon MP Navigator 3.0
"N360" = Norton Security Suite
"Network Play System (Patching)" = Network Play System (Patching)
"Rhapsody" = Rhapsody
"Ruckus Player" = Ruckus Player
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SysInfo" = Creative System Information
"TOSHIBA Game Console" = TOSHIBA Game Console
"TOSHIBA Media Center Game Console" = TOSHIBA Media Center Game Console
"ViewpointMediaPlayer" = Viewpoint Media Player
"WT015736" = FATE
"WT015800" = Blasterball 3
"WT015802" = Bejeweled 2 Deluxe
"WT015803" = Blackhawk Striker 2
"WT015804" = Chuzzle Deluxe
"WT015805" = JEOPARDY
"WT015806" = Penguins!
"WT015809" = SCRABBLE
"Yahoo! Music Engine" = Yahoo! Music Jukebox

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/29/2009 10:55:36 PM | Computer Name = David-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 11/30/2009 4:01:15 AM | Computer Name = David-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description =

Error - 12/1/2009 10:04:37 PM | Computer Name = David-PC | Source = Application Error | ID = 1000
Description = Faulting application mdm.exe, version 7.0.9064.9150, time stamp 0x3a96365f,
faulting module mdm.exe, version 7.0.9064.9150, time stamp 0x3a96365f, exception
code 0xc0000005, fault offset 0x00023717, process id 0x610, application start time
0x01ca7195fc45e52d.

Error - 12/3/2009 3:01:00 PM | Computer Name = David-PC | Source = Application Error | ID = 1000
Description = Faulting application mdm.exe, version 7.0.9064.9150, time stamp 0x3a96365f,
faulting module mdm.exe, version 7.0.9064.9150, time stamp 0x3a96365f, exception
code 0xc0000005, fault offset 0x00023717, process id 0x1d00, application start time
0x01ca730c23b6c1f0.

Error - 12/16/2009 3:45:45 AM | Computer Name = David-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 7.0.6000.16945 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1204 Start Time: 01ca7e151ea5ae60 Termination Time: 16

Error - 12/22/2009 3:22:19 PM | Computer Name = David-PC | Source = Application Hang | ID = 1002
Description = The program JEOPARDY!.exe version 1.0.0.1 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: c9c Start Time: 01ca833b2f8d10f3 Termination Time: 1082

Error - 12/22/2009 7:53:21 PM | Computer Name = David-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6000.16945, time stamp
0x4ae6e731, faulting module Flash10b.ocx, version 10.0.22.87, time stamp 0x4987a6c3,
exception code 0xc0000005, fault offset 0x0000fcbc, process id 0x74c, application
start time 0x01ca835b0b4ef150.

Error - 12/27/2009 11:21:43 PM | Computer Name = David-PC | Source = VSS | ID = 8194
Description =

Error - 12/29/2009 9:04:58 PM | Computer Name = David-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6000.16945, time stamp
0x4ae6e731, faulting module mshtml.dll, version 7.0.6000.16945, time stamp 0x4ae70c16,
exception code 0xc0000005, fault offset 0x000b741e, process id 0x9dc, application
start time 0x01ca88ebcbed0240.

Error - 1/11/2010 3:34:22 PM | Computer Name = David-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6000.16945, time stamp
0x4ae6e731, faulting module mshtml.dll, version 7.0.6000.16945, time stamp 0x4ae70c16,
exception code 0xc0000005, fault offset 0x000b741e, process id 0x14f4, application
start time 0x01ca92f4b9f22490.

[ Media Center Events ]
Error - 4/16/2008 8:37:17 PM | Computer Name = David-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 5/27/2008 1:35:03 PM | Computer Name = David-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 6/2/2008 12:40:35 PM | Computer Name = David-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 7/23/2009 1:37:35 AM | Computer Name = David-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 10/7/2009 2:16:17 PM | Computer Name = David-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 10/7/2009 4:14:50 PM | Computer Name = David-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 10/15/2009 3:30:49 PM | Computer Name = David-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 11/19/2009 2:37:06 PM | Computer Name = David-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 1/10/2010 7:13:48 PM | Computer Name = David-PC | Source = MCUpdate | ID = 0
Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
due to an abandoned mutex.'.

Error - 2/14/2010 12:37:15 AM | Computer Name = David-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

[ OSession Events ]
Error - 6/5/2007 5:24:19 PM | Computer Name = David-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2067
seconds with 1260 seconds of active time. This session ended with a crash.

Error - 6/25/2007 10:00:18 PM | Computer Name = David-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 15924
seconds with 2880 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 4/10/2010 11:05:24 AM | Computer Name = David-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 4/10/2010 11:05:24 AM | Computer Name = David-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 4/10/2010 11:05:24 AM | Computer Name = David-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 4/10/2010 11:05:24 AM | Computer Name = David-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 4/10/2010 11:05:24 AM | Computer Name = David-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 4/10/2010 11:05:24 AM | Computer Name = David-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 4/10/2010 11:19:07 AM | Computer Name = David-PC | Source = HTTP | ID = 15016
Description =

Error - 4/10/2010 11:20:36 AM | Computer Name = David-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 4/10/2010 12:10:34 PM | Computer Name = David-PC | Source = HTTP | ID = 15016
Description =

Error - 4/10/2010 12:11:50 PM | Computer Name = David-PC | Source = Service Control Manager | ID = 7026
Description =


< End of report >

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP