Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Trojan.Agent/Gen identified by SAS

Started by KLK0274 , Nov 03 2010 03:58 PM

  • This topic is locked This topic is locked

#1
KLK0274
Posted 03 November 2010 - 03:58 PM

KLK0274

    Member

  • Member
  • PipPip
  • 12 posts
I purchased a laptop a week ago. I'm now having considerable problems (i.e. slow performance, freezing up, not shutting down, etc.).

I have Windows 7 64 bit. I also run Kaspersky Internet Suite 7 along with SAS and Antimalware Malwarebytes. The computer has a 2.53 GHZ Intel processor with 4 GB of RAM.

Attached is OTL log run today. SAS identified a trojan last night (Trojan.Agent/Gen located in folder C:\Users\ADMINISTRATOR\DOWNLOADS\MBR.EXE).

Will someone provide assistance on this issue.

Thanks in advance.

Kevin

Attached Files


  • 0

Advertisements

#2
Dakeyras
Posted 08 November 2010 - 06:08 PM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post the appropriate logs in the Malware Removal forum and wait for help.

Hi and welcome to Geeks To Go. :D

I'm Dakeyras and I am going to try to assist you with your problem. Please take note of the below:

  • I will start working on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for this issue on this machine!
  • The process is not instant. Please continue to review my answers until I tell you your machine is clear. Absence of symptoms does not mean that everything is clear.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Refrain from running self fixes as this will hinder the malware removal process.
  • It may prove beneficial if you print of the following instructions or save them to notepad as I post them.
  • Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
Windows 7 Advice:

All applications I ask to be used will require to be run in Administrator mode. IE: Right click on and select Run as Administrator.

The Operating System in use comes with a inbuilt utility called User Access Control(UAC) when prompted by this with anything I ask you to do carry out please select the option Allow.

64bit Operating System Advice:

Most of the tools we use don't run on 64 bit machines, so the help I can offer may be limited. I'm going to need you to run two different/new scans for me in due course.

Before we start:

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

Security Application Check:

Please download and save SecurityCheck.exe to your Desktop from one of the links below.

Link 1
Link 2

  • Right-click SecurityCheck.exe and select Run as Administrator then follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt
  • Please post the contents of that document in your next reply.
Scan with OTL:

Please delete your current version of OTL and all logs, then empty the Recycle Bin.

Then download OTL and save it to your Desktop.

Alternate downloads are here and here.

  • Right-click on OTL.exe and select Run as Administrator to start OTL.
  • Ensure Include 64bit Scans is selected.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized
  • Please post the contents of these 2 Notepad files in your next reply.
When completed the above, please post back the following in the order asked for:

  • How is you computer performing now, any further symptoms and or problems encountered?
  • SecurityCheck Log.
  • Both OTL logs. <-- Post them individually please, IE: one Log per post/reply.

  • 0

#3
KLK0274
Posted 08 November 2010 - 07:24 PM

KLK0274

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
Results from Security Check below:

Results of screen317's Security Check version 0.99.6
Windows 7 (UAC is enabled)
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Disabled!
Kaspersky Internet Security 2011
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
Adobe Flash Player 10.1.102.64
Adobe Reader 9.4.0
Mozilla Firefox (3.6.12)
````````````````````````````````
Process Check:
objlist.exe by Laurent
Malwarebytes' Anti-Malware mbamservice.exe
Malwarebytes' Anti-Malware mbamgui.exe
Kaspersky Lab Kaspersky Internet Security 2011 avp.exe
Kaspersky Lab Kaspersky Internet Security 2011 x64 klwtblfs.exe
````````````````````````````````
DNS Vulnerability Check:
GREAT! (Not vulnerable to DNS cache poisoning)

``````````End of Log````````````
  • 0

#4
KLK0274
Posted 08 November 2010 - 07:35 PM

KLK0274

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
My computer is still freezing-up, booting slowly and will not shut down unless I press the power button now. Also, I can not use Firefox anymore.

To follow is OTL and Extras log:

OTL logfile created on: 11/8/2010 7:28:01 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Kevin\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 64.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 576.64 Gb Total Space | 533.52 Gb Free Space | 92.52% Space Free | Partition Type: NTFS

Computer Name: KEVIN-PC | User Name: Kevin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Kevin\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe ()
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
PRC - C:\Program Files (x86)\IObit\IObit Security 360\is360srv.exe (IObit)
PRC - C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe (asus)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS)
PRC - C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdiamon.exe ()
PRC - C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdimon.exe ()
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ()


========== Modules (SafeList) ==========

MOD - C:\Users\Kevin\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
SRV:64bit: - (WiMAXAppSrv) -- C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe (Intel® Corporation)
SRV:64bit: - (DMAgent) -- C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe (Red Bend Ltd.)
SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel® Corporation)
SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation)
SRV:64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.)
SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel® Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (lxdi_device) -- C:\Windows\SysNative\lxdicoms.exe ( )
SRV:64bit: - (lxdiCATSCustConnectService) -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxdiserv.exe ()
SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
SRV - (IS360service) -- C:\Program Files (x86)\IObit\IObit Security 360\is360srv.exe (IObit)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (UNS) Intel® -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel® -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (lxdi_device) -- C:\Windows\SysWow64\lxdicoms.exe ( )


========== Driver Services (SafeList) ==========

DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab)
DRV:64bit: - (pneteth) -- C:\Windows\SysNative\drivers\pneteth.sys (June Fabrics Technology Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (wdkmd) -- C:\Windows\SysNative\drivers\WDKMD.sys (Intel Corporation)
DRV:64bit: - (kl2) -- C:\Windows\SysNative\drivers\kl2.sys (Kaspersky Lab ZAO)
DRV:64bit: - (KL1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV:64bit: - (bpmp) Intel® Centrino® -- C:\Windows\SysNative\drivers\bpmp.sys (Intel Corporation)
DRV:64bit: - (bpusb) -- C:\Windows\SysNative\drivers\bpusb.sys (Intel Corporation)
DRV:64bit: - (bpenum) -- C:\Windows\SysNative\drivers\bpenum.sys (Intel Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronic Corp.)
DRV:64bit: - (NETw5s64) Intel® -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (IntcDAud) Intel® -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)
DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab)
DRV:64bit: - (HECIx64) Intel® -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys ()
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\SysNative\drivers\snp2uvc.sys ()
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ATK64AMD.sys (ASUS)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3891854576-2668885147-1037204798-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-3891854576-2668885147-1037204798-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:11.0.1.400
FF - prefs.js..extensions.enabledItems: [email protected]:11.0.1.400
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.4
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908
FF - prefs.js..extensions.enabledItems: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.48.3
FF - prefs.js..extensions.enabledItems: [email protected]:0.1.9
FF - prefs.js..extensions.enabledItems: [email protected]:2.4.1
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.0.10
FF - prefs.js..extensions.enabledItems: {fe0258ab-4f74-43a1-8781-bcdf340f9ee9}:2.6.4
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.2

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/11/04 00:08:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/11/04 16:54:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\THBExt [2010/11/04 00:49:15 | 000,000,000 | ---D | M]

[2010/11/04 00:08:52 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\Mozilla\Extensions
[2010/11/07 14:36:58 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\anf6t6v5.default\extensions
[2010/11/04 11:10:18 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\anf6t6v5.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2010/11/04 11:00:55 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\anf6t6v5.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010/11/04 11:01:52 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\anf6t6v5.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010/11/04 10:59:32 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\anf6t6v5.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/11/04 11:04:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\anf6t6v5.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
[2010/11/04 11:13:56 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\anf6t6v5.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010/11/04 11:11:54 | 000,000,000 | ---D | M] (Redirect Remover) -- C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\anf6t6v5.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}
[2010/11/07 14:36:58 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\anf6t6v5.default\extensions\[email protected]
[2010/11/04 11:08:23 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\anf6t6v5.default\extensions\[email protected]
[2010/11/04 00:58:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/11/04 00:58:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2010/11/04 00:58:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]

O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [IntelWirelessWiMAX] C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [lxdiamon] C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdiamon.exe ()
O4:64bit: - HKLM..\Run: [lxdimon.exe] C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdimon.exe ()
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe File not found
O4 - Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe File not found
O4 - Startup: C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk = C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-3891854576-2668885147-1037204798-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O8:64bit: - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()
O9:64bit: - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\kloehk.dll (Kaspersky Lab ZAO)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\sbhook64.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\mzvkbd3.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\sbhook.dll (Kaspersky Lab ZAO)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\klogon: DllName - Reg Error: Key error. - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 0
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/11/08 19:26:22 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Kevin\Desktop\OTL.exe
[2010/11/04 16:54:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2010/11/04 16:54:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2010/11/04 16:53:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2010/11/04 14:52:19 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Lexmark Productivity Studio
[2010/11/04 14:51:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Lx_cats
[2010/11/04 14:50:54 | 000,000,000 | ---D | C] -- C:\logs
[2010/11/04 14:50:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lexmark 3500-4500 Series
[2010/11/04 14:50:11 | 001,187,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdiserv.dll
[2010/11/04 14:50:11 | 000,983,121 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\lxdigf.dll
[2010/11/04 14:50:11 | 000,942,080 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdiusb1.dll
[2010/11/04 14:50:11 | 000,765,952 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdicomc.dll
[2010/11/04 14:50:11 | 000,671,744 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdihbn3.dll
[2010/11/04 14:50:11 | 000,614,400 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdipmui.dll
[2010/11/04 14:50:11 | 000,532,480 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdilmpm.dll
[2010/11/04 14:50:11 | 000,517,040 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdicoms.exe
[2010/11/04 14:50:11 | 000,503,808 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysWow64\lxdiutil.dll
[2010/11/04 14:50:11 | 000,360,448 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdicomm.dll
[2010/11/04 14:50:11 | 000,356,352 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdiinpa.dll
[2010/11/04 14:50:11 | 000,340,912 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdicfg.exe
[2010/11/04 14:50:11 | 000,339,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdiiesc.dll
[2010/11/04 14:50:11 | 000,320,432 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdiih.exe
[2010/11/04 14:50:11 | 000,208,896 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysWow64\lxdiinsb.dll
[2010/11/04 14:50:11 | 000,176,128 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysWow64\lxdiins.dll
[2010/11/04 14:50:11 | 000,143,360 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysWow64\lxdijswr.dll
[2010/11/04 14:50:11 | 000,126,976 | ---- | C] (Lexmark International Inc.) -- C:\Windows\SysWow64\lxdilnks.dll
[2010/11/04 14:50:11 | 000,106,496 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysWow64\lxdiinsr.dll
[2010/11/04 14:50:11 | 000,090,112 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysWow64\lxdicub.dll
[2010/11/04 14:50:11 | 000,077,906 | ---- | C] (Lexmark International) -- C:\Windows\SysWow64\lxdicfg.dll
[2010/11/04 14:50:11 | 000,077,824 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysWow64\lxdicu.dll
[2010/11/04 14:50:11 | 000,054,192 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdippls.exe
[2010/11/04 14:50:11 | 000,053,248 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdiprox.dll
[2010/11/04 14:50:11 | 000,053,248 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdipplc.dll
[2010/11/04 14:50:11 | 000,036,864 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysWow64\lxdicur.dll
[2010/11/04 14:49:57 | 001,871,872 | ---- | C] ( ) -- C:\Windows\SysNative\lxdiserv.dll
[2010/11/04 14:49:57 | 001,497,600 | ---- | C] ( ) -- C:\Windows\SysNative\lxdiusb1.dll
[2010/11/04 14:49:57 | 001,305,088 | ---- | C] ( ) -- C:\Windows\SysNative\lxdicomc.dll
[2010/11/04 14:49:57 | 001,086,464 | ---- | C] ( ) -- C:\Windows\SysNative\lxdihbn3.dll
[2010/11/04 14:49:57 | 000,983,121 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lxdigf.dll
[2010/11/04 14:49:57 | 000,924,160 | ---- | C] ( ) -- C:\Windows\SysNative\lxdipmui.dll
[2010/11/04 14:49:57 | 000,876,976 | ---- | C] ( ) -- C:\Windows\SysNative\lxdicoms.exe
[2010/11/04 14:49:57 | 000,821,760 | ---- | C] ( ) -- C:\Windows\SysNative\lxdilmpm.dll
[2010/11/04 14:49:57 | 000,714,240 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysNative\lxdiutil.dll
[2010/11/04 14:49:57 | 000,563,632 | ---- | C] ( ) -- C:\Windows\SysNative\lxdicfg.exe
[2010/11/04 14:49:57 | 000,560,640 | ---- | C] ( ) -- C:\Windows\SysNative\lxdicomm.dll
[2010/11/04 14:49:57 | 000,541,184 | ---- | C] ( ) -- C:\Windows\SysNative\lxdiinpa.dll
[2010/11/04 14:49:57 | 000,514,480 | ---- | C] ( ) -- C:\Windows\SysNative\lxdiih.exe
[2010/11/04 14:49:57 | 000,507,904 | ---- | C] ( ) -- C:\Windows\SysNative\lxdiiesc.dll
[2010/11/04 14:49:57 | 000,474,624 | ---- | C] ( ) -- C:\Windows\SysNative\lxdihcp.dll
[2010/11/04 14:49:57 | 000,236,032 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysNative\lxdiins.dll
[2010/11/04 14:49:57 | 000,189,952 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysNative\lxdiinsb.dll
[2010/11/04 14:49:57 | 000,128,512 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysNative\lxdijswr.dll
[2010/11/04 14:49:57 | 000,100,864 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysNative\lxdicu.dll
[2010/11/04 14:49:57 | 000,090,624 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysNative\lxdiinsr.dll
[2010/11/04 14:49:57 | 000,073,216 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysNative\lxdicub.dll
[2010/11/04 14:49:57 | 000,065,536 | ---- | C] (Lexmark International) -- C:\Windows\SysNative\lxdicfg.dll
[2010/11/04 14:49:57 | 000,047,104 | ---- | C] ( ) -- C:\Windows\SysNative\lxdiprox.dll
[2010/11/04 14:49:57 | 000,047,104 | ---- | C] ( ) -- C:\Windows\SysNative\lxdipplc.dll
[2010/11/04 14:49:57 | 000,022,528 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysNative\lxdicur.dll
[2010/11/04 14:49:51 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark 3500-4500 Series
[2010/11/04 14:49:17 | 000,000,000 | ---D | C] -- C:\lexmark
[2010/11/04 10:41:33 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2010/11/04 10:15:04 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\IObit
[2010/11/04 10:15:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2010/11/04 09:20:01 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\ElevatedDiagnostics
[2010/11/04 08:23:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2010/11/04 08:22:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2010/11/04 08:19:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010/11/04 08:19:07 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\Microsoft Help
[2010/11/04 08:19:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010/11/04 08:18:32 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010/11/04 07:57:46 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\SUPERAntiSpyware.com
[2010/11/04 07:57:46 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010/11/04 07:57:40 | 000,000,000 | ---D | C] -- C:\ProgramData\!SASCORE
[2010/11/04 07:57:38 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/11/04 07:55:04 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Malwarebytes
[2010/11/04 07:54:53 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/11/04 07:54:52 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/11/04 07:54:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/11/04 07:54:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/11/04 07:41:55 | 000,708,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinUSBCoInstaller.dll
[2010/11/04 07:41:55 | 000,015,360 | ---- | C] (June Fabrics Technology Inc.) -- C:\Windows\SysNative\drivers\pneteth.sys
[2010/11/04 07:41:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PdaNet for Android
[2010/11/04 01:49:56 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/11/04 01:02:29 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2010/11/04 01:02:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2010/11/04 00:50:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2010/11/04 00:49:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010/11/04 00:49:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2010/11/04 00:49:03 | 000,556,120 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2010/11/04 00:48:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2010/11/04 00:48:10 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2010/11/04 00:48:10 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2010/11/04 00:48:10 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2010/11/04 00:48:10 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2010/11/04 00:48:10 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2010/11/04 00:48:10 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2010/11/04 00:48:10 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2010/11/04 00:48:10 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2010/11/04 00:43:08 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2010/11/04 00:43:08 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2010/11/04 00:43:06 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll
[2010/11/04 00:43:06 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2010/11/04 00:43:06 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2010/11/04 00:43:06 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2010/11/04 00:43:06 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2010/11/04 00:43:01 | 001,736,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2010/11/04 00:43:01 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2010/11/04 00:43:00 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2010/11/04 00:43:00 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2010/11/04 00:42:59 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2010/11/04 00:42:59 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2010/11/04 00:42:58 | 005,507,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010/11/04 00:42:57 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2010/11/04 00:42:57 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2010/11/04 00:42:56 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2010/11/04 00:42:56 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2010/11/04 00:42:56 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2010/11/04 00:42:54 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2010/11/04 00:42:54 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2010/11/04 00:42:53 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2010/11/04 00:42:53 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2010/11/04 00:42:53 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[2010/11/04 00:42:50 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2010/11/04 00:42:48 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2010/11/04 00:42:47 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2010/11/04 00:42:47 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2010/11/04 00:42:45 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2010/11/04 00:42:45 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2010/11/04 00:41:51 | 000,702,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2010/11/04 00:41:50 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2010/11/04 00:41:50 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2010/11/04 00:41:50 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2010/11/04 00:41:50 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010/11/04 00:41:50 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010/11/04 00:41:50 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010/11/04 00:41:50 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010/11/04 00:41:50 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2010/11/04 00:41:50 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2010/11/04 00:41:50 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2010/11/04 00:41:50 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2010/11/04 00:41:50 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010/11/04 00:41:50 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010/11/04 00:41:49 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2010/11/04 00:14:38 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\Adobe
[2010/11/04 00:11:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2010/11/04 00:08:46 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Mozilla
[2010/11/04 00:08:46 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\Mozilla
[2010/11/04 00:08:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010/11/04 00:03:57 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/11/04 00:02:59 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Macromedia
[2010/11/04 00:02:58 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Adobe
[2010/11/03 23:53:59 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Intel
[2010/11/03 23:53:49 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\SRS Labs
[2010/11/03 23:53:49 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\Apps
[2010/11/03 23:53:48 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\Deployment
[2010/11/03 23:52:51 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\Power2Go
[2010/11/03 23:52:48 | 000,000,000 | R--D | C] -- C:\Users\Kevin\Searches
[2010/11/03 23:52:41 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Identities
[2010/11/03 23:52:37 | 000,000,000 | R--D | C] -- C:\Users\Kevin\Contacts
[2010/11/03 23:52:33 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\VirtualStore
[2010/11/03 23:52:17 | 000,000,000 | -H-D | C] -- C:\Users\Kevin\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2010/11/03 23:52:03 | 000,000,000 | --SD | C] -- C:\Users\Kevin\AppData\Roaming\Microsoft
[2010/11/03 23:52:03 | 000,000,000 | R--D | C] -- C:\Users\Kevin\Videos
[2010/11/03 23:52:03 | 000,000,000 | R--D | C] -- C:\Users\Kevin\Saved Games
[2010/11/03 23:52:03 | 000,000,000 | R--D | C] -- C:\Users\Kevin\Pictures
[2010/11/03 23:52:03 | 000,000,000 | R--D | C] -- C:\Users\Kevin\Music
[2010/11/03 23:52:03 | 000,000,000 | R--D | C] -- C:\Users\Kevin\Links
[2010/11/03 23:52:03 | 000,000,000 | R--D | C] -- C:\Users\Kevin\Favorites
[2010/11/03 23:52:03 | 000,000,000 | R--D | C] -- C:\Users\Kevin\Downloads
[2010/11/03 23:52:03 | 000,000,000 | R--D | C] -- C:\Users\Kevin\My Documents
[2010/11/03 23:52:03 | 000,000,000 | R--D | C] -- C:\Users\Kevin\Desktop
[2010/11/03 23:52:03 | 000,000,000 | -HSD | C] -- C:\Users\Kevin\AppData\Local\Temporary Internet Files
[2010/11/03 23:52:03 | 000,000,000 | -HSD | C] -- C:\Users\Kevin\Templates
[2010/11/03 23:52:03 | 000,000,000 | -HSD | C] -- C:\Users\Kevin\Start Menu
[2010/11/03 23:52:03 | 000,000,000 | -HSD | C] -- C:\Users\Kevin\SendTo
[2010/11/03 23:52:03 | 000,000,000 | -HSD | C] -- C:\Users\Kevin\Recent
[2010/11/03 23:52:03 | 000,000,000 | -HSD | C] -- C:\Users\Kevin\PrintHood
[2010/11/03 23:52:03 | 000,000,000 | -HSD | C] -- C:\Users\Kevin\NetHood
[2010/11/03 23:52:03 | 000,000,000 | -HSD | C] -- C:\Users\Kevin\Documents\My Videos
[2010/11/03 23:52:03 | 000,000,000 | -HSD | C] -- C:\Users\Kevin\Documents\My Pictures
[2010/11/03 23:52:03 | 000,000,000 | -HSD | C] -- C:\Users\Kevin\Documents\My Music
[2010/11/03 23:52:03 | 000,000,000 | -HSD | C] -- C:\Users\Kevin\My Documents
[2010/11/03 23:52:03 | 000,000,000 | -HSD | C] -- C:\Users\Kevin\Local Settings
[2010/11/03 23:52:03 | 000,000,000 | -HSD | C] -- C:\Users\Kevin\AppData\Local\History
[2010/11/03 23:52:03 | 000,000,000 | -HSD | C] -- C:\Users\Kevin\Cookies
[2010/11/03 23:52:03 | 000,000,000 | -HSD | C] -- C:\Users\Kevin\Application Data
[2010/11/03 23:52:03 | 000,000,000 | -HSD | C] -- C:\Users\Kevin\AppData\Local\Application Data
[2010/11/03 23:52:03 | 000,000,000 | -H-D | C] -- C:\Users\Kevin\AppData
[2010/11/03 23:52:03 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\Temp
[2010/11/03 23:52:03 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\Microsoft
[2010/11/03 23:52:03 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Media Center Programs

========== Files - Modified Within 30 Days ==========

[2010/11/08 19:26:22 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Kevin\Desktop\OTL.exe
[2010/11/08 19:14:12 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/11/08 19:14:12 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/11/08 19:11:32 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/11/08 19:11:32 | 000,624,178 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/11/08 19:11:32 | 000,106,522 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/11/08 19:06:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/11/08 19:06:52 | 3054,931,968 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/07 14:15:27 | 000,001,894 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2010/11/04 18:11:40 | 000,000,000 | ---- | M] () -- C:\Users\Kevin\defogger_reenable
[2010/11/04 16:54:30 | 000,002,016 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/11/04 16:45:05 | 000,001,176 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2010/11/04 14:50:58 | 000,072,488 | ---- | M] () -- C:\Windows\SysNative\LexFiles.ulf
[2010/11/04 14:50:25 | 000,001,106 | ---- | M] () -- C:\Users\Public\Desktop\Lexmark Imaging Studio - 3500-4500 Series.LNK
[2010/11/04 10:47:41 | 000,001,074 | ---- | M] () -- C:\Users\Public\Desktop\IObit Security 360.lnk
[2010/11/04 10:15:22 | 000,001,227 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare.lnk
[2010/11/04 09:55:37 | 000,310,896 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/11/04 07:57:40 | 000,001,810 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
[2010/11/04 07:54:57 | 000,001,015 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/11/04 07:44:16 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUSB_01007.Wdf
[2010/11/04 07:41:56 | 000,001,035 | ---- | M] () -- C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk
[2010/11/04 01:50:58 | 000,039,252 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2010/11/04 01:50:58 | 000,039,252 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2010/11/04 01:09:24 | 000,556,120 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2010/11/04 00:49:52 | 000,149,773 | ---- | M] () -- C:\Windows\SysNative\drivers\klin.dat
[2010/11/04 00:49:52 | 000,106,765 | ---- | M] () -- C:\Windows\SysNative\drivers\klick.dat
[2010/11/04 00:29:58 | 000,000,080 | ---- | M] () -- C:\Windows\SysNative\Defrag.ini
[2010/11/04 00:11:55 | 000,001,270 | ---- | M] () -- C:\Users\Kevin\Desktop\Revo Uninstaller.lnk
[2010/11/04 00:08:44 | 000,001,969 | ---- | M] () -- C:\Users\Kevin\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/11/04 00:03:58 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2010/11/04 00:02:33 | 000,001,443 | ---- | M] () -- C:\Users\Kevin\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/11/03 23:52:42 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfud.bin
[2010/11/03 23:52:26 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfss.bin

========== Files Created - No Company Name ==========

[2010/11/04 18:11:40 | 000,000,000 | ---- | C] () -- C:\Users\Kevin\defogger_reenable
[2010/11/04 16:54:30 | 000,002,016 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/11/04 14:50:25 | 000,001,106 | ---- | C] () -- C:\Users\Public\Desktop\Lexmark Imaging Studio - 3500-4500 Series.LNK
[2010/11/04 14:50:11 | 000,965,785 | ---- | C] () -- C:\Windows\SysWow64\lxdihelp.chm
[2010/11/04 14:50:11 | 000,385,024 | ---- | C] () -- C:\Windows\SysWow64\lxdicomx.dll
[2010/11/04 14:50:11 | 000,294,912 | ---- | C] () -- C:\Windows\SysWow64\lxdiinst.dll
[2010/11/04 14:50:11 | 000,001,900 | ---- | C] () -- C:\Windows\SysWow64\lxdi.loc
[2010/11/04 14:49:57 | 000,965,785 | ---- | C] () -- C:\Windows\SysNative\lxdihelp.chm
[2010/11/04 14:49:57 | 000,434,176 | ---- | C] () -- C:\Windows\SysNative\lxdiinst.dll
[2010/11/04 14:49:57 | 000,299,520 | ---- | C] () -- C:\Windows\SysNative\lxdigrd.dll
[2010/11/04 14:49:57 | 000,072,488 | ---- | C] () -- C:\Windows\SysNative\LexFiles.ulf
[2010/11/04 14:49:57 | 000,001,900 | ---- | C] () -- C:\Windows\SysNative\lxdi.loc
[2010/11/04 10:47:41 | 000,001,074 | ---- | C] () -- C:\Users\Public\Desktop\IObit Security 360.lnk
[2010/11/04 10:15:22 | 000,001,227 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare.lnk
[2010/11/04 07:57:40 | 000,001,810 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
[2010/11/04 07:54:57 | 000,001,015 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/11/04 07:44:16 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUSB_01007.Wdf
[2010/11/04 07:41:56 | 000,001,035 | ---- | C] () -- C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk
[2010/11/04 01:49:49 | 3054,931,968 | -HS- | C] () -- C:\hiberfil.sys
[2010/11/04 00:49:52 | 000,149,773 | ---- | C] () -- C:\Windows\SysNative\drivers\klin.dat
[2010/11/04 00:49:52 | 000,106,765 | ---- | C] () -- C:\Windows\SysNative\drivers\klick.dat
[2010/11/04 00:11:55 | 000,001,270 | ---- | C] () -- C:\Users\Kevin\Desktop\Revo Uninstaller.lnk
[2010/11/04 00:08:44 | 000,001,969 | ---- | C] () -- C:\Users\Kevin\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/11/04 00:03:58 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2010/11/04 00:02:33 | 000,001,443 | ---- | C] () -- C:\Users\Kevin\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/11/03 23:52:03 | 000,000,290 | ---- | C] () -- C:\Users\Kevin\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2010/11/03 23:52:03 | 000,000,272 | ---- | C] () -- C:\Users\Kevin\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010/08/11 19:15:13 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2010/08/11 19:14:55 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[2010/04/29 19:42:23 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010/04/29 19:42:23 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010/02/09 01:07:38 | 000,000,269 | ---- | C] () -- C:\Windows\OOBEPlayer.ini
[2009/07/28 23:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009/07/13 17:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 15:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008/12/01 19:32:32 | 000,362,029 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll

< End of report >

OTL Extras logfile created on: 11/8/2010 7:28:01 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Kevin\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 64.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 576.64 Gb Total Space | 533.52 Gb Free Space | 92.52% Space Free | Partition Type: NTFS

Computer Name: KEVIN-PC | User Name: Kevin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3891854576-2668885147-1037204798-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{1A8BA6CE-822D-4888-89E2-ACBF4308F271}" = Intel® PROSet/Wireless WiFi Software
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel® Turbo Boost Technology Monitor
"{48B0F24F-B828-4B1A-A22E-C65454B32A7A}" = Windows Live Family Safety
"{4F26C164-9373-4974-8F43-E0F2176AF937}" = Intel WiMAX Tutorial
"{6548B189-BEA4-4041-80E0-AEB60548E046}" = Intel® PROSet/Wireless WiMAX Software
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}" = ASUS Power4Gear Hybrid
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{C298FF86-AB23-4B58-AC53-A23383C07B3A}" = Intel® Wireless Display
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}" = SRS Premium Sound Control Panel
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FBBC4667-2521-4E78-B1BD-8706F774549B}" = Best Buy pc app
"CCleaner" = CCleaner
"Elantech" = ETDWare PS/2-x64 7.0.5.11_WHQL
"Lexmark 3500-4500 Series" = Lexmark 3500-4500 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"ProInst" = Intel PROSet Wireless
"USB 2.0 VGA UVC WebCam" = USB 2.0 VGA UVC WebCam

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}" = Windows Live Call
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{299CF645-48C7-4FA1-8BCD-5CE200CF180D}" = Microsoft Search Enhancement Pack
"{2B4C7E1E-E446-4740-ADB5-9842E742EE8A}" = Windows Live Toolbar
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.0
"{B5A5627C-0173-4DB2-ADA8-740479370F67}" = Express Gate
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{D9D754A1-EAC5-406C-A28B-C49B1E846711}" = Windows Live Essentials
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F73A5B18-EB75-4B2C-B32D-9457576E2417}" = Windows Live Photo Gallery
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}" = Windows Live Sync
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"ASUS_Screensaver" = ASUS_Screensaver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader
"InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"IObit Security 360_is1" = IObit Security 360
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"PdaNet_is1" = PdaNet for Android 2.45
"Revo Uninstaller" = Revo Uninstaller 1.90
"WinLiveSuite_Wave3" = Windows Live Essentials

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/4/2010 2:12:14 AM | Computer Name = Kevin-PC | Source = System Restore | ID = 8193
Description =

Error - 11/4/2010 2:12:14 AM | Computer Name = Kevin-PC | Source = System Restore | ID = 8193
Description =

Error - 11/4/2010 2:12:52 AM | Computer Name = Kevin-PC | Source = System Restore | ID = 8193
Description =

Error - 11/4/2010 2:13:48 AM | Computer Name = Kevin-PC | Source = System Restore | ID = 8193
Description =

Error - 11/4/2010 2:14:05 AM | Computer Name = Kevin-PC | Source = System Restore | ID = 8193
Description =

Error - 11/4/2010 2:14:21 AM | Computer Name = Kevin-PC | Source = System Restore | ID = 8193
Description =

Error - 11/4/2010 2:14:35 AM | Computer Name = Kevin-PC | Source = System Restore | ID = 8193
Description =

Error - 11/4/2010 2:14:37 AM | Computer Name = Kevin-PC | Source = System Restore | ID = 8193
Description =

Error - 11/4/2010 2:15:49 AM | Computer Name = Kevin-PC | Source = System Restore | ID = 8193
Description =

Error - 11/4/2010 2:45:36 AM | Computer Name = Kevin-PC | Source = MsiInstaller | ID = 11935
Description =

[ System Events ]
Error - 11/4/2010 2:45:51 AM | Computer Name = Kevin-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Security Update for Microsoft Visual C++ 2008 Redistributable
Package (KB973924).

Error - 11/4/2010 2:54:31 AM | Computer Name = Kevin-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB981852).

Error - 11/4/2010 2:54:31 AM | Computer Name = Kevin-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x800f0902: Microsoft .NET Framework 3.5 SP1 Security Update for Windows
7 and Windows Server 2008 R2 for x64-based Systems (KB979916).

Error - 11/4/2010 2:54:31 AM | Computer Name = Kevin-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x800f0902: Cumulative Update for Media Center for Windows 7 x64-based
Systems (KB2284742).

Error - 11/4/2010 2:54:31 AM | Computer Name = Kevin-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB978542).

Error - 11/4/2010 2:54:31 AM | Computer Name = Kevin-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB2286198).

Error - 11/4/2010 2:54:31 AM | Computer Name = Kevin-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB979688).

Error - 11/4/2010 2:54:31 AM | Computer Name = Kevin-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB979687).

Error - 11/4/2010 2:54:32 AM | Computer Name = Kevin-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB982132).


< End of report >
  • 0

#5
Dakeyras
Posted 08 November 2010 - 10:33 PM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :D

My computer is still freezing-up, booting slowly and will not shut down unless I press the power button now. Also, I can not use Firefox anymore.

OK and thanks for the update. We will address the FireFox issue in due course.

Question:

Do you have a Windows 7 64bit DVD at all?(One should have been part of the package when you purchased your machine unless it is a OEM installation.)

Next:

I see you have some IObit software installed, the aforementioned have a unsaveoury reputation. Plus the use of any form of registry related cleaning applications will prove to be of limited benefit, actually cause more harm and the strong possibility they can render a machine little more than a expensive door-stop.

Now please go to Start(Windows 7 Orb) >> Control Panel >> Programs and Features and remove the following (if present):

Advanced SystemCare 3
IObit Security 360
SUPERAntiSpyware <-- This will hinder the malware removal process, you may reinstall when I give the all clear.

To do so click once on each of the above and click on Uninstall/Change and follow the prompts.

Scan with MBRCheck:

Please download MBRCheck.exe and save to your desktop.

Alternative Download is here.

  • Right-click on MBRCheck.exe and select Run as Administrator.
  • A window similar to this should open on your desktop:-
Posted Image

  • If you are prompted with options, enter N at the prompt and press Enter .
  • Press Enter again.
  • A log will open on your Desktop ...... MBRCheck_mm.dd.yy_hh.mm.ss.txt (where mm.dd.yy_hh.mm.ss are the date and time the scan was run).
  • Please post the contents of the log in your next reply.
When completed the above, please post back the following in the order asked for:

  • Answer to my Windows 7 64bit DVD query.
  • MBRCheck Log.
  • A new OTL Log.

  • 0

#6
KLK0274
Posted 09 November 2010 - 02:10 AM

KLK0274

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
A Windows Installation 64 bit installation disk did not come with my computer (much to my surprise). I called Best Buy (where I purchased the laptop), and they informed me they come from the manufacturer with Windows software installed.
  • 0

#7
KLK0274
Posted 09 November 2010 - 02:14 AM

KLK0274

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
I removed all the programs as you requested(i.e. Advanced System Pro, IObit Security and SAS).
  • 0

#8
KLK0274
Posted 09 November 2010 - 02:22 AM

KLK0274

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
MBR scan to follow:

Scan was run at _11.09.2.17.00

MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: (build 7600), 64-bit
Base Board Manufacturer: ASUSTeK Computer Inc.
BIOS Manufacturer: American Megatrends Inc.
System Manufacturer: ASUSTeK Computer Inc.
System Product Name: U52F
Logical Drives Mask: 0x00000014

Kernel Drivers (total 198):
0x02E18000 \SystemRoot\system32\ntoskrnl.exe
0x033F4000 \SystemRoot\system32\hal.dll
0x00BB6000 \SystemRoot\system32\kdcom.dll
0x00CC3000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00D07000 \SystemRoot\system32\PSHED.dll
0x00D1B000 \SystemRoot\system32\CLFS.SYS
0x00C00000 \SystemRoot\system32\CI.dll
0x00E21000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00EC5000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00ED4000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x00F2B000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x00F34000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x00F3E000 \SystemRoot\system32\DRIVERS\pci.sys
0x00F71000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x00F7E000 \SystemRoot\System32\drivers\partmgr.sys
0x00F93000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00F9C000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00FA8000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x00D79000 \SystemRoot\System32\drivers\volmgrx.sys
0x00FBD000 \SystemRoot\system32\drivers\pciide.sys
0x00FC4000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x00FD4000 \SystemRoot\System32\drivers\mountmgr.sys
0x0100D000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x01129000 \SystemRoot\system32\DRIVERS\atapi.sys
0x01132000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x0115C000 \SystemRoot\system32\DRIVERS\msahci.sys
0x01167000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x01172000 \SystemRoot\system32\drivers\fltmgr.sys
0x011BE000 \SystemRoot\system32\drivers\fileinfo.sys
0x01230000 \SystemRoot\System32\Drivers\Ntfs.sys
0x014A3000 \SystemRoot\System32\Drivers\msrpc.sys
0x01501000 \SystemRoot\System32\Drivers\ksecdd.sys
0x0151B000 \SystemRoot\System32\Drivers\cng.sys
0x0158E000 \SystemRoot\System32\drivers\pcw.sys
0x0159F000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x016B0000 \SystemRoot\system32\drivers\ndis.sys
0x01600000 \SystemRoot\system32\drivers\NETIO.SYS
0x01660000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x01802000 \SystemRoot\System32\drivers\tcpip.sys
0x017A2000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x015A9000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x017EC000 \SystemRoot\System32\Drivers\spldr.sys
0x01400000 \SystemRoot\System32\drivers\rdyboost.sys
0x0168B000 \SystemRoot\System32\Drivers\mup.sys
0x01A78000 \SystemRoot\system32\DRIVERS\kl1.sys
0x021D7000 \SystemRoot\System32\drivers\hwpolicy.sys
0x01A00000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x01A3A000 \SystemRoot\system32\DRIVERS\disk.sys
0x0143A000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x0146A000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x03438000 \SystemRoot\system32\DRIVERS\klif.sys
0x034CE000 \SystemRoot\System32\Drivers\Null.SYS
0x034D7000 \SystemRoot\System32\Drivers\Beep.SYS
0x034DE000 \SystemRoot\System32\drivers\vga.sys
0x034EC000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x03511000 \SystemRoot\System32\drivers\watchdog.sys
0x03521000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x0352A000 \SystemRoot\system32\drivers\rdpencdd.sys
0x03533000 \SystemRoot\system32\drivers\rdprefmp.sys
0x0353C000 \SystemRoot\System32\Drivers\Msfs.SYS
0x03547000 \SystemRoot\System32\Drivers\Npfs.SYS
0x03558000 \SystemRoot\system32\DRIVERS\tdx.sys
0x03576000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x03583000 \SystemRoot\system32\DRIVERS\kl2.sys
0x048D1000 \SystemRoot\system32\drivers\afd.sys
0x0495B000 \SystemRoot\System32\DRIVERS\netbt.sys
0x049A0000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x049A9000 \SystemRoot\system32\DRIVERS\pacer.sys
0x049CF000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x049E5000 \SystemRoot\system32\DRIVERS\klim6.sys
0x049EE000 \SystemRoot\system32\DRIVERS\netbios.sys
0x04800000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x0481B000 \SystemRoot\system32\DRIVERS\termdd.sys
0x0482F000 \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
0x04839000 \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
0x04843000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x04894000 \SystemRoot\system32\drivers\nsiproxy.sys
0x048A0000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x048AB000 \SystemRoot\System32\drivers\discache.sys
0x0358A000 \SystemRoot\System32\Drivers\dfsc.sys
0x048BA000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x035A8000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x050E9000 \SystemRoot\system32\DRIVERS\igdkmd64.sys
0x05B08000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x05000000 \SystemRoot\System32\drivers\dxgmms1.sys
0x05046000 \SystemRoot\system32\DRIVERS\HECIx64.sys
0x05057000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x05068000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x050BE000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x05E53000 \SystemRoot\system32\DRIVERS\NETw5s64.sys
0x065B3000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x065C0000 \SystemRoot\system32\DRIVERS\L1C62x64.sys
0x065D5000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x05E00000 \SystemRoot\system32\DRIVERS\ETD.sys
0x05E25000 \SystemRoot\system32\DRIVERS\klmouflt.sys
0x05E2F000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x05E3E000 \SystemRoot\system32\DRIVERS\kbfiltr.sys
0x035CE000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x03400000 \SystemRoot\system32\DRIVERS\Impcd.sys
0x05E46000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x035DD000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x05E4B000 \SystemRoot\system32\DRIVERS\ATK64AMD.sys
0x03427000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x01A5E000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x013D3000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x065F3000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x01200000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x021E0000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x011D2000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x00E00000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x035F3000 \SystemRoot\system32\DRIVERS\pneteth.sys
0x050E2000 \SystemRoot\system32\DRIVERS\swenum.sys
0x04AB0000 \SystemRoot\system32\DRIVERS\ks.sys
0x04AF3000 \SystemRoot\system32\DRIVERS\umbus.sys
0x04B05000 \SystemRoot\system32\DRIVERS\WDKMD.sys
0x04B15000 \SystemRoot\system32\DRIVERS\bpenum.sys
0x04B4C000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x04BA6000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x07A28000 \SystemRoot\system32\drivers\RTKVHD64.sys
0x07C69000 \SystemRoot\system32\drivers\portcls.sys
0x07CA6000 \SystemRoot\system32\drivers\drmk.sys
0x07CC8000 \SystemRoot\system32\drivers\ksthunk.sys
0x07CCE000 \SystemRoot\system32\DRIVERS\IntcDAud.sys
0x00060000 \SystemRoot\System32\win32k.sys
0x07D15000 \SystemRoot\System32\drivers\Dxapi.sys
0x07D2F000 \SystemRoot\system32\DRIVERS\monitor.sys
0x07D3D000 \SystemRoot\System32\Drivers\bpusb.sys
0x07D57000 \SystemRoot\system32\DRIVERS\bpmp.sys
0x005F0000 \SystemRoot\System32\TSDDD.dll
0x006E0000 \SystemRoot\System32\cdd.dll
0x07D89000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x07DA6000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x02A30000 \SystemRoot\system32\DRIVERS\snp2uvc.sys
0x02BE8000 \SystemRoot\system32\DRIVERS\STREAM.SYS
0x02A00000 \SystemRoot\system32\DRIVERS\sncduvc.SYS
0x02A09000 \SystemRoot\system32\drivers\luafv.sys
0x07DA8000 \SystemRoot\system32\drivers\WudfPf.sys
0x07DC9000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x04A00000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x07DDE000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x07A00000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x02BF9000 \SystemRoot\system32\DRIVERS\TurboB.sys
0x07A18000 \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
0x044D2000 \SystemRoot\system32\drivers\HTTP.sys
0x0459A000 \SystemRoot\system32\DRIVERS\bowser.sys
0x045B8000 \SystemRoot\System32\drivers\mpsdrv.sys
0x045D0000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x04400000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x0444E000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x07835000 \SystemRoot\system32\drivers\peauth.sys
0x078DB000 \SystemRoot\System32\Drivers\secdrv.SYS
0x078E6000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x07913000 \SystemRoot\System32\drivers\tcpipreg.sys
0x07925000 \SystemRoot\System32\DRIVERS\srv2.sys
0x0803D000 \SystemRoot\System32\DRIVERS\srv.sys
0x080D3000 \SystemRoot\system32\DRIVERS\vwifimp.sys
0x080DD000 \SystemRoot\System32\Drivers\fastfat.SYS
0x08113000 \??\C:\Windows\system32\drivers\mbam.sys
0x77020000 \Windows\System32\ntdll.dll
0x480A0000 \Windows\System32\smss.exe
0xFF340000 \Windows\System32\apisetschema.dll
0xFFF60000 \Windows\System32\autochk.exe
0xFF1B0000 \Windows\System32\urlmon.dll
0x76F00000 \Windows\System32\kernel32.dll
0xFF110000 \Windows\System32\comdlg32.dll
0xFF0C0000 \Windows\System32\ws2_32.dll
0xFF0A0000 \Windows\System32\sechost.dll
0xFEFC0000 \Windows\System32\oleaut32.dll
0xFEDE0000 \Windows\System32\setupapi.dll
0xFEB80000 \Windows\System32\iertutil.dll
0xFEB70000 \Windows\System32\nsi.dll
0xFEA40000 \Windows\System32\wininet.dll
0xFEA20000 \Windows\System32\imagehlp.dll
0xFE810000 \Windows\System32\ole32.dll
0xFE6E0000 \Windows\System32\rpcrt4.dll
0xFE640000 \Windows\System32\clbcatq.dll
0x771F0000 \Windows\System32\normaliz.dll
0xFE610000 \Windows\System32\imm32.dll
0x76E00000 \Windows\System32\user32.dll
0xFE600000 \Windows\System32\lpk.dll
0xFE580000 \Windows\System32\difxapi.dll
0xFE4A0000 \Windows\System32\advapi32.dll
0xFE3D0000 \Windows\System32\usp10.dll
0xFE330000 \Windows\System32\msvcrt.dll
0xFE2C0000 \Windows\System32\gdi32.dll
0xFD530000 \Windows\System32\shell32.dll
0xFD4E0000 \Windows\System32\Wldap32.dll
0x771E0000 \Windows\System32\psapi.dll
0xFD460000 \Windows\System32\shlwapi.dll
0xFD350000 \Windows\System32\msctf.dll
0xFD2E0000 \Windows\System32\KernelBase.dll
0xFD170000 \Windows\System32\crypt32.dll
0xFD130000 \Windows\System32\cfgmgr32.dll
0xFD0F0000 \Windows\System32\wintrust.dll
0xFD050000 \Windows\System32\comctl32.dll
0xFD030000 \Windows\System32\devobj.dll
0xFD020000 \Windows\System32\msasn1.dll
0x771D0000 \Windows\SysWOW64\normaliz.dll

Processes (total 86):
0 System Idle Process
4 System
372 C:\Windows\System32\smss.exe
492 csrss.exe
552 C:\Windows\System32\wininit.exe
572 csrss.exe
616 C:\Windows\System32\services.exe
640 C:\Windows\System32\lsass.exe
648 C:\Windows\System32\lsm.exe
772 C:\Windows\System32\svchost.exe
864 C:\Windows\System32\svchost.exe
912 C:\Windows\System32\winlogon.exe
980 C:\Windows\System32\svchost.exe
124 C:\Windows\System32\svchost.exe
412 C:\Windows\System32\svchost.exe
1056 C:\Windows\System32\svchost.exe
1164 C:\Windows\System32\svchost.exe
1304 C:\Windows\System32\wlanext.exe
1312 C:\Windows\System32\conhost.exe
1332 C:\Windows\System32\FBAgent.exe
1388 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
1496 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
1656 C:\Windows\System32\spoolsv.exe
1696 C:\Windows\System32\svchost.exe
1868 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
2000 C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
504 C:\Windows\System32\lxdicoms.exe
2068 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
2100 C:\Windows\System32\svchost.exe
2276 C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
2368 C:\Program Files\Intel\WiFi\bin\EvtEng.exe
2436 C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
2640 unsecapp.exe
2724 WmiPrvSE.exe
672 C:\Windows\System32\svchost.exe
2080 C:\Windows\System32\taskhost.exe
2592 C:\Windows\System32\taskeng.exe
3080 C:\Windows\System32\dwm.exe
3124 C:\Windows\explorer.exe
3368 C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
3380 C:\Program Files\P4G\BatteryLife.exe
3392 C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
3404 C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
3412 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
3528 WmiPrvSE.exe
3752 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
3944 C:\Program Files\Elantech\ETDCtrl.exe
3956 C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
3964 C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
4052 C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe
3092 C:\Windows\SysWOW64\ACEngSvr.exe
3592 C:\Windows\System32\igfxtray.exe
436 C:\Windows\System32\hkcmd.exe
3652 C:\Windows\System32\igfxpers.exe
3696 C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdimon.exe
3836 C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdiamon.exe
3936 C:\Program Files\Windows Sidebar\sidebar.exe
1372 C:\Program Files\Elantech\ETDCtrlHelper.exe
3300 C:\Windows\System32\wbem\unsecapp.exe
1132 C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
2300 C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
3292 C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
3684 C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
3444 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
2360 C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
3448 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
3456 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
4424 C:\Program Files (x86)\ASUS\Wireless Console 3\WimaxConsole.exe
4728 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
4356 C:\Program Files\Intel\TurboBoost\TurboBoost.exe
4744 C:\Windows\System32\svchost.exe
4952 C:\Windows\AsScrPro.exe
4568 C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
3612 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
3920 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
508 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
4296 C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
2432 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
5376 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
2296 C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
3664 C:\Windows\System32\audiodg.exe
5460 dllhost.exe
5384 dllhost.exe
5804 C:\Users\Kevin\Downloads\MBRCheck.exe
5272 C:\Windows\System32\conhost.exe
5176 C:\Windows\System32\dllhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000004`e22cf000 (NTFS)

PhysicalDrive0 Model Number: ST9640320AS, Rev: 0002SDM1

Size Device Name MBR Status
--------------------------------------------
596 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79


Done!
  • 0

#9
Dakeyras
Posted 09 November 2010 - 04:46 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. ;)

A Windows Installation 64 bit installation disk did not come with my computer (much to my surprise). I called Best Buy (where I purchased the laptop), and they informed me they come from the manufacturer with Windows software installed.

Most unfortunate as there is indication we may require the installation DVD to perform some repairs, why some resellers do not provide the DVD is beyond me and sheer negligence as far as I am concerned. Anyway in the meantime I would register your ASUS machine here and enquire about a DVD being provided.

Could you borrow a Windows 7 64bit DVD from a friend maybe?

I removed all the programs as you requested(i.e. Advanced System Pro, IObit Security and SAS).

:D

Next:

Do provide a new OTL log for my review please as follows before we proceed any further:-

Right-click on OTL.exe and select Run as Administrator to start OTL >> Click on Run Scan at the top left hand corner.

Next:

  • Please download this tool from Microsoft and save it to the Desktop.
  • Right-click on MGADiag.exe and select Run as Administrator to run it.
  • Click Continue.
  • The program will run. It takes a while to finish the diagnosis, please be patient.
  • Once done, click on Copy.
  • Open Notepad and paste the contents in. Save this file and post it in your next reply.

  • 0

#10
KLK0274
Posted 09 November 2010 - 08:41 PM

KLK0274

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
Posted below is OTL log:

OTL logfile created on: 11/9/2010 8:34:49 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Kevin\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 65.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 576.64 Gb Total Space | 552.89 Gb Free Space | 95.88% Space Free | Partition Type: NTFS

Computer Name: KEVIN-PC | User Name: Kevin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Kevin\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\Kevin\Desktop\MGADiag.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
PRC - C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe (asus)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
PRC - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe (ASUS)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10c.exe (Adobe Systems, Inc.)
PRC - C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ()


========== Modules (SafeList) ==========

MOD - C:\Users\Kevin\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV:64bit: - (WiMAXAppSrv) -- C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe (Intel® Corporation)
SRV:64bit: - (DMAgent) -- C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe (Red Bend Ltd.)
SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel® Corporation)
SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation)
SRV:64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.)
SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel® Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (UNS) Intel® -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel® -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (wdkmd) -- C:\Windows\SysNative\drivers\WDKMD.sys (Intel Corporation)
DRV:64bit: - (kl2) -- C:\Windows\SysNative\drivers\kl2.sys (Kaspersky Lab ZAO)
DRV:64bit: - (KL1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV:64bit: - (bpmp) Intel® Centrino® -- C:\Windows\SysNative\drivers\bpmp.sys (Intel Corporation)
DRV:64bit: - (bpusb) -- C:\Windows\SysNative\drivers\bpusb.sys (Intel Corporation)
DRV:64bit: - (bpenum) -- C:\Windows\SysNative\drivers\bpenum.sys (Intel Corporation)
DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronic Corp.)
DRV:64bit: - (NETw5s64) Intel® -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) Intel® -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)
DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab)
DRV:64bit: - (HECIx64) Intel® -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys ()
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\SysNative\drivers\snp2uvc.sys ()
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ATK64AMD.sys (ASUS)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3891854576-2668885147-1037204798-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-3891854576-2668885147-1037204798-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKU\S-1-5-21-3891854576-2668885147-1037204798-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/11/09 20:14:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/11/09 20:14:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\THBExt [2010/11/09 10:03:35 | 000,000,000 | ---D | M]

[2010/11/09 20:14:39 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\Mozilla\Extensions
[2010/11/09 20:14:39 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\gbbm3xhk.default\extensions
[2010/11/09 20:14:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions

O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [IntelWirelessWiMAX] C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-3891854576-2668885147-1037204798-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O8:64bit: - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()
O9:64bit: - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\kloehk.dll (Kaspersky Lab ZAO)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\sbhook64.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\mzvkbd3.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\sbhook.dll (Kaspersky Lab ZAO)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\klogon: DllName - Reg Error: Key error. - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/11/09 20:33:14 | 000,000,000 | ---D | C] -- C:\Users\Kevin\Desktop\New folder
[2010/11/09 20:32:12 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Kevin\Desktop\OTL.exe
[2010/11/09 20:26:26 | 000,000,000 | ---D | C] -- C:\MGADiagToolOutput
[2010/11/09 20:23:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2010/11/09 20:22:56 | 002,031,992 | ---- | C] (Microsoft Corporation) -- C:\Users\Kevin\Desktop\MGADiag.exe
[2010/11/09 20:14:32 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Mozilla
[2010/11/09 20:14:32 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\Mozilla
[2010/11/09 20:14:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010/11/09 13:38:56 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2010/11/09 13:38:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2010/11/09 13:33:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2010/11/09 13:31:12 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2010/11/09 13:31:12 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2010/11/09 13:31:11 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll
[2010/11/09 13:31:11 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2010/11/09 13:31:11 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2010/11/09 13:31:11 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2010/11/09 13:31:11 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2010/11/09 13:31:09 | 001,736,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2010/11/09 13:31:08 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2010/11/09 13:31:08 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2010/11/09 13:22:00 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Macromedia
[2010/11/09 13:21:26 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Adobe
[2010/11/09 11:14:40 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2010/11/09 11:14:40 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2010/11/09 11:14:40 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2010/11/09 11:14:40 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2010/11/09 11:14:40 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2010/11/09 11:14:40 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2010/11/09 11:14:40 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2010/11/09 11:14:40 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2010/11/09 11:11:31 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2010/11/09 11:11:31 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2010/11/09 11:11:20 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2010/11/09 11:11:18 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2010/11/09 11:11:18 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2010/11/09 11:11:17 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2010/11/09 11:11:09 | 000,702,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2010/11/09 11:11:08 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2010/11/09 11:11:08 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010/11/09 11:11:08 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010/11/09 11:11:08 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010/11/09 11:11:08 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010/11/09 11:11:08 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2010/11/09 11:11:08 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2010/11/09 11:11:08 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2010/11/09 11:11:08 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2010/11/09 11:11:07 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2010/11/09 11:11:07 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2010/11/09 11:11:07 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010/11/09 11:11:07 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010/11/09 11:11:06 | 005,507,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010/11/09 11:11:04 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2010/11/09 11:11:04 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2010/11/09 11:11:04 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2010/11/09 11:11:03 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2010/11/09 11:11:03 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2010/11/09 11:11:03 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2010/11/09 11:11:03 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[2010/11/09 11:10:14 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2010/11/09 11:10:13 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2010/11/09 11:10:12 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2010/11/09 11:10:12 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2010/11/09 11:10:12 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2010/11/09 11:10:12 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2010/11/09 11:10:11 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2010/11/09 11:06:46 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\Best Buy pc app
[2010/11/09 10:03:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010/11/09 10:03:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2010/11/09 10:03:19 | 000,556,120 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2010/11/09 09:52:51 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/11/09 09:04:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2010/11/09 09:00:32 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Intel
[2010/11/09 09:00:24 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\SRS Labs
[2010/11/09 09:00:24 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\Deployment
[2010/11/09 09:00:24 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\Apps
[2010/11/09 09:00:05 | 000,000,000 | R--D | C] -- C:\Users\Kevin\Searches
[2010/11/09 08:59:58 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Identities
[2010/11/09 08:59:52 | 000,000,000 | R--D | C] -- C:\Users\Kevin\Contacts
[2010/11/09 08:58:32 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\Power2Go
[2010/11/09 08:58:29 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\VirtualStore
[2010/11/09 08:58:26 | 000,000,000 | -H-D | C] -- C:\Users\Kevin\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2010/11/09 08:58:04 | 000,000,000 | --SD | C] -- C:\Users\Kevin\AppData\Roaming\Microsoft
[2010/11/09 08:58:04 | 000,000,000 | R--D | C] -- C:\Users\Kevin\Videos
[2010/11/09 08:58:04 | 000,000,000 | R--D | C] -- C:\Users\Kevin\Saved Games
[2010/11/09 08:58:04 | 000,000,000 | R--D | C] -- C:\Users\Kevin\Pictures
[2010/11/09 08:58:04 | 000,000,000 | R--D | C] -- C:\Users\Kevin\Music
[2010/11/09 08:58:04 | 000,000,000 | R--D | C] -- C:\Users\Kevin\Links
[2010/11/09 08:58:04 | 000,000,000 | R--D | C] -- C:\Users\Kevin\Favorites
[2010/11/09 08:58:04 | 000,000,000 | R--D | C] -- C:\Users\Kevin\Downloads
[2010/11/09 08:58:04 | 000,000,000 | R--D | C] -- C:\Users\Kevin\My Documents
[2010/11/09 08:58:04 | 000,000,000 | R--D | C] -- C:\Users\Kevin\Desktop
[2010/11/09 08:58:04 | 000,000,000 | -HSD | C] -- C:\Users\Kevin\AppData\Local\Temporary Internet Files
[2010/11/09 08:58:04 | 000,000,000 | -HSD | C] -- C:\Users\Kevin\Templates
[2010/11/09 08:58:04 | 000,000,000 | -HSD | C] -- C:\Users\Kevin\Start Menu
[2010/11/09 08:58:04 | 000,000,000 | -HSD | C] -- C:\Users\Kevin\SendTo
[2010/11/09 08:58:04 | 000,000,000 | -HSD | C] -- C:\Users\Kevin\Recent
[2010/11/09 08:58:04 | 000,000,000 | -HSD | C] -- C:\Users\Kevin\PrintHood
[2010/11/09 08:58:04 | 000,000,000 | -HSD | C] -- C:\Users\Kevin\NetHood
[2010/11/09 08:58:04 | 000,000,000 | -HSD | C] -- C:\Users\Kevin\Documents\My Videos
[2010/11/09 08:58:04 | 000,000,000 | -HSD | C] -- C:\Users\Kevin\Documents\My Pictures
[2010/11/09 08:58:04 | 000,000,000 | -HSD | C] -- C:\Users\Kevin\Documents\My Music
[2010/11/09 08:58:04 | 000,000,000 | -HSD | C] -- C:\Users\Kevin\My Documents
[2010/11/09 08:58:04 | 000,000,000 | -HSD | C] -- C:\Users\Kevin\Local Settings
[2010/11/09 08:58:04 | 000,000,000 | -HSD | C] -- C:\Users\Kevin\AppData\Local\History
[2010/11/09 08:58:04 | 000,000,000 | -HSD | C] -- C:\Users\Kevin\Cookies
[2010/11/09 08:58:04 | 000,000,000 | -HSD | C] -- C:\Users\Kevin\Application Data
[2010/11/09 08:58:04 | 000,000,000 | -HSD | C] -- C:\Users\Kevin\AppData\Local\Application Data
[2010/11/09 08:58:04 | 000,000,000 | -H-D | C] -- C:\Users\Kevin\AppData
[2010/11/09 08:58:04 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\Temp
[2010/11/09 08:58:04 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\Microsoft
[2010/11/09 08:58:04 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Media Center Programs
[2010/11/09 02:12:13 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0

========== Files - Modified Within 30 Days ==========

[2010/11/09 20:34:54 | 000,015,904 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/11/09 20:34:54 | 000,015,904 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/11/09 20:32:12 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Kevin\Desktop\OTL.exe
[2010/11/09 20:22:56 | 002,031,992 | ---- | M] (Microsoft Corporation) -- C:\Users\Kevin\Desktop\MGADiag.exe
[2010/11/09 20:14:30 | 000,001,969 | ---- | M] () -- C:\Users\Kevin\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/11/09 20:14:30 | 000,001,945 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/11/09 20:10:05 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/11/09 20:10:05 | 000,624,178 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/11/09 20:10:05 | 000,106,522 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/11/09 20:05:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/11/09 20:05:23 | 3054,931,968 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/09 11:19:46 | 000,274,320 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/11/09 11:06:34 | 000,001,714 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2010/11/09 11:06:13 | 000,001,103 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2010/11/09 10:18:32 | 000,556,120 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2010/11/09 10:18:30 | 000,149,773 | ---- | M] () -- C:\Windows\SysNative\drivers\klin.dat
[2010/11/09 10:18:30 | 000,106,765 | ---- | M] () -- C:\Windows\SysNative\drivers\klick.dat
[2010/11/09 10:02:24 | 000,000,080 | ---- | M] () -- C:\Windows\SysNative\Defrag.ini
[2010/11/09 09:57:05 | 000,039,252 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2010/11/09 09:57:05 | 000,039,252 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2010/11/09 09:06:29 | 000,001,443 | ---- | M] () -- C:\Users\Kevin\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/11/09 08:59:59 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfud.bin
[2010/11/09 08:59:45 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfss.bin

========== Files Created - No Company Name ==========

[2010/11/09 20:14:30 | 000,001,969 | ---- | C] () -- C:\Users\Kevin\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/11/09 20:14:30 | 000,001,945 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/11/09 10:04:06 | 000,149,773 | ---- | C] () -- C:\Windows\SysNative\drivers\klin.dat
[2010/11/09 10:04:06 | 000,106,765 | ---- | C] () -- C:\Windows\SysNative\drivers\klick.dat
[2010/11/09 09:52:44 | 3054,931,968 | -HS- | C] () -- C:\hiberfil.sys
[2010/11/09 09:06:29 | 000,001,443 | ---- | C] () -- C:\Users\Kevin\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/11/09 08:58:04 | 000,000,290 | ---- | C] () -- C:\Users\Kevin\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2010/11/09 08:58:04 | 000,000,272 | ---- | C] () -- C:\Users\Kevin\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010/08/11 19:15:13 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2010/08/11 19:14:55 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[2010/04/29 19:42:23 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010/04/29 19:42:23 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010/02/09 01:07:38 | 000,000,269 | ---- | C] () -- C:\Windows\OOBEPlayer.ini
[2009/07/28 23:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009/07/13 17:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 15:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008/12/01 19:32:32 | 000,362,029 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll

< End of report >
  • 0

#11
KLK0274
Posted 09 November 2010 - 08:44 PM

KLK0274

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
OTL Extras logfile created on: 11/9/2010 8:34:49 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Kevin\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 65.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 576.64 Gb Total Space | 552.89 Gb Free Space | 95.88% Space Free | Partition Type: NTFS

Computer Name: KEVIN-PC | User Name: Kevin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3891854576-2668885147-1037204798-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{1A8BA6CE-822D-4888-89E2-ACBF4308F271}" = Intel® PROSet/Wireless WiFi Software
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel® Turbo Boost Technology Monitor
"{48B0F24F-B828-4B1A-A22E-C65454B32A7A}" = Windows Live Family Safety
"{4F26C164-9373-4974-8F43-E0F2176AF937}" = Intel WiMAX Tutorial
"{6548B189-BEA4-4041-80E0-AEB60548E046}" = Intel® PROSet/Wireless WiMAX Software
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}" = ASUS Power4Gear Hybrid
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{C298FF86-AB23-4B58-AC53-A23383C07B3A}" = Intel® Wireless Display
"{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}" = SRS Premium Sound Control Panel
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FBBC4667-2521-4E78-B1BD-8706F774549B}" = Best Buy pc app
"Elantech" = ETDWare PS/2-x64 7.0.5.11_WHQL
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"ProInst" = Intel PROSet Wireless
"USB 2.0 VGA UVC WebCam" = USB 2.0 VGA UVC WebCam

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}" = Windows Live Call
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{299CF645-48C7-4FA1-8BCD-5CE200CF180D}" = Microsoft Search Enhancement Pack
"{2B4C7E1E-E446-4740-ADB5-9842E742EE8A}" = Windows Live Toolbar
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI
"{B5A5627C-0173-4DB2-ADA8-740479370F67}" = Express Gate
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{D9D754A1-EAC5-406C-A28B-C49B1E846711}" = Windows Live Essentials
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F73A5B18-EB75-4B2C-B32D-9457576E2417}" = Windows Live Photo Gallery
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}" = Windows Live Sync
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ASUS_Screensaver" = ASUS_Screensaver
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader
"InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"WinLiveSuite_Wave3" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3891854576-2668885147-1037204798-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"48e4cff94f039634" = Best Buy pc app

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/9/2010 12:03:16 PM | Computer Name = Kevin-PC | Source = System Restore | ID = 8193
Description =

Error - 11/9/2010 12:03:19 PM | Computer Name = Kevin-PC | Source = System Restore | ID = 8193
Description =

Error - 11/9/2010 1:07:54 PM | Computer Name = Kevin-PC | Source = Best Buy pc app | ID = 0
Description =

Error - 11/9/2010 1:11:37 PM | Computer Name = Kevin-PC | Source = System Restore | ID = 8193
Description =

Error - 11/9/2010 1:11:37 PM | Computer Name = Kevin-PC | Source = System Restore | ID = 8193
Description =

Error - 11/9/2010 1:15:53 PM | Computer Name = Kevin-PC | Source = System Restore | ID = 8193
Description =

Error - 11/9/2010 1:15:56 PM | Computer Name = Kevin-PC | Source = System Restore | ID = 8193
Description =

Error - 11/9/2010 3:32:52 PM | Computer Name = Kevin-PC | Source = System Restore | ID = 8193
Description =

Error - 11/9/2010 3:32:52 PM | Computer Name = Kevin-PC | Source = System Restore | ID = 8193
Description =

Error - 11/9/2010 3:43:51 PM | Computer Name = Kevin-PC | Source = System Restore | ID = 8193
Description =


< End of report >
  • 0

#12
KLK0274
Posted 09 November 2010 - 08:45 PM

KLK0274

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
I ran MGADIAG.EXE and could not post to a pad. Any suggestions?
  • 0

#13
Dakeyras
Posted 09 November 2010 - 10:07 PM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :D

I ran MGADIAG.EXE and could not post to a pad. Any suggestions?

Merely run the scan again then rather than saving to a notepad file after depressing the Copy tab, post the contents back in this topic etc.
  • 0

#14
Dakeyras
Posted 14 November 2010 - 04:44 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP