Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

What type of virus/hidden malware is this?

Started by goldenscarab , Jun 20 2010 01:24 PM

  • Please log in to reply

#1
goldenscarab
Posted 20 June 2010 - 01:24 PM

goldenscarab

    Member

  • Member
  • PipPip
  • 16 posts
Hello,

I am running Windows Vista 32-bit. I think my computer was infected sometime in the past couple of weeks; up until then, it was running fine.

I don't know what virus/malware this might be, but I can describe it.

Edit: TFC helped with some of the problem. The administrator account logs on successfully, but when looking through computer files a few popups come up saying that [the administrator] does not have permission to access those files; another popup comes up saying that settings.ini is being used by another process.

On most other normal users, logon is not possible; instead a message comes up saying that the User Profile Service has failed. There is only one normal user account that boots normally, except that a few desktop icons such as AIM and Firefox do not work.

This may or may not be related as well, but Adobe Flash player only works in Safe Mode; in normal mode no matter how many times it is downloaded and run, flash content (such as that needed to type in a CAPTCHA for a secure site) does not work.

Kaspersky detected two different threats: Exploit.Java.Agent.f and HEUR: Trojan.Win32.Generic. After the scan in which those were detected, Kaspersky has detected nothing else. Avast has found nothing.

Any help would be appreciated. Here are the MBAM and OTL logs (GMER crashed my computer.


Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4219

Windows 6.0.6002 Service Pack 2 (Safe Mode)
Internet Explorer 8.0.6001.18928

6/20/2010 11:49:32 AM
mbam-log-2010-06-20 (11-49-32).txt

Scan type: Quick scan
Objects scanned: 169262
Time elapsed: 5 minute(s), 1 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


OTL logfile created on: 6/20/2010 11:59:25 AM - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\Joel\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 82.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 95.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 361.78 Gb Total Space | 170.71 Gb Free Space | 47.19% Space Free | Partition Type: NTFS
Drive D: | 10.83 Gb Total Space | 2.96 Gb Free Space | 27.35% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: GATEWAY-PC
Current User Name: Joel
Logged in as Administrator.

Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/06/20 11:58:13 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Joel\Desktop\OTL.exe
PRC - [2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (SafeList) ==========

MOD - [2010/06/20 11:58:13 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Joel\Desktop\OTL.exe
MOD - [2009/04/10 23:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008/01/19 00:33:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - [2010/05/06 13:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/05/06 13:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/05/06 13:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/13 10:37:37 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/03/13 10:35:35 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/01/15 05:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/10/20 20:39:28 | 000,340,456 | ---- | M] (Kaspersky Lab) [Auto | Stopped] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -- (AVP)
SRV - [2009/09/26 07:35:02 | 000,819,600 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE -- (cvhsvc)
SRV - [2009/09/26 04:28:22 | 004,639,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009/09/24 18:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/09/23 15:04:56 | 000,203,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2009/09/23 15:04:52 | 000,447,832 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2009/04/30 16:01:10 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008/05/23 05:58:34 | 000,594,600 | ---- | M] ( ) [Auto | Stopped] -- C:\Windows\System32\lxducoms.exe -- (lxdu_device)
SRV - [2008/05/23 05:58:22 | 000,098,984 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxduserv.exe -- (lxduCATSCustConnectService)
SRV - [2008/01/19 00:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/04/13 08:49:00 | 000,101,528 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)


========== Driver Services (SafeList) ==========

DRV - [2010/06/13 19:50:52 | 000,311,312 | ---- | M] (Kaspersky Lab) [File_System | System | Stopped] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2010/06/02 08:37:09 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/06/02 08:37:09 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/05/06 13:39:23 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/05/06 13:39:00 | 000,164,048 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/05/06 13:34:27 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/05/06 13:34:10 | 000,051,792 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010/05/06 13:33:47 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/03/13 10:35:35 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009/10/14 21:18:34 | 000,036,880 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\klbg.sys -- (klbg)
DRV - [2009/10/02 19:39:36 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009/09/23 15:04:56 | 000,021,848 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV - [2009/09/23 15:04:56 | 000,014,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Microsoft Application Virtualization Client\drivers\SftVollh.sys -- (sftvol)
DRV - [2009/09/23 15:04:54 | 000,190,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Microsoft Application Virtualization Client\drivers\sftplaylh.sys -- (sftplay)
DRV - [2009/09/23 15:04:50 | 000,543,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Microsoft Application Virtualization Client\drivers\SftFSlh.sys -- (sftfs)
DRV - [2009/09/14 14:46:36 | 000,021,520 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2009/09/01 15:29:50 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\kl1.sys -- (kl1)
DRV - [2009/04/30 23:03:08 | 006,754,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Logitech QuickCam S5500(UVC)
DRV - [2009/04/30 16:00:12 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/04/10 21:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/01/18 23:14:59 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2007/06/29 09:11:02 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/06/20 03:29:56 | 000,984,064 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2007/06/20 03:28:38 | 000,267,264 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2007/06/20 03:28:22 | 000,660,480 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2007/03/22 12:57:14 | 000,028,672 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\elagopro.sys -- (elagopro)
DRV - [2007/03/22 12:57:14 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\elaunidr.sys -- (elaunidr)
DRV - [2006/11/02 02:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 02:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 02:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 02:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 02:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 02:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 02:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 02:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 02:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 02:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 02:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 02:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 02:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 02:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 02:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 02:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 02:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 02:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 02:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 02:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 02:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 02:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 02:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 02:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 02:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 02:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 02:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 02:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 02:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 02:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 02:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 02:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 02:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/02 02:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 02:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 01:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 01:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 01:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 01:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 01:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 01:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 00:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 00:30:56 | 000,047,104 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006/11/02 00:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2006/10/18 19:10:57 | 001,380,864 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (ialm)
DRV - [2005/05/26 11:01:18 | 000,021,344 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 40 9A 25 9C B4 E7 CA 01 [binary data]
IE - HKCU\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.selectedEngine: "Yahoo! Search"
FF - prefs.js..browser.startup.homepage: "http://www.msn.com/"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.825
FF - prefs.js..extensions.enabledItems: avg@igeared:3.011.025.005
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..keyword.URL: "http://us.yhs.search...2-tb-web_us&p="


FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/06/02 19:17:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared [2009/12/17 03:05:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/18 08:18:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/03 09:49:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [2010/06/13 19:30:49 | 000,000,000 | ---D | M]

[2009/09/02 03:14:27 | 000,000,000 | ---D | M] -- C:\Users\Joel\AppData\Roaming\Mozilla\Extensions
[2010/06/17 21:11:33 | 000,000,000 | ---D | M] -- C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\2qrgmtut.default\extensions
[2010/06/17 21:10:56 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\2qrgmtut.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/06/17 21:11:33 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/08 02:50:00 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/04/29 10:05:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/06/13 19:34:29 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2006/09/18 14:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (ALOT Toolbar Helper) - {14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} - C:\Program Files\alot\bin\BHO\alotBHO.dll File not found
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (Lexmark Printable Web) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [avp] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [Lexmark 5600-6600 Series Fax Server] C:\Program Files\Lexmark 5600-6600 Series\fm3032.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [lxduamon] C:\Program Files\Lexmark 5600-6600 Series\lxduamon.exe ()
O4 - HKLM..\Run: [lxdumon.exe] C:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe ()
O4 - HKLM..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Aim] C:\Program Files\AIM\aim.exe (AOL Inc.)
O4 - HKCU..\Run: [EasyLinkAdvisor] C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe (Linksys, a Division of Cisco Systems, Inc.)
O4 - HKCU..\Run: [Logitech Vid] C:\Program Files\Logitech\Logitech Vid\vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Joel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O9 - Extra Button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\kloehk.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img19.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img19.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2004/04/30 17:01:00 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{302539fc-9772-11de-ab48-001bb9fb79cb}\Shell - "" = AutoRun
O33 - MountPoints2\{302539fc-9772-11de-ab48-001bb9fb79cb}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -- File not found
O33 - MountPoints2\K\Shell - "" = AutoRun
O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2009/09/12 08:46:25 | 000,000,000 | ---D | M]
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: aux - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: aux1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\Windows\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.imaadpcm - C:\Windows\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\Windows\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\Windows\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\Windows\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.siren - C:\Windows\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\System32\lvcodec2.dll (Logitech Inc.)
Drivers32: VIDC.IYUV - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - C:\Windows\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\Windows\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: VIDC.UYVY - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YUY2 - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVU9 - C:\Windows\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVYU - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\Windows\System32\msacm32.drv (Microsoft Corporation)

CREATERESTOREPOINT
Error creating restore point.

========== Files/Folders - Created Within 90 Days ==========

[2010/06/20 11:58:10 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Users\Joel\Desktop\OTL.exe
[2010/06/20 11:55:54 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/06/20 11:52:19 | 000,000,000 | ---D | C] -- C:\Users\Joel\Desktop\gmer
[2010/06/20 11:43:46 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/06/20 11:43:44 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/06/20 11:42:23 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/06/20 11:41:52 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/06/20 11:40:48 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\Joel\Desktop\erunt_setup.exe
[2010/06/20 11:32:26 | 000,444,416 | ---- | C] (OldTimer Tools) -- C:\Users\Joel\Desktop\TFC.exe
[2010/06/18 23:24:42 | 000,019,024 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010/06/18 23:24:37 | 000,164,048 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010/06/18 23:24:31 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010/06/18 23:24:05 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010/06/18 23:23:49 | 000,051,792 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2010/06/18 23:17:45 | 000,165,032 | ---- | C] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe
[2010/06/18 23:17:45 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\System32\avastSS.scr
[2010/06/18 22:42:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010/06/18 22:42:28 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/06/16 03:00:47 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2010/06/13 19:30:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010/06/13 19:30:01 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2010/06/13 19:28:31 | 000,311,312 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2010/06/13 19:26:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2010/06/13 12:51:23 | 000,000,000 | ---D | C] -- C:\Program Files\Exterminate It!
[2010/06/11 23:13:53 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/06/11 21:41:06 | 000,000,000 | ---D | C] -- C:\Users\Joel\AppData\Roaming\Malwarebytes
[2010/06/11 21:40:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/06/11 21:39:56 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/06/10 20:19:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010/06/10 20:19:50 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010/06/10 06:08:39 | 000,000,000 | ---D | C] -- C:\Scansoft
[2010/06/07 16:13:49 | 000,000,000 | ---D | C] -- C:\Program Files\AviSynth 2.5
[2010/05/28 22:01:37 | 000,000,000 | ---D | C] -- C:\Users\Joel\AppData\Roaming\acccore
[2010/05/28 22:01:24 | 000,000,000 | ---D | C] -- C:\Users\Joel\AppData\Local\AIM
[2010/05/28 22:01:22 | 000,000,000 | ---D | C] -- C:\Users\Joel\AppData\Local\AOL
[2010/05/28 22:00:49 | 000,000,000 | ---D | C] -- C:\ProgramData\AIM
[2010/05/28 22:00:42 | 000,000,000 | ---D | C] -- C:\Program Files\AIM
[2010/05/28 22:00:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Software Update Utility
[2010/05/28 22:00:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AOL
[2010/05/08 18:13:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010/05/08 18:13:31 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010/05/08 18:13:25 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2010/05/08 18:13:03 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010/05/08 18:08:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2010/05/02 17:50:44 | 000,000,000 | ---D | C] -- C:\ProgramData\VirtualizedApplications
[2010/05/02 15:45:02 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010/05/02 15:36:37 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\SoftGrid Client
[2010/05/02 15:35:10 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010/05/02 15:35:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010/05/02 15:35:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Application Virtualization Client
[2010/05/02 15:35:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010/05/02 14:38:12 | 000,258,536 | ---- | C] (ScreenTime Media) -- C:\Windows\System32\Datascroll.scr
[2010/05/02 14:38:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Screentime
[2010/05/02 14:38:09 | 000,000,000 | ---D | C] -- C:\Users\Joel\AppData\Local\Screentime
[2010/05/02 11:53:49 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/05/02 11:49:37 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/05/02 09:49:17 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2010/04/29 15:55:20 | 000,000,000 | ---D | C] -- C:\Users\Joel\Documents\Downloads
[2010/04/29 10:05:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/04/29 10:05:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/04/25 12:23:51 | 000,000,000 | ---D | C] -- C:\Users\Joel\AppData\Roaming\Nikon
[2010/04/25 11:47:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Bundle
[2010/04/25 11:31:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\muvee Technologies
[2010/04/25 11:30:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Nikon
[2010/04/25 11:30:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nikon
[2010/04/25 11:30:49 | 000,000,000 | ---D | C] -- C:\Program Files\Nikon
[2010/04/25 11:29:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Ultima_T15
[2010/04/25 11:29:55 | 000,000,000 | ---D | C] -- C:\ProgramData\EnterNHelp
[2010/04/25 11:29:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Automator
[2010/04/25 11:27:16 | 000,000,000 | ---D | C] -- C:\Program Files\ArcSoft
[2010/04/25 11:27:12 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/04/16 10:37:58 | 000,000,000 | ---D | C] -- C:\Users\Joel\AppData\Roaming\RenPy
[2010/04/16 10:04:38 | 000,000,000 | ---D | C] -- C:\Users\Joel\AppData\Roaming\Skype
[2010/04/08 02:49:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010/04/08 02:49:30 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010/04/08 02:49:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010/04/06 13:33:58 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/04/06 13:33:57 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/04/06 13:27:16 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2009/09/02 08:11:09 | 000,438,272 | ---- | C] ( ) -- C:\Windows\System32\LXDUhcp.dll
[2009/09/02 08:11:08 | 001,069,056 | ---- | C] ( ) -- C:\Windows\System32\lxduserv.dll
[2009/09/02 08:11:08 | 000,851,968 | ---- | C] ( ) -- C:\Windows\System32\lxduusb1.dll
[2009/09/02 08:11:08 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxduinpa.dll
[2009/09/02 08:11:08 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxduiesc.dll
[2009/09/02 08:11:07 | 000,651,264 | ---- | C] ( ) -- C:\Windows\System32\lxdupmui.dll
[2009/09/02 08:11:07 | 000,577,536 | ---- | C] ( ) -- C:\Windows\System32\lxdulmpm.dll
[2009/09/02 08:11:06 | 000,679,936 | ---- | C] ( ) -- C:\Windows\System32\lxduhbn3.dll
[2009/09/02 08:11:05 | 000,765,952 | ---- | C] ( ) -- C:\Windows\System32\lxducomc.dll
[2009/09/02 08:11:05 | 000,376,832 | ---- | C] ( ) -- C:\Windows\System32\lxducomm.dll
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/06/20 11:58:13 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Joel\Desktop\OTL.exe
[2010/06/20 11:56:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/06/20 11:55:41 | 180,767,808 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/06/20 11:52:42 | 002,097,152 | -HS- | M] () -- C:\Users\Joel\ntuser.dat
[2010/06/20 11:51:39 | 000,284,915 | ---- | M] () -- C:\Users\Joel\Desktop\gmer.zip
[2010/06/20 11:43:48 | 000,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/20 11:40:52 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\Joel\Desktop\erunt_setup.exe
[2010/06/20 11:32:28 | 000,444,416 | ---- | M] (OldTimer Tools) -- C:\Users\Joel\Desktop\TFC.exe
[2010/06/20 11:28:12 | 000,524,288 | -HS- | M] () -- C:\Users\Joel\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/06/20 11:28:12 | 000,065,536 | -HS- | M] () -- C:\Users\Joel\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/06/20 11:28:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/06/20 11:26:00 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{B02E12C7-9F6B-4850-9B5C-17B1A7091C3C}.job
[2010/06/20 11:16:04 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/06/20 11:16:02 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/06/20 11:15:56 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/06/20 11:15:55 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/06/20 11:15:38 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs
[2010/06/20 10:52:01 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1060362737-3707615560-569737326-1004UA.job
[2010/06/19 21:31:41 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1060362737-3707615560-569737326-1003UA.job
[2010/06/19 21:31:21 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1060362737-3707615560-569737326-1003Core.job
[2010/06/19 21:25:38 | 061,233,053 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/06/19 17:08:13 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1060362737-3707615560-569737326-1002UA.job
[2010/06/19 16:15:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1060362737-3707615560-569737326-1000UA.job
[2010/06/19 10:15:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1060362737-3707615560-569737326-1000Core.job
[2010/06/18 23:25:06 | 000,001,840 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010/06/18 23:23:49 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010/06/18 08:18:09 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2010/06/17 14:04:18 | 000,002,231 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/06/17 13:12:20 | 000,005,120 | ---- | M] () -- C:\Users\Joel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/17 13:07:47 | 000,000,680 | ---- | M] () -- C:\Users\Joel\AppData\Local\d3d9caps.dat
[2010/06/16 21:52:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1060362737-3707615560-569737326-1004Core.job
[2010/06/16 21:46:01 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1060362737-3707615560-569737326-1002Core.job
[2010/06/16 18:11:16 | 000,000,036 | ---- | M] () -- C:\Users\Joel\AppData\Local\housecall.guid.cache
[2010/06/15 21:44:26 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/06/14 14:51:59 | 000,002,487 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/06/14 14:51:55 | 000,002,463 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2010/06/13 19:50:52 | 000,311,312 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2010/06/13 19:50:49 | 000,113,933 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat
[2010/06/13 19:50:49 | 000,097,549 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat
[2010/06/13 12:52:25 | 000,000,878 | ---- | M] () -- C:\Users\Public\Desktop\Exterminate It!.lnk
[2010/06/12 18:57:36 | 000,704,314 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/06/12 18:57:36 | 000,604,218 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/06/12 18:57:36 | 000,105,020 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/06/12 03:21:16 | 000,823,408 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/06/08 06:19:47 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLdu.DAT
[2010/06/03 09:49:03 | 000,002,037 | ---- | M] () -- C:\Users\Joel\Desktop\Google Chrome.lnk
[2010/06/02 08:37:09 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010/06/02 08:37:09 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2010/05/28 22:01:20 | 000,000,362 | -H-- | M] () -- C:\IPH.PH
[2010/05/28 22:00:47 | 000,001,696 | ---- | M] () -- C:\Users\Public\Desktop\AIM.lnk
[2010/05/06 13:59:57 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\Windows\System32\avastSS.scr
[2010/05/06 13:59:36 | 000,165,032 | ---- | M] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe
[2010/05/06 13:39:23 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010/05/06 13:39:00 | 000,164,048 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010/05/06 13:34:27 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010/05/06 13:34:10 | 000,051,792 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2010/05/06 13:33:47 | 000,019,024 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010/05/02 14:38:12 | 000,258,536 | ---- | M] (ScreenTime Media) -- C:\Windows\System32\Datascroll.scr
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/04/29 10:04:46 | 000,000,947 | ---- | M] () -- C:\Users\Joel\Desktop\Open.Excel.lnk
[2010/04/29 10:04:15 | 000,000,971 | ---- | M] () -- C:\Users\Joel\Desktop\OpenWord.lnk
[2010/04/25 12:22:51 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLdw.DAT
[2010/04/25 11:47:13 | 000,000,268 | RH-- | M] () -- C:\ProgramData\Drum Kits
[2010/04/25 11:47:13 | 000,000,268 | RH-- | M] () -- C:\Users\Joel\AppData\Roaming\Displays
[2010/04/25 11:29:55 | 000,000,268 | RH-- | M] () -- C:\ProgramData\Documentation
[2010/04/25 11:29:55 | 000,000,268 | RH-- | M] () -- C:\Users\Joel\AppData\Roaming\Digital Mono
[2010/04/16 10:03:30 | 000,265,664 | ---- | M] () -- C:\Users\Joel\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/04/08 02:55:22 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010/03/22 20:32:19 | 000,001,990 | ---- | M] () -- C:\Users\Public\Desktop\Logitech Webcam Software.lnk
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/06/20 11:55:41 | 180,767,808 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/06/20 11:51:37 | 000,284,915 | ---- | C] () -- C:\Users\Joel\Desktop\gmer.zip
[2010/06/20 11:43:48 | 000,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/18 23:25:06 | 000,001,840 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010/06/18 08:18:09 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/06/16 18:11:16 | 000,000,036 | ---- | C] () -- C:\Users\Joel\AppData\Local\housecall.guid.cache
[2010/06/13 19:34:13 | 000,113,933 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2010/06/13 19:34:13 | 000,097,549 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2010/06/13 12:52:25 | 000,000,878 | ---- | C] () -- C:\Users\Public\Desktop\Exterminate It!.lnk
[2010/06/10 05:59:51 | 000,000,680 | ---- | C] () -- C:\Users\Joel\AppData\Local\d3d9caps.dat
[2010/06/03 09:49:25 | 000,001,887 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/05/28 22:00:47 | 000,001,696 | ---- | C] () -- C:\Users\Public\Desktop\AIM.lnk
[2010/05/28 22:00:03 | 000,000,362 | -H-- | C] () -- C:\IPH.PH
[2010/05/22 21:47:45 | 000,000,916 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1060362737-3707615560-569737326-1004UA.job
[2010/05/22 21:47:44 | 000,000,864 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1060362737-3707615560-569737326-1004Core.job
[2010/05/02 11:54:30 | 000,002,231 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/04/29 10:13:11 | 000,002,037 | ---- | C] () -- C:\Users\Joel\Desktop\Google Chrome.lnk
[2010/04/29 10:10:26 | 000,000,904 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1060362737-3707615560-569737326-1000UA.job
[2010/04/29 10:10:24 | 000,000,852 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1060362737-3707615560-569737326-1000Core.job
[2010/04/29 10:04:46 | 000,000,947 | ---- | C] () -- C:\Users\Joel\Desktop\Open.Excel.lnk
[2010/04/29 10:04:15 | 000,000,971 | ---- | C] () -- C:\Users\Joel\Desktop\OpenWord.lnk
[2010/04/25 11:47:13 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Drum Kits
[2010/04/25 11:47:13 | 000,000,268 | RH-- | C] () -- C:\Users\Joel\AppData\Roaming\Displays
[2010/04/25 11:47:12 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdw.DAT
[2010/04/25 11:29:55 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Documentation
[2010/04/25 11:29:55 | 000,000,268 | RH-- | C] () -- C:\Users\Joel\AppData\Roaming\Digital Mono
[2010/04/25 11:29:55 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2010/04/08 02:55:22 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/04/08 02:49:31 | 000,002,487 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/03/22 20:32:19 | 000,001,990 | ---- | C] () -- C:\Users\Public\Desktop\Logitech Webcam Software.lnk
[2009/09/12 15:46:12 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/02 08:18:34 | 000,360,448 | ---- | C] () -- C:\Windows\System32\lxducoin.dll
[2009/09/02 08:16:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxduvs.dll
[2009/09/02 08:15:22 | 001,036,288 | ---- | C] () -- C:\Windows\System32\lxdudrs.dll
[2009/09/02 08:15:22 | 000,081,920 | ---- | C] () -- C:\Windows\System32\lxducaps.dll
[2009/09/02 08:15:22 | 000,069,632 | ---- | C] () -- C:\Windows\System32\lxducnv4.dll
[2009/09/02 08:15:05 | 000,045,056 | ---- | C] () -- C:\Windows\System32\LXDUPMON.DLL
[2009/09/02 08:15:05 | 000,032,768 | ---- | C] () -- C:\Windows\System32\LXDUFXPU.DLL
[2009/09/02 08:14:45 | 000,086,016 | ---- | C] () -- C:\Windows\System32\lxduoem.dll
[2009/09/02 08:12:44 | 000,000,044 | ---- | C] () -- C:\Windows\System32\lxdurwrd.ini
[2009/09/02 08:11:09 | 000,389,120 | ---- | C] () -- C:\Windows\System32\LXDUinst.dll
[2009/09/02 08:11:06 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxdugrd.dll
[2009/09/02 08:03:36 | 000,000,412 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2009/05/08 10:13:04 | 000,013,584 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2009/04/30 22:39:36 | 000,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2009/04/30 16:00:12 | 000,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2006/11/02 05:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 03:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/11/02 00:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== LOP Check ==========

[2009/09/02 08:25:36 | 000,000,000 | ---D | M] -- C:\Users\Joel\AppData\Roaming\5600-6600 Series
[2010/05/28 22:02:04 | 000,000,000 | ---D | M] -- C:\Users\Joel\AppData\Roaming\acccore
[2009/10/31 01:22:58 | 000,000,000 | ---D | M] -- C:\Users\Joel\AppData\Roaming\Lexmark Productivity Studio
[2010/04/25 12:23:51 | 000,000,000 | ---D | M] -- C:\Users\Joel\AppData\Roaming\Nikon
[2009/09/25 11:12:03 | 000,000,000 | ---D | M] -- C:\Users\Joel\AppData\Roaming\OpenOffice.org
[2010/04/16 10:37:59 | 000,000,000 | ---D | M] -- C:\Users\Joel\AppData\Roaming\RenPy
[2009/09/02 08:03:12 | 000,000,000 | ---D | M] -- C:\Users\Joel\AppData\Roaming\ScanSoft
[2010/06/19 17:13:47 | 000,032,598 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/06/20 11:26:00 | 000,000,416 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{B02E12C7-9F6B-4850-9B5C-17B1A7091C3C}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2006/09/18 14:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/04/10 23:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2009/09/01 19:23:23 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2006/09/18 14:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2010/05/28 22:01:20 | 000,000,362 | -H-- | M] () -- C:\IPH.PH
[2009/09/01 18:39:06 | 000,000,010 | ---- | M] () -- C:\MOVE_RECOVERY
[2010/06/20 11:55:41 | 2452,439,040 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2007/03/18 20:00:00 | 000,027,136 | ---- | M] (CANON INC.) -- C:\Windows\System32\spool\prtprocs\w32x86\CNMPD8S.DLL
[2007/03/18 20:00:00 | 000,069,632 | ---- | M] (CANON INC.) -- C:\Windows\System32\spool\prtprocs\w32x86\CNMPP8S.DLL
[2006/11/02 05:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2008/05/23 05:17:14 | 000,121,856 | ---- | M] () -- C:\Windows\System32\spool\prtprocs\w32x86\lxdudrpp.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2006/11/02 03:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006/11/02 03:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006/11/02 03:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 03:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 03:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\user32.dll /md5 >
[2009/04/10 23:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\System32\user32.dll

< %systemroot%\system32\ws2_32.dll /md5 >
[2008/01/19 00:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\System32\ws2_32.dll
< End of report >
PRC - [2010/06/20 11:58:13 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Joel\Desktop\OTL.exe
PRC - [2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (SafeList) ==========

MOD - [2010/06/20 11:58:13 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Joel\Desktop\OTL.exe
MOD - [2010/03/05 07:01:02 | 000,420,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
MOD - [2009/10/29 11:05:41 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985
d\msvcr80.dll
MOD - [2009/10/20 20:35:08 | 000,154,128 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\scrchpg.dll
MOD - [2009/10/20 20:34:54 | 000,033,808 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klscav.dll
MOD - [2009/04/10 23:28:25 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmiutils.dll
MOD - [2009/04/10 23:28:25 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemsvc.dll
MOD - [2009/04/10 23:28:25 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemprox.dll
MOD - [2009/04/10 23:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\fastprox.dll
MOD - [2009/04/10 23:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll
MOD - [2009/04/10 23:21:38 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396
ca17ae07\GdiPlus.dll
MOD - [2009/04/10 23:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008/01/19 00:36:49 | 000,188,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemdisp.dll
MOD - [2008/01/19 00:36:48 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll
MOD - [2008/01/19 00:36:37 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sxs.dll
MOD - [2008/01/19 00:33:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - [2010/05/06 13:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/05/06 13:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/05/06 13:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/13 10:37:37 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/03/13 10:35:35 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/01/15 05:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/10/20 20:39:28 | 000,340,456 | ---- | M] (Kaspersky Lab) [Auto | Stopped] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -- (AVP)
SRV - [2009/09/26 07:35:02 | 000,819,600 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE -- (cvhsvc)
SRV - [2009/09/26 04:28:22 | 004,639,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009/09/24 18:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/09/23 15:04:56 | 000,203,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2009/09/23 15:04:52 | 000,447,832 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2009/04/30 16:01:10 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008/05/23 05:58:34 | 000,594,600 | ---- | M] ( ) [Auto | Stopped] -- C:\Windows\System32\lxducoms.exe -- (lxdu_device)
SRV - [2008/05/23 05:58:22 | 000,098,984 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxduserv.exe -- (lxduCATSCustConnectService)
SRV - [2008/01/19 00:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/04/13 08:49:00 | 000,101,528 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)


========== Driver Services (SafeList) ==========

DRV - [2010/06/13 19:50:52 | 000,311,312 | ---- | M] (Kaspersky Lab) [File_System | System | Stopped] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2010/06/02 08:37:09 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/06/02 08:37:09 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/05/06 13:39:23 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/05/06 13:39:00 | 000,164,048 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/05/06 13:34:27 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/05/06 13:34:10 | 000,051,792 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010/05/06 13:33:47 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/03/13 10:35:35 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009/10/14 21:18:34 | 000,036,880 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\klbg.sys -- (klbg)
DRV - [2009/10/02 19:39:36 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009/09/23 15:04:56 | 000,021,848 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV - [2009/09/23 15:04:56 | 000,014,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Microsoft Application Virtualization Client\drivers\SftVollh.sys -- (sftvol)
DRV - [2009/09/23 15:04:54 | 000,190,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Microsoft Application Virtualization Client\drivers\sftplaylh.sys -- (sftplay)
DRV - [2009/09/23 15:04:50 | 000,543,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Microsoft Application Virtualization Client\drivers\SftFSlh.sys -- (sftfs)
DRV - [2009/09/14 14:46:36 | 000,021,520 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2009/09/01 15:29:50 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\kl1.sys -- (kl1)
DRV - [2009/04/30 23:03:08 | 006,754,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Logitech QuickCam S5500(UVC)
DRV - [2009/04/30 16:00:12 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/04/10 21:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/01/18 23:14:59 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2007/06/29 09:11:02 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/06/20 03:29:56 | 000,984,064 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2007/06/20 03:28:38 | 000,267,264 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2007/06/20 03:28:22 | 000,660,480 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2007/03/22 12:57:14 | 000,028,672 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\elagopro.sys -- (elagopro)
DRV - [2007/03/22 12:57:14 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\elaunidr.sys -- (elaunidr)
DRV - [2006/11/02 02:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 02:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 02:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 02:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 02:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 02:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 02:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 02:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 02:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 02:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 02:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 02:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 02:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 02:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 02:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 02:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 02:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 02:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 02:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 02:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 02:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 02:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 02:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 02:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 02:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 02:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 02:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 02:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 02:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 02:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 02:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 02:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 02:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/02 02:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 02:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 01:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 01:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 01:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 01:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 01:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 01:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 00:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 00:30:56 | 000,047,104 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006/11/02 00:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2006/10/18 19:10:57 | 001,380,864 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (ialm)
DRV - [2005/05/26 11:01:18 | 000,021,344 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 40 9A 25 9C B4 E7 CA 01 [binary data]
IE - HKCU\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.selectedEngine: "Yahoo! Search"
FF - prefs.js..browser.startup.homepage: "http://www.msn.com/"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.825
FF - prefs.js..extensions.enabledItems: avg@igeared:3.011.025.005
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..keyword.URL: "http://us.yhs.search...2-tb-web_us&p="


FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/06/02 19:17:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared [2009/12/17 03:05:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/18 08:18:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/03 09:49:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [2010/06/13 19:30:49 | 000,000,000 | ---D | M]

[2009/09/02 03:14:27 | 000,000,000 | ---D | M] -- C:\Users\Joel\AppData\Roaming\Mozilla\Extensions
[2010/06/17 21:11:33 | 000,000,000 | ---D | M] -- C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\2qrgmtut.default\extensions
[2010/06/17 21:10:56 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\2qrgmtut.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/06/17 21:11:33 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/08 02:50:00 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/04/29 10:05:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/06/13 19:34:29 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2006/09/18 14:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (ALOT Toolbar Helper) - {14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} - C:\Program Files\alot\bin\BHO\alotBHO.dll File not found
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (Lexmark Printable Web) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [avp] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [Lexmark 5600-6600 Series Fax Server] C:\Program Files\Lexmark 5600-6600 Series\fm3032.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [lxduamon] C:\Program Files\Lexmark 5600-6600 Series\lxduamon.exe ()
O4 - HKLM..\Run: [lxdumon.exe] C:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe ()
O4 - HKLM..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Aim] C:\Program Files\AIM\aim.exe (AOL Inc.)
O4 - HKCU..\Run: [EasyLinkAdvisor] C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe (Linksys, a Division of Cisco Systems, Inc.)
O4 - HKCU..\Run: [Logitech Vid] C:\Program Files\Logitech\Logitech Vid\vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Joel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O9 - Extra Button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\kloehk.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img19.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img19.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2004/04/30 17:01:00 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{302539fc-9772-11de-ab48-001bb9fb79cb}\Shell - "" = AutoRun
O33 - MountPoints2\{302539fc-9772-11de-ab48-001bb9fb79cb}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -- File not found
O33 - MountPoints2\K\Shell - "" = AutoRun
O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/06/20 11:58:10 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Users\Joel\Desktop\OTL.exe
[2010/06/20 11:55:54 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/06/20 11:52:19 | 000,000,000 | ---D | C] -- C:\Users\Joel\Desktop\gmer
[2010/06/20 11:43:46 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/06/20 11:43:44 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/06/20 11:42:23 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/06/20 11:41:52 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/06/20 11:40:48 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\Joel\Desktop\erunt_setup.exe
[2010/06/20 11:32:26 | 000,444,416 | ---- | C] (OldTimer Tools) -- C:\Users\Joel\Desktop\TFC.exe
[2010/06/18 23:24:42 | 000,019,024 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010/06/18 23:24:37 | 000,164,048 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010/06/18 23:24:31 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010/06/18 23:24:05 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010/06/18 23:23:49 | 000,051,792 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2010/06/18 23:17:45 | 000,165,032 | ---- | C] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe
[2010/06/18 23:17:45 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\System32\avastSS.scr
[2010/06/18 22:42:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010/06/18 22:42:28 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/06/16 03:00:47 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2010/06/13 19:30:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010/06/13 19:30:01 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2010/06/13 19:28:31 | 000,311,312 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2010/06/13 19:26:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2010/06/13 12:51:23 | 000,000,000 | ---D | C] -- C:\Program Files\Exterminate It!
[2010/06/12 01:54:07 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2010/06/12 01:53:42 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010/06/12 01:53:42 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010/06/12 01:52:36 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010/06/12 01:52:33 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010/06/12 01:52:32 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010/06/12 01:52:32 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010/06/12 01:52:32 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010/06/12 01:52:21 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010/06/12 01:52:18 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/06/12 01:52:16 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/06/12 01:52:16 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010/06/12 01:52:16 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010/06/12 01:52:15 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/06/12 01:52:14 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/06/12 01:52:10 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/06/12 01:52:09 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010/06/12 01:52:08 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/06/12 01:50:25 | 002,037,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010/06/11 23:13:53 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/06/11 21:41:06 | 000,000,000 | ---D | C] -- C:\Users\Joel\AppData\Roaming\Malwarebytes
[2010/06/11 21:40:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/06/11 21:39:56 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/06/10 20:19:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010/06/10 20:19:50 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010/06/10 06:08:39 | 000,000,000 | ---D | C] -- C:\Scansoft
[2010/06/07 16:13:49 | 000,000,000 | ---D | C] -- C:\Program Files\AviSynth 2.5
[2010/05/28 22:01:37 | 000,000,000 | ---D | C] -- C:\Users\Joel\AppData\Roaming\acccore
[2010/05/28 22:01:24 | 000,000,000 | ---D | C] -- C:\Users\Joel\AppData\Local\AIM
[2010/05/28 22:01:22 | 000,000,000 | ---D | C] -- C:\Users\Joel\AppData\Local\AOL
[2010/05/28 22:00:49 | 000,000,000 | ---D | C] -- C:\ProgramData\AIM
[2010/05/28 22:00:42 | 000,000,000 | ---D | C] -- C:\Program Files\AIM
[2010/05/28 22:00:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Software Update Utility
[2010/05/28 22:00:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AOL
[2010/05/25 19:12:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010/05/08 18:13:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010/05/08 18:13:25 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2010/05/08 18:13:03 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010/05/08 18:08:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2010/05/02 17:50:44 | 000,000,000 | ---D | C] -- C:\ProgramData\VirtualizedApplications
[2010/05/02 15:35:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010/05/02 15:35:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Application Virtualization Client
[2010/05/02 15:35:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010/05/02 14:38:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Screentime
[2010/05/02 14:38:09 | 000,000,000 | ---D | C] -- C:\Users\Joel\AppData\Local\Screentime
[2010/05/02 11:53:49 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/05/02 11:49:37 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/05/02 09:49:17 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2010/04/29 10:05:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/04/29 10:05:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/04/25 12:23:51 | 000,000,000 | ---D | C] -- C:\Users\Joel\AppData\Roaming\Nikon
[2010/04/25 11:47:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Bundle
[2010/04/25 11:31:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\muvee Technologies
[2010/04/25 11:30:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Nikon
[2010/04/25 11:30:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nikon
[2010/04/25 11:30:49 | 000,000,000 | ---D | C] -- C:\Program Files\Nikon
[2010/04/25 11:29:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Ultima_T15
[2010/04/25 11:29:55 | 000,000,000 | ---D | C] -- C:\ProgramData\EnterNHelp
[2010/04/25 11:29:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Automator
[2010/04/25 11:27:16 | 000,000,000 | ---D | C] -- C:\Program Files\ArcSoft
[2010/04/25 11:27:12 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/04/16 10:37:58 | 000,000,000 | ---D | C] -- C:\Users\Joel\AppData\Roaming\RenPy
[2010/04/16 10:04:38 | 000,000,000 | ---D | C] -- C:\Users\Joel\AppData\Roaming\Skype
[2010/04/08 02:49:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010/04/08 02:49:30 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010/04/08 02:49:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010/04/06 13:33:58 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/04/06 13:33:57 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/04/06 13:27:16 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2009/09/02 08:11:09 | 000,438,272 | ---- | C] ( ) -- C:\Windows\System32\LXDUhcp.dll
[2009/09/02 08:11:08 | 001,069,056 | ---- | C] ( ) -- C:\Windows\System32\lxduserv.dll
[2009/09/02 08:11:08 | 000,851,968 | ---- | C] ( ) -- C:\Windows\System32\lxduusb1.dll
[2009/09/02 08:11:08 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxduinpa.dll
[2009/09/02 08:11:08 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxduiesc.dll
[2009/09/02 08:11:07 | 000,651,264 | ---- | C] ( ) -- C:\Windows\System32\lxdupmui.dll
[2009/09/02 08:11:07 | 000,577,536 | ---- | C] ( ) -- C:\Windows\System32\lxdulmpm.dll
[2009/09/02 08:11:06 | 000,679,936 | ---- | C] ( ) -- C:\Windows\System32\lxduhbn3.dll
[2009/09/02 08:11:05 | 000,765,952 | ---- | C] ( ) -- C:\Windows\System32\lxducomc.dll
[2009/09/02 08:11:05 | 000,376,832 | ---- | C] ( ) -- C:\Windows\System32\lxducomm.dll
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/06/20 11:58:13 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Joel\Desktop\OTL.exe
[2010/06/20 11:56:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/06/20 11:55:41 | 180,767,808 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/06/20 11:52:42 | 002,097,152 | -HS- | M] () -- C:\Users\Joel\ntuser.dat
[2010/06/20 11:51:39 | 000,284,915 | ---- | M] () -- C:\Users\Joel\Desktop\gmer.zip
[2010/06/20 11:43:48 | 000,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/20 11:40:52 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\Joel\Desktop\erunt_setup.exe
[2010/06/20 11:32:28 | 000,444,416 | ---- | M] (OldTimer Tools) -- C:\Users\Joel\Desktop\TFC.exe
[2010/06/20 11:28:12 | 000,524,288 | -HS- | M] () -- C:\Users\Joel\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/06/20 11:28:12 | 000,065,536 | -HS- | M] () -- C:\Users\Joel\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/06/20 11:28:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/06/20 11:26:00 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{B02E12C7-9F6B-4850-9B5C-17B1A7091C3C}.job
[2010/06/20 11:16:04 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/06/20 11:16:02 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/06/20 11:15:56 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/06/20 11:15:55 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/06/20 11:15:38 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs
[2010/06/20 10:52:01 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1060362737-3707615560-569737326-1004UA.job
[2010/06/19 21:31:41 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1060362737-3707615560-569737326-1003UA.job
[2010/06/19 21:31:21 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1060362737-3707615560-569737326-1003Core.job
[2010/06/19 21:25:38 | 061,233,053 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/06/19 17:08:13 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1060362737-3707615560-569737326-1002UA.job
[2010/06/19 16:15:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1060362737-3707615560-569737326-1000UA.job
[2010/06/19 10:15:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1060362737-3707615560-569737326-1000Core.job
[2010/06/18 23:25:06 | 000,001,840 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010/06/18 23:23:49 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010/06/18 08:18:09 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2010/06/17 14:04:18 | 000,002,231 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/06/17 13:12:20 | 000,005,120 | ---- | M] () -- C:\Users\Joel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/17 13:07:47 | 000,000,680 | ---- | M] () -- C:\Users\Joel\AppData\Local\d3d9caps.dat
[2010/06/16 21:52:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1060362737-3707615560-569737326-1004Core.job
[2010/06/16 21:46:01 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1060362737-3707615560-569737326-1002Core.job
[2010/06/16 18:11:16 | 000,000,036 | ---- | M] () -- C:\Users\Joel\AppData\Local\housecall.guid.cache
[2010/06/15 21:44:26 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/06/14 14:51:59 | 000,002,487 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/06/14 14:51:55 | 000,002,463 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2010/06/13 19:50:52 | 000,311,312 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2010/06/13 19:50:49 | 000,113,933 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat
[2010/06/13 19:50:49 | 000,097,549 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat
[2010/06/13 12:52:25 | 000,000,878 | ---- | M] () -- C:\Users\Public\Desktop\Exterminate It!.lnk
[2010/06/12 18:57:36 | 000,704,314 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/06/12 18:57:36 | 000,604,218 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/06/12 18:57:36 | 000,105,020 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/06/12 03:21:16 | 000,823,408 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/06/08 06:19:47 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLdu.DAT
[2010/06/03 09:49:03 | 000,002,037 | ---- | M] () -- C:\Users\Joel\Desktop\Google Chrome.lnk
[2010/06/02 08:37:09 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010/06/02 08:37:09 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2010/05/28 22:01:20 | 000,000,362 | -H-- | M] () -- C:\IPH.PH
[2010/05/28 22:00:47 | 000,001,696 | ---- | M] () -- C:\Users\Public\Desktop\AIM.lnk
[2010/05/26 10:06:41 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010/05/26 07:47:41 | 000,289,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010/05/21 14:14:28 | 000,221,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/06/20 11:55:41 | 180,767,808 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/06/20 11:51:37 | 000,284,915 | ---- | C] () -- C:\Users\Joel\Desktop\gmer.zip
[2010/06/20 11:43:48 | 000,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/18 23:25:06 | 000,001,840 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010/06/18 08:18:09 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/06/16 18:11:16 | 000,000,036 | ---- | C] () -- C:\Users\Joel\AppData\Local\housecall.guid.cache
[2010/06/13 19:34:13 | 000,113,933 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2010/06/13 19:34:13 | 000,097,549 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2010/06/13 12:52:25 | 000,000,878 | ---- | C] () -- C:\Users\Public\Desktop\Exterminate It!.lnk
[2010/06/10 05:59:51 | 000,000,680 | ---- | C] () -- C:\Users\Joel\AppData\Local\d3d9caps.dat
[2010/06/03 09:49:25 | 000,001,887 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/05/28 22:00:47 | 000,001,696 | ---- | C] () -- C:\Users\Public\Desktop\AIM.lnk
[2010/05/28 22:00:03 | 000,000,362 | -H-- | C] () -- C:\IPH.PH
[2010/05/22 21:47:45 | 000,000,916 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1060362737-3707615560-569737326-1004UA.job
[2010/05/22 21:47:44 | 000,000,864 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1060362737-3707615560-569737326-1004Core.job
[2010/04/25 11:47:13 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Drum Kits
[2010/04/25 11:47:13 | 000,000,268 | RH-- | C] () -- C:\Users\Joel\AppData\Roaming\Displays
[2010/04/25 11:47:12 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdw.DAT
[2010/04/25 11:29:55 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Documentation
[2010/04/25 11:29:55 | 000,000,268 | RH-- | C] () -- C:\Users\Joel\AppData\Roaming\Digital Mono
[2010/04/25 11:29:55 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2010/04/08 02:55:22 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/09/12 15:46:12 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/02 08:18:34 | 000,360,448 | ---- | C] () -- C:\Windows\System32\lxducoin.dll
[2009/09/02 08:16:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxduvs.dll
[2009/09/02 08:15:22 | 001,036,288 | ---- | C] () -- C:\Windows\System32\lxdudrs.dll
[2009/09/02 08:15:22 | 000,081,920 | ---- | C] () -- C:\Windows\System32\lxducaps.dll
[2009/09/02 08:15:22 | 000,069,632 | ---- | C] () -- C:\Windows\System32\lxducnv4.dll
[2009/09/02 08:15:05 | 000,045,056 | ---- | C] () -- C:\Windows\System32\LXDUPMON.DLL
[2009/09/02 08:15:05 | 000,032,768 | ---- | C] () -- C:\Windows\System32\LXDUFXPU.DLL
[2009/09/02 08:14:45 | 000,086,016 | ---- | C] () -- C:\Windows\System32\lxduoem.dll
[2009/09/02 08:12:44 | 000,000,044 | ---- | C] () -- C:\Windows\System32\lxdurwrd.ini
[2009/09/02 08:11:09 | 000,389,120 | ---- | C] () -- C:\Windows\System32\LXDUinst.dll
[2009/09/02 08:11:06 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxdugrd.dll
[2009/09/02 08:03:36 | 000,000,412 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2009/05/08 10:13:04 | 000,013,584 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2009/04/30 22:39:36 | 000,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2009/04/30 16:00:12 | 000,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2006/11/02 05:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 03:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/11/02 00:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== LOP Check ==========

[2009/09/02 08:25:36 | 000,000,000 | ---D | M] -- C:\Users\Joel\AppData\Roaming\5600-6600 Series
[2010/05/28 22:02:04 | 000,000,000 | ---D | M] -- C:\Users\Joel\AppData\Roaming\acccore
[2009/10/31 01:22:58 | 000,000,000 | ---D | M] -- C:\Users\Joel\AppData\Roaming\Lexmark Productivity Studio
[2010/04/25 12:23:51 | 000,000,000 | ---D | M] -- C:\Users\Joel\AppData\Roaming\Nikon
[2009/09/25 11:12:03 | 000,000,000 | ---D | M] -- C:\Users\Joel\AppData\Roaming\OpenOffice.org
[2010/04/16 10:37:59 | 000,000,000 | ---D | M] -- C:\Users\Joel\AppData\Roaming\RenPy
[2009/09/02 08:03:12 | 000,000,000 | ---D | M] -- C:\Users\Joel\AppData\Roaming\ScanSoft
[2010/06/19 17:13:47 | 000,032,598 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/06/20 11:26:00 | 000,000,416 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{B02E12C7-9F6B-4850-9B5C-17B1A7091C3C}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2006/09/18 14:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/04/10 23:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2009/09/01 19:23:23 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2006/09/18 14:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2010/05/28 22:01:20 | 000,000,362 | -H-- | M] () -- C:\IPH.PH
[2009/09/01 18:39:06 | 000,000,010 | ---- | M] () -- C:\MOVE_RECOVERY
[2010/06/20 11:55:41 | 2452,439,040 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2007/03/18 20:00:00 | 000,027,136 | ---- | M] (CANON INC.) -- C:\Windows\System32\spool\prtprocs\w32x86\CNMPD8S.DLL
[2007/03/18 20:00:00 | 000,069,632 | ---- | M] (CANON INC.) -- C:\Windows\System32\spool\prtprocs\w32x86\CNMPP8S.DLL
[2006/11/02 05:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2008/05/23 05:17:14 | 000,121,856 | ---- | M] () -- C:\Windows\System32\spool\prtprocs\w32x86\lxdudrpp.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2006/11/02 03:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006/11/02 03:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006/11/02 03:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 03:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 03:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\user32.dll /md5 >
[2009/04/10 23:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\System32\user32.dll

< %systemroot%\system32\ws2_32.dll /md5 >
[2008/01/19 00:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\System32\ws2_32.dll

< End of report >

OTL Extras logfile created on: 6/20/2010 11:59:25 AM - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\Joel\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 82.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 95.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 361.78 Gb Total Space | 170.71 Gb Free Space | 47.19% Space Free | Partition Type: NTFS
Drive D: | 10.83 Gb Total Space | 2.96 Gb Free Space | 27.35% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: GATEWAY-PC
Current User Name: Joel
Logged in as Administrator.

Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML.Joel] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
"" =

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{25995433-3D48-40D3-A55D-F114A8D79F83}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2BF56EA1-47D6-4DC8-9484-4EB6A82222C9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{47E6D416-D5BB-4222-AA52-E694077EEB9F}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{5D0BA508-E78A-41C4-8F10-2FC3AB79B2F8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{604B1164-6661-4BEA-915F-F5CD4AAD4E77}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{A07844C9-CE01-434E-8FA2-80FE7753A560}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{A37E1F8C-D288-4F83-89DC-C9EAE45586EB}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{BBA3F3FA-4B34-43B4-A600-1AEECD87BFC1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D6E4C8D7-31E1-4AFD-888F-C722067D62C9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FF844632-2A5B-4866-8E79-22BE3FB29CDC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B419BC2-986C-47AB-8793-31877941C2CA}" = protocol=17 | dir=in | app=c:\program files\aim\aim.exe |
"{1346710A-572E-4AED-8045-BB7D46E70785}" = dir=in | app=c:\program files\avg\avg8\avgnsx.exe |
"{17077183-C797-4554-B503-35EDC1E2C57D}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{2124AD8F-EEE1-4A17-9674-DFA12C1FBED1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{24EFDA6D-AC78-4C15-B3A4-7DED88A511A3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{29FD949C-D8F2-4749-84D6-72B9841C8F4D}" = protocol=6 | dir=in | app=c:\program files\lexmark 5600-6600 series\frun.exe |
"{39C2DD4B-8337-43EE-95E5-788EF64AE1D1}" = protocol=6 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{3A940744-6629-4ED6-A8FC-EF3229AED0A5}" = protocol=6 | dir=in | app=c:\program files\lexmark 5600-6600 series\lxduamon.exe |
"{3E10F12B-3F78-446B-8D78-788A0F422C57}" = protocol=17 | dir=in | app=c:\program files\lexmark 5600-6600 series\lxduamon.exe |
"{43A0E17F-6699-48A8-8160-85D8E1138428}" = protocol=6 | dir=in | app=c:\program files\lexmark 5600-6600 series\lxdufax.exe |
"{44DB6B94-2D7F-4151-AC7C-F3804F15A3DF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{489F720A-9F56-4427-AAB2-55A741DE3A7E}" = protocol=6 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"{70612F60-FD08-4DD6-9062-CB033063B348}" = dir=in | app=c:\program files\avg\avg8\avgemc.exe |
"{70715A44-6581-4D2B-9E18-9EF12A0705AF}" = protocol=17 | dir=in | app=c:\program files\lexmark 5600-6600 series\frun.exe |
"{73D44BB4-1580-4B0C-B049-783FD8939976}" = protocol=17 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"{7E95D2EF-AF68-42BD-912F-BEA116F6DA5A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{82750F22-58BF-4157-9898-5CF23B87DA95}" = protocol=6 | dir=in | app=c:\windows\system32\lxducoms.exe |
"{9DD493C0-2592-4107-98F7-AFC8F0D74831}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdupswx.exe |
"{B3AC4F5D-5354-4565-B5D3-47756437820C}" = dir=in | app=c:\program files\avg\avg8\avgupd.exe |
"{BFAEEEF2-FB26-42D5-AC00-8DE0754FBA3A}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{C3DC9E89-FD87-4AF6-8324-701E95D369CA}" = protocol=17 | dir=in | app=c:\windows\system32\lxducoms.exe |
"{C816C866-15ED-428D-8B2F-BDB9B64F3407}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D3CB0CAD-940A-4263-A89F-4A1C935A1927}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdupswx.exe |
"{DB02332D-8A58-470D-9817-8E9A0A219036}" = protocol=17 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{E3491ADD-E63D-4F83-A3EB-E0FE294B3684}" = protocol=6 | dir=in | app=c:\program files\aim\aim.exe |
"{E945B26B-14F8-47E3-81FC-03C634FC5D76}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{EA55A820-7EBA-4591-947F-0A5293F00B1F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{EF368B38-C249-42C0-9E0E-5CD13729F1EA}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{F6E4B060-AC74-471A-AFA4-36235542A7CE}" = protocol=17 | dir=in | app=c:\program files\lexmark 5600-6600 series\lxdufax.exe |
"{FD6CF685-CCEC-488D-961D-A1A3CAA6DAF3}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"TCP Query User{5FBA1A28-C4E2-45EF-B81E-7AB6467E5791}C:\program files\quicktime\quicktimeplayer.exe" = protocol=6 | dir=in | app=c:\program files\quicktime\quicktimeplayer.exe |
"TCP Query User{A40F7442-5742-4087-8632-BC0407A53388}C:\program files\logitech\logitech vid\vid.exe" = protocol=6 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"UDP Query User{08AD2701-3A66-47B7-9F7F-A9CB7BEB1B05}C:\program files\logitech\logitech vid\vid.exe" = protocol=17 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"UDP Query User{EFDBE06F-F22C-43D4-8E0C-0EE1A74C7E61}C:\program files\quicktime\quicktimeplayer.exe" = protocol=17 | dir=in | app=c:\program files\quicktime\quicktimeplayer.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series" = Canon MP210 series
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20140000-006D-0409-0000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010 (Beta)
"{20140062-0062-0409-0000-0000000FF1CE}" = Microsoft Office Home and Business 2010 (Beta) - English
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{237CD223-1B9D-47E8-A76C-E478B83CCEA2}" = File Uploader
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java™ 6 Update 20
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{51F96AEC-D902-4434-A0DC-B9692A21AE7C}" = MobileMe Control Panel
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5ECB3A3C-980B-4D12-9724-25DCB07A1F47}" = iTunes
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A253629-0511-4854-8B4E-46E57E66005C}" = Bonjour
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010
"{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}" = Apple Mobile Device Support
"{A1960A82-DB70-474D-A86B-FA74466103C6}" = Drivers Install For Linksys Easylink Advisor
"{A67BB21E-D419-45BB-AB86-7D87D14BBCE2}" = Safari
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.2
"{AC96671C-2001-432C-9826-5266D84EF1DC}" = Logitech Webcam Software
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2C5E510-BE6D-42CC-9F61-E4F939078474}" = Lexmark Printable Web
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{D45E8C45-B601-4A80-AFD8-E16338744DE1}" = ArcSoft Panorama Maker 4
"{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4
"{E6B87DC4-2B3D-4483-ADFF-E483BF718991}" = OpenOffice.org 3.1
"{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer
"{EBD9A954-6C1A-4E9F-A098-C98653035381}" = PrintMaster Platinum 18
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F007CBCE-D714-4C0B-8CE9-9B0D78116468}" = ViewNX
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AIM_7" = AIM 7
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.10 (Unicode)
"avast5" = avast! Free Antivirus
"AVG9Uninstall" = AVG Free 9.0
"AviSynth" = AviSynth 2.5
"Canon MP210 series User Registration" = Canon MP210 series User Registration
"CANONIJPLM100" = PIXMA Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CNXT_MODEM_PCI_HSF" = Soft Data Fax Modem with SmartCP
"Datascroll" = Datascroll Screen Saver
"EasyLinkAdvisor" = Linksys EasyLink Advisor 1.6 (0032)
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"ERUNT_is1" = ERUNT 1.1j
"Exterminate It!" = Exterminate It!
"InstallWIX_{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"Lexmark 5600-6600 Series" = Lexmark 5600-6600 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.8)" = Mozilla Firefox (3.5.8)
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010 (Beta)
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"WebPost" = Microsoft Web Publishing Wizard 1.52
"WinLiveSuite_Wave3" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 6/19/2010 7:38:38 PM | Computer Name = Gateway-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 18268

Error - 6/20/2010 12:22:10 AM | Computer Name = Gateway-PC | Source = Application Error | ID = 1000
Description = Faulting application LWS.exe, version 12.0.1280.0, time stamp 0x4a046c72,
faulting module LWS.exe, version 12.0.1280.0, time stamp 0x4a046c72, exception
code 0xc000000d, fault offset 0x000d2064, process id 0xa0c, application start time
0x01cb102fee289c9d.

Error - 6/20/2010 12:33:56 AM | Computer Name = Gateway-PC | Source = CVHSVC | ID = 100
Description = Information only. (Patch task for {20140062-0062-0409-0000-0000000FF1CE}):
DownloadLatest Failed: The operation timed out

Error - 6/20/2010 12:59:23 AM | Computer Name = Gateway-PC | Source = EventSystem | ID = 4609
Description =

Error - 6/20/2010 2:04:44 PM | Computer Name = Gateway-PC | Source = CVHSVC | ID = 100
Description = Information only. (Patch task for {20140062-0062-0409-0000-0000000FF1CE}):
DownloadLatest Failed: The operation timed out

Error - 6/20/2010 2:18:43 PM | Computer Name = Gateway-PC | Source = Application Error | ID = 1000
Description = Faulting application LWS.exe, version 12.0.1280.0, time stamp 0x4a046c72,
faulting module LWS.exe, version 12.0.1280.0, time stamp 0x4a046c72, exception
code 0xc000000d, fault offset 0x000d2064, process id 0xa7c, application start time
0x01cb10a4a8950c00.

Error - 6/20/2010 2:25:35 PM | Computer Name = Gateway-PC | Source = Application Error | ID = 1000
Description = Faulting application TFC.exe, version 3.1.5.0, time stamp 0x2a425e19,
faulting module RPCRT4.dll, version 6.0.6002.18024, time stamp 0x49f05bcc, exception
code 0xc0000005, fault offset 0x000b0af5, process id 0xed4, application start time
0x01cb10a563166880.

Error - 6/20/2010 2:30:49 PM | Computer Name = Gateway-PC | Source = EventSystem | ID = 4609
Description =

Error - 6/20/2010 2:39:57 PM | Computer Name = Gateway-PC | Source = EventSystem | ID = 4609
Description =

Error - 6/20/2010 2:56:47 PM | Computer Name = Gateway-PC | Source = EventSystem | ID = 4609
Description =

[ System Events ]
Error - 6/20/2010 2:32:26 PM | Computer Name = Gateway-PC | Source = DCOM | ID = 10005
Description =

Error - 6/20/2010 2:56:11 PM | Computer Name = Gateway-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 11:53:49 AM on 6/20/2010 was unexpected.

Error - 6/20/2010 2:56:35 PM | Computer Name = Gateway-PC | Source = DCOM | ID = 10005
Description =

Error - 6/20/2010 2:56:47 PM | Computer Name = Gateway-PC | Source = DCOM | ID = 10005
Description =

Error - 6/20/2010 2:56:51 PM | Computer Name = Gateway-PC | Source = DCOM | ID = 10005
Description =

Error - 6/20/2010 2:56:55 PM | Computer Name = Gateway-PC | Source = DCOM | ID = 10005
Description =

Error - 6/20/2010 2:57:23 PM | Computer Name = Gateway-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 6/20/2010 2:57:23 PM | Computer Name = Gateway-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 6/20/2010 2:57:23 PM | Computer Name = Gateway-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 6/20/2010 2:58:20 PM | Computer Name = Gateway-PC | Source = Service Control Manager | ID = 7001
Description =


< End of report >

Edited by goldenscarab, 20 June 2010 - 02:16 PM.

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP