Jump to content

mh2286

Members
 View Profile  See their activity

  • Posts

    9

  • Joined

  • Last visited

Reputation

0 Neutral
  1. mh2286
    yes
  2. mh2286
    *log* It does seem to be running better now though. It hasn't blue screened for a while. Do you know how or from where I might have got this virus? Thanks.
  3. mh2286
    nothing seems to happen - a command line box flashed up then disappears instantly - there is no long or anything
  4. mh2286
    win32kdiag file is too big so I have put it in an attachment. Win32kDiag.txt
  5. mh2286
    ComboFix 10-08-05.06 - Matt 08/06/2010 13:02:07.1.2 - x86 Microsoft
  6. mh2286
    GMER 1.0.15.15281 - http://www.gmer.net Rootkit scan 2010-08-05 21:24:26 Windows 6.0.6002 Service Pack 2 Running: cwz70yj4.exe; Driver: C:\Users\Matt\AppData\Local\Temp\pxryquog.sys ---- Kernel code sections - GMER 1.0.15 ---- .text ntkrnlpa.exe!KeSetEvent + 209 83CE796C 8 Bytes [D6, 42, A1, 89, C8, 44, A1, ...] .text ntkrnlpa.exe!KeSetEvent + 621 83CE7D84 4 Bytes [44, 3F, A1, 89] .text ntkrnlpa.exe!KeSetEvent + 6E5 83CE7E48 4 Bytes [D0, 46, A1, 89] ? System32\Drivers\spjr.sys The system cannot find the path specified. ! .text C:\Windows\system32\DRIVERS\tos_sps32.sys section is writeable [0x89D98000, 0x4036D, 0xE8000020] .dsrt C:\Windows\system32\DRIVERS\tos_sps32.sys unknown last section [0x89DE1000, 0x510, 0x40000040] .text USBPORT.SYS!DllUnload 89F5441B 5 Bytes JMP 879721D8 ? win32k.sys:1 The system cannot find the file specified. ! ? win32k.sys:2 The system cannot find the file specified. ! ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\Spyware Doctor\pctsSvc.exe[1028] kernel32.dll!CreateThread + 1A 75D4C928 4 Bytes CALL 0044BC05 C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools Security Service/PC Tools) .text C:\Program Files\Spyware Doctor\pctsSvc.exe[1028] GDI32.dll!GetObjectA + C5 76518726 7 Bytes CALL 35672DDE \\?\globalroot\Device\__max++>\690A0984.x86.dll .text C:\Program Files\Spyware Doctor\pctsSvc.exe[1028] GDI32.dll!GdiIsPlayMetafileDC + D4 76520D68 7 Bytes CALL 35672DC2 \\?\globalroot\Device\__max++>\690A0984.x86.dll .text C:\Program Files\Spyware Doctor\pctsSvc.exe[1028] USER32.dll!GetParent + 11F 75BE91C9 7 Bytes CALL 35672D96 \\?\globalroot\Device\__max++>\690A0984.x86.dll ---- EOF - GMER 1.0.15 ----
  7. mh2286
    Sorry, but I can't get that GMER report because every time I start it it blue screens. I've tried doing it in safe mode and everything but the same thing keeps happening.
  8. mh2286
    OTL logfile created on: 8/5/2010 8:08:41 PM - Run 1 OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Matt\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18928) Locale: 00000409 | Country: United States | Language: ENU | Date Format: MM/dd/yyyy 2.00 Gb Total Physical Memory | 0.00 Gb Available Physical Memory | 21.00% Memory free 4.00 Gb Paging File | 2.00 Gb Available in Paging File | 44.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 55.66 Gb Total Space | 6.03 Gb Free Space | 10.84% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 54.66 Gb Total Space | 42.01 Gb Free Space | 76.87% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MARIEWOODWAR-PC Current User Name: Matt Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010/08/05 20:07:30 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Matt\Downloads\OTL.exe PRC - [2010/08/05 17:25:04 | 000,047,616 | ---- | M] () -- C:\Users\Matt\Downloads\Win32kDiag.exe PRC - [2010/07/31 21:08:41 | 001,287,120 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsTray.exe PRC - [2010/07/31 21:08:11 | 003,101,648 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsGui.exe PRC - [2010/07/22 23:02:16 | 000,945,720 | ---- | M] (Google Inc.) -- C:\Users\Matt\AppData\Local\Google\Chrome\Application\chrome.exe PRC - [2010/06/28 21:57:18 | 002,837,864 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2010/04/16 09:33:40 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010/03/15 12:50:36 | 001,142,224 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe PRC - [2010/03/11 12:09:22 | 000,366,840 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe PRC - [2009/08/18 12:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2009/08/18 12:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2009/08/16 18:04:42 | 001,037,312 | ---- | M] () -- C:\Program Files\WinRAR\WinRAR.exe PRC - [2009/07/29 16:52:10 | 001,024,512 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Dealio Toolbar\SearchSettings.exe PRC - [2009/05/19 12:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008/12/13 18:15:26 | 000,233,472 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe PRC - [2008/10/02 01:00:00 | 000,199,680 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\spool\drivers\w32x86\3\E_FATIFCE.EXE PRC - [2008/09/19 08:30:34 | 003,674,112 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\PostgreSQL\8.3\bin\postgres.exe PRC - [2008/09/19 04:03:58 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe PRC - [2008/05/30 23:09:46 | 000,731,136 | ---- | M] () -- C:\Users\Matt\AppData\Local\Temp\Rar$EX00.961\avenger.exe PRC - [2008/05/21 12:32:22 | 000,368,640 | ---- | M] (Entriq, Inc.) -- C:\Program Files\Entriq\MediaSphere\EntriqMediaTray.exe PRC - [2008/05/21 12:29:30 | 001,404,928 | ---- | M] (Entriq, Inc.) -- C:\Program Files\Entriq\MediaSphere\3.8.2.9\EntriqMediaServer.exe PRC - [2008/01/29 18:51:52 | 004,911,104 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2008/01/29 17:00:40 | 000,430,080 | ---- | M] () -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe PRC - [2008/01/25 13:33:50 | 000,509,816 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe PRC - [2008/01/25 02:38:12 | 002,458,128 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe PRC - [2008/01/22 14:25:26 | 000,712,704 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe PRC - [2008/01/22 11:00:30 | 004,624,384 | ---- | M] () -- C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe PRC - [2008/01/21 17:54:46 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe PRC - [2008/01/21 03:23:50 | 000,318,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe PRC - [2008/01/21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe PRC - [2008/01/21 03:23:32 | 000,397,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Mail\WinMail.exe PRC - [2008/01/17 16:27:52 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe PRC - [2008/01/17 16:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- c:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe PRC - [2008/01/09 17:50:22 | 000,767,976 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe PRC - [2008/01/09 15:02:08 | 001,056,768 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe PRC - [2007/12/25 14:07:14 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe PRC - [2007/12/25 14:06:52 | 000,405,504 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe PRC - [2007/12/03 17:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) -- c:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe PRC - [2007/11/21 18:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe PRC - [2007/11/15 20:15:16 | 000,251,216 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcsvrcnt.exe PRC - [2007/11/13 14:16:26 | 000,359,248 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\MSC\mcupdui.exe PRC - [2007/10/25 17:41:18 | 000,413,696 | ---- | M] (Chicony) -- C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe PRC - [2007/08/24 05:00:40 | 000,023,880 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSK\msksrver.exe PRC - [2007/08/15 13:36:04 | 000,359,248 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe PRC - [2007/08/03 23:33:14 | 000,582,992 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe PRC - [2007/07/25 02:41:52 | 000,695,624 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe PRC - [2007/07/24 13:02:14 | 000,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe PRC - [2007/07/18 16:54:42 | 000,856,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe PRC - [2007/07/13 08:14:56 | 000,265,040 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\MSC\mcuimgr.exe PRC - [2007/07/10 10:24:10 | 000,581,632 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe PRC - [2007/06/18 11:51:10 | 001,507,328 | ---- | M] (Interactive Digital Media) -- C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe PRC - [2006/08/23 17:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe PRC - [2002/01/09 21:53:14 | 000,200,704 | ---- | M] (FUJI PHOTO FILM CO., LTD.) -- C:\Program Files\FinePixViewer\QuickDCF.exe ========== Modules (SafeList) ========== MOD - [2010/08/05 20:07:30 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Matt\Downloads\OTL.exe MOD - [2009/10/30 11:18:16 | 000,147,024 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\PCTGMhk.dll MOD - [2009/04/11 07:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll MOD - [2008/01/21 03:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx ========== Win32 Services (SafeList) ========== SRV - [2010/06/28 21:57:15 | 000,040,384 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner) SRV - [2010/06/28 21:57:15 | 000,040,384 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner) SRV - [2010/06/28 21:57:15 | 000,040,384 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2010/04/28 07:44:02 | 000,704,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc) SRV - [2010/04/16 09:33:40 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/03/15 12:50:36 | 001,142,224 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService) SRV - [2010/03/11 12:09:22 | 000,366,840 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService) SRV - [2009/09/25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2009/08/18 12:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2009/05/19 12:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort) SRV - [2008/12/13 18:15:26 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService) SRV - [2008/09/19 04:03:58 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe -- (pgsql-8.3) SRV - [2008/01/25 02:38:12 | 002,458,128 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc) SRV - [2008/01/21 17:54:46 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv) SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008/01/17 16:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- c:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv) SRV - [2008/01/09 17:50:22 | 000,767,976 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc) SRV - [2007/12/25 14:07:14 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service) SRV - [2007/12/03 17:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- c:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service) SRV - [2007/11/21 18:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv) SRV - [2007/08/24 05:00:40 | 000,023,880 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSK\MskSrver.exe -- (MSK80Service) SRV - [2007/08/15 13:36:04 | 000,359,248 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy) SRV - [2007/07/25 03:16:16 | 000,378,184 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS) SRV - [2007/07/25 02:41:52 | 000,695,624 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon) SRV - [2007/07/24 13:02:14 | 000,144,704 | ---- | M] (McAfee, Inc.) [unknown | Running] -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield) SRV - [2007/07/18 16:54:42 | 000,856,864 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService) SRV - [2006/08/23 17:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\lgusbmodem.sys -- (USBModem) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\lgusbdiag.sys -- (UsbDiag) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\lgusbbus.sys -- (usbbus) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp) DRV - [2010/07/31 21:06:53 | 000,218,592 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\PCTCore.sys -- (PCTCore) DRV - [2010/06/28 21:37:52 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2010/06/28 21:37:30 | 000,165,456 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2010/06/28 21:33:13 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2010/06/28 21:32:56 | 000,050,256 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2010/06/28 21:32:33 | 000,017,744 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2009/09/26 17:04:01 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2009/08/05 23:48:42 | 000,054,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr) DRV - [2008/12/13 18:15:26 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2008/01/30 11:34:20 | 002,058,528 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008/01/21 16:42:24 | 000,285,184 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32) DRV - [2008/01/21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR) DRV - [2008/01/21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2008/01/21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2008/01/21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008/01/21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008/01/21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2008/01/21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2008/01/21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008/01/21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2008/01/21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel® DRV - [2008/01/21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2008/01/21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008/01/21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008/01/21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008/01/21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008/01/21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2008/01/21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2008/01/21 03:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL) DRV - [2008/01/21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008/01/21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2008/01/21 03:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel® DRV - [2008/01/21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2008/01/21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008/01/21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008/01/21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2007/12/28 19:21:54 | 000,104,448 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2007/12/17 11:45:20 | 000,018,432 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR) DRV - [2007/12/06 18:12:48 | 000,196,400 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP) DRV - [2007/11/09 14:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ) DRV - [2007/11/01 00:51:26 | 000,985,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV) DRV - [2007/11/01 00:47:54 | 000,208,896 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL) DRV - [2007/11/01 00:47:08 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf) DRV - [2007/10/17 22:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio) DRV - [2007/09/29 23:03:12 | 000,308,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor) DRV - [2007/09/13 14:23:50 | 001,925,632 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx) DRV - [2007/07/24 13:02:36 | 000,033,800 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk) DRV - [2007/07/24 08:40:36 | 000,079,304 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk) DRV - [2007/07/21 10:08:24 | 000,201,288 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk) DRV - [2007/07/21 10:08:24 | 000,040,488 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk) DRV - [2007/07/21 10:08:24 | 000,035,240 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk) DRV - [2007/07/13 10:21:12 | 000,125,728 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\Mpfp.sys -- (MPFP) DRV - [2007/06/18 21:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem) DRV - [2007/05/02 12:11:18 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdm.sys -- (ss_mdm) DRV - [2007/05/02 12:11:18 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdfl.sys -- (ss_mdfl) DRV - [2007/05/02 12:11:16 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM) DRV - [2006/11/20 15:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk) DRV - [2006/11/02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006/11/02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006/11/02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006/11/02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006/11/02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006/11/02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006/11/02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006/11/02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006/11/02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006/11/02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006/11/02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006/11/02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006/11/02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006/11/02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006/11/02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006/11/02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006/11/02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006/11/02 08:30:52 | 000,467,456 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2006/10/18 12:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst) DRV - [2006/04/17 17:54:12 | 000,014,336 | ---- | M] (YAMAHA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ymidusb.sys -- (YMIDUSB) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.pctools.com/mrc/fix_homepage/ IE - HKLM\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre0.dll (Conduit Ltd.) IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2715345812-3964575429-2910891508-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://uk.ask.com?o=14986&l=dis IE - HKU\S-1-5-21-2715345812-3964575429-2910891508-1001\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-2715345812-3964575429-2910891508-1001\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre0.dll (Conduit Ltd.) IE - HKU\S-1-5-21-2715345812-3964575429-2910891508-1001\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Dealio Toolbar\SearchSettings.dll (Spigot, Inc.) IE - HKU\S-1-5-21-2715345812-3964575429-2910891508-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2715345812-3964575429-2910891508-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultthis.engineName: "Web Search" FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&SearchSource=3&q=" FF - prefs.js..browser.search.selectedEngine: "Web Search" FF - prefs.js..extensions.enabledItems: {1392b8d2-5c05-419f-a8f6-b9f15a596612}:1.5.41.0 FF - prefs.js..network.proxy.no_proxies_on: "*.local" FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/04/01 16:47:58 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/09 16:19:40 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/26 23:02:38 | 000,000,000 | ---D | M] [2008/09/05 03:02:06 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\Mozilla\Extensions [2010/01/18 07:51:07 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\6el05x1w.default\extensions [2008/12/20 15:56:03 | 000,000,000 | ---D | M] (Freecorder Toolbar) -- C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\6el05x1w.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612} [2009/12/30 18:29:24 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\6el05x1w.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010/01/01 13:52:01 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2009/12/14 22:45:54 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll (Spigot, Inc.) O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre0.dll (Conduit Ltd.) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (McAfee Phishing Filter) - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - C:\Program Files\McAfee\MSK\mcapbho.dll () O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.) O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.) O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Dealio Toolbar\SearchSettings.dll (Spigot, Inc.) O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll (Spigot, Inc.) O3 - HKLM\..\Toolbar: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre0.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.) O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O3 - HKU\S-1-5-21-2715345812-3964575429-2910891508-1001\..\Toolbar\ShellBrowser: (Freecorder Toolbar) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - C:\Program Files\Freecorder\tbFre0.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-2715345812-3964575429-2910891508-1001\..\Toolbar\WebBrowser: (Freecorder Toolbar) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - C:\Program Files\Freecorder\tbFre0.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-2715345812-3964575429-2910891508-1001\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software) O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony) O4 - HKLM..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe (Interactive Digital Media) O4 - HKLM..\Run: [five Media Manager Tray] C:\Program Files\Entriq\MediaSphere\EntriqMediaTray.exe (Entriq, Inc.) O4 - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [iSTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools) O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) O4 - HKLM..\Run: [NDSTray.exe] File not found O4 - HKLM..\Run: [NPSStartup] File not found O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [searchSettings] C:\Program Files\Dealio Toolbar\SearchSettings.exe (Spigot, Inc.) O4 - HKLM..\Run: [skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [smoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA) O4 - HKLM..\Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe (Toshiba) O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\.DEFAULT..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (Google Inc.) O4 - HKU\S-1-5-18..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (Google Inc.) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-2715345812-3964575429-2910891508-1001..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe File not found O4 - HKU\S-1-5-21-2715345812-3964575429-2910891508-1001..\Run: [EPSON SX410 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIFCE.EXE (SEIKO EPSON CORPORATION) O4 - HKU\S-1-5-21-2715345812-3964575429-2910891508-1001..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe File not found O4 - HKU\S-1-5-21-2715345812-3964575429-2910891508-1001..\Run: [skype] C:\Program Files\Skype\Phone\Skype.exe File not found O4 - HKU\S-1-5-21-2715345812-3964575429-2910891508-1001..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe File not found O4 - HKU\S-1-5-21-2715345812-3964575429-2910891508-1001..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe () O4 - HKU\S-1-5-21-2715345812-3964575429-2910891508-1006..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe () O4 - HKU\S-1-5-21-2715345812-3964575429-2910891508-1006..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) O4 - Startup: C:\Users\Marie Woodward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BBC iPlayer Desktop.lnk = C:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe () O4 - Startup: C:\Users\Marie Woodward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) O4 - Startup: C:\Users\Marie Woodward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) O4 - Startup: C:\Users\New TabNew Tab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) O4 - Startup: C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) O4 - Startup: C:\Users\postgres.MarieWoodwar-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe File not found O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/pr01/photo...NPUplden-gb.cab (Windows Live Hotmail Photo Upload Tool) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img25.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img25.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{de9acd0c-5b68-11dd-9da0-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{de9acd0c-5b68-11dd-9da0-806e6f6e6963}\Shell\AutoRun\command - "" = F:\EPSETUP.EXE -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010/08/03 22:00:13 | 000,000,000 | ---D | C] -- C:\Users\Matt\Desktop\New Folder (3) [2010/08/03 21:53:40 | 000,000,000 | ---D | C] -- C:\ProgramData\ParetoLogic [2010/08/03 21:53:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ParetoLogic [2010/08/03 21:53:40 | 000,000,000 | ---D | C] -- C:\ProgramData\FileCure [2010/08/03 21:53:39 | 000,000,000 | ---D | C] -- C:\Program Files\ParetoLogic [2010/08/03 21:10:27 | 000,165,456 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys [2010/08/03 21:10:27 | 000,017,744 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys [2010/08/03 21:10:26 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys [2010/08/03 21:10:25 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys [2010/08/03 21:10:23 | 000,050,256 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys [2010/08/03 21:09:00 | 000,165,032 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe [2010/08/03 21:09:00 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\avastSS.scr [2010/08/03 21:08:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software [2010/08/03 21:08:48 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software [2010/07/31 13:05:59 | 000,100,136 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys [2010/07/26 22:02:22 | 000,000,000 | ---D | C] -- C:\Program Files\FunWebProducts [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010/08/05 20:17:01 | 002,883,584 | -HS- | M] () -- C:\Users\Matt\ntuser.dat [2010/08/05 20:14:00 | 000,000,440 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{3DDA16E2-04A5-4AA7-8678-4F73B028CCF3}.job [2010/08/05 20:13:00 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{2AE47DC0-93AC-4E5A-A3D8-796594BCC1FB}.job [2010/08/05 20:10:00 | 000,000,942 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2715345812-3964575429-2910891508-1000UA.job [2010/08/05 20:03:22 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010/08/05 20:03:22 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010/08/05 20:02:34 | 000,023,365 | ---- | M] () -- C:\Windows\System32\Config.MPF [2010/08/05 20:02:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010/08/05 19:39:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2715345812-3964575429-2910891508-1001UA.job [2010/08/05 18:00:00 | 000,000,442 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration3.job [2010/08/05 17:00:36 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010/08/05 17:00:36 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\FileCure Startup.job [2010/08/05 17:00:28 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010/08/05 17:00:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010/08/05 17:00:00 | 000,000,000 | ---- | M] () -- C:\Windows\win32k.sys [2010/08/05 16:59:51 | 2136,956,928 | -HS- | M] () -- C:\hiberfil.sys [2010/08/03 22:14:21 | 000,000,416 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version3.job [2010/08/03 22:14:20 | 000,000,362 | ---- | M] () -- C:\Windows\tasks\FileCure Default.job [2010/08/03 21:53:40 | 000,000,947 | ---- | M] () -- C:\Users\Matt\Application Data\Microsoft\Internet Explorer\Quick Launch\ParetoLogic FileCure.lnk [2010/08/03 21:53:40 | 000,000,923 | ---- | M] () -- C:\Users\Public\Desktop\ParetoLogic FileCure.lnk [2010/08/03 21:35:27 | 000,524,288 | -HS- | M] () -- C:\Users\Matt\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms [2010/08/03 21:35:27 | 000,065,536 | -HS- | M] () -- C:\Users\Matt\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf [2010/08/03 21:30:37 | 003,842,391 | -H-- | M] () -- C:\Users\Matt\AppData\Local\IconCache.db [2010/08/03 21:10:28 | 000,001,805 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2010/08/03 21:10:23 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2010/08/03 20:56:45 | 000,002,042 | ---- | M] () -- C:\Users\Matt\Desktop\Google Chrome.lnk [2010/08/02 11:10:00 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2715345812-3964575429-2910891508-1000Core.job [2010/08/01 03:00:17 | 000,000,430 | ---- | M] () -- C:\Windows\tasks\Driver Robot.job [2010/08/01 03:00:17 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\McQcTask.job [2010/08/01 00:01:18 | 280,987,269 | ---- | M] () -- C:\Windows\MEMORY.DMP [2010/07/31 21:06:54 | 000,063,360 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys [2010/07/31 21:06:53 | 000,218,592 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys [2010/07/31 13:05:48 | 000,001,724 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk [2010/07/31 11:53:54 | 000,002,317 | ---- | M] () -- C:\Users\Public\Desktop\Wireless Guide.lnk [2010/07/31 10:39:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2715345812-3964575429-2910891508-1001Core.job [2010/07/28 18:00:00 | 000,000,556 | ---- | M] () -- C:\Windows\tasks\Norton Security Scan for Matt.job [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2010/08/05 16:59:35 | 2136,956,928 | -HS- | C] () -- C:\hiberfil.sys [2010/08/03 21:54:41 | 000,000,442 | ---- | C] () -- C:\Windows\tasks\ParetoLogic Registration3.job [2010/08/03 21:53:43 | 000,000,378 | ---- | C] () -- C:\Windows\tasks\FileCure Startup.job [2010/08/03 21:53:42 | 000,000,362 | ---- | C] () -- C:\Windows\tasks\FileCure Default.job [2010/08/03 21:53:41 | 000,000,416 | ---- | C] () -- C:\Windows\tasks\ParetoLogic Update Version3.job [2010/08/03 21:53:40 | 000,000,947 | ---- | C] () -- C:\Users\Matt\Application Data\Microsoft\Internet Explorer\Quick Launch\ParetoLogic FileCure.lnk [2010/08/03 21:53:40 | 000,000,923 | ---- | C] () -- C:\Users\Public\Desktop\ParetoLogic FileCure.lnk [2010/08/03 21:10:28 | 000,001,805 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2010/07/31 13:05:59 | 000,007,387 | ---- | C] () -- C:\Windows\System32\drivers\pctgntdi.cat [2010/07/31 13:05:52 | 000,007,412 | ---- | C] () -- C:\Windows\System32\drivers\PCTAppEvent.cat [2010/07/31 13:05:42 | 000,007,383 | ---- | C] () -- C:\Windows\System32\drivers\pctplsg.cat [2010/03/20 01:43:33 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini [2009/10/25 01:33:31 | 000,000,000 | ---- | C] () -- C:\Windows\win32k.sys [2009/09/26 17:04:01 | 000,717,296 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys [2009/09/17 09:50:33 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll [2009/07/22 09:18:08 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll [2009/07/22 09:18:08 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys [2009/06/13 14:50:46 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2009/06/07 15:56:34 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll [2009/06/07 15:56:34 | 000,002,412 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini [2008/02/26 17:54:05 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI [2008/02/26 12:17:33 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll [2008/02/26 12:17:33 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll [2008/02/26 12:17:33 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll [2008/02/26 12:17:33 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll [2008/02/26 12:17:33 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll [2008/02/26 12:17:33 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll [2008/02/26 11:34:24 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2008/02/26 11:33:15 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1329.dll [2008/02/26 11:33:14 | 001,238,832 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll [2008/02/26 11:33:14 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll [2008/02/26 11:33:14 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll [2008/01/28 18:01:42 | 000,057,344 | ---- | C] () -- C:\Windows\System32\SmartFaceVCapt.dll [2008/01/28 18:01:06 | 000,471,040 | ---- | C] () -- C:\Windows\System32\SmartFaceVCP.dll [2008/01/28 17:53:02 | 006,701,056 | ---- | C] () -- C:\Windows\System32\FaceHI.dll [2008/01/28 17:53:02 | 000,995,328 | ---- | C] () -- C:\Windows\System32\FaceRec.dll [2008/01/28 17:53:02 | 000,126,976 | ---- | C] () -- C:\Windows\System32\SmartFaceVCtrl.dll [2008/01/28 17:52:28 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IppLib.dll [2007/10/25 18:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2007/10/04 19:33:10 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dtu100.dll.manifest [2007/10/04 19:33:10 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dpl100.dll.manifest [2007/09/28 18:56:22 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll [2007/09/28 18:53:06 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll [2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 09:43:04 | 000,061,952 | ---- | C] () -- C:\Windows\System32\logevent.dll [2006/11/02 09:43:04 | 000,061,952 | ---- | C] () -- C:\Windows\System32\cngaudit.dll [2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2002/06/06 03:01:58 | 000,029,696 | ---- | C] () -- C:\Windows\System32\asutl8.dll ========== Alternate Data Streams ========== @Alternate Data Stream - 180 bytes -> C:\ProgramData\TEMP:DFC5A2B2 @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:B0A96209 @Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:8DFBBD8E < End of report > OTL Extras logfile created on: 8/5/2010 8:08:41 PM - Run 1 OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Matt\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18928) Locale: 00000409 | Country: United States | Language: ENU | Date Format: MM/dd/yyyy 2.00 Gb Total Physical Memory | 0.00 Gb Available Physical Memory | 21.00% Memory free 4.00 Gb Paging File | 2.00 Gb Available in Paging File | 44.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 55.66 Gb Total Space | 6.03 Gb Free Space | 10.84% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 54.66 Gb Total Space | 42.01 Gb Free Space | 76.87% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MARIEWOODWAR-PC Current User Name: Matt Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-2715345812-3964575429-2910891508-1001\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- C:\Users\Matt\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- C:\Program Files\ParetoLogic\FileCure\FileCure_noapp.exe %1 (ParetoLogic) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0E6A7DD8-FB8E-4009-9CCE-766CC8F07CF3}" = rport=138 | protocol=17 | dir=out | app=system | "{2BD50796-D145-4F2D-8991-6EA21A1C61F8}" = rport=445 | protocol=6 | dir=out | app=system | "{327359BE-3840-4C20-82B4-06C2FB0C7E8C}" = lport=139 | protocol=6 | dir=in | app=system | "{50522C50-926D-4A13-9BE4-D09C060D8BA1}" = rport=137 | protocol=17 | dir=out | app=system | "{7F90C506-BD3C-4C09-9100-C5414978CE10}" = rport=139 | protocol=6 | dir=out | app=system | "{80AD7945-4680-477F-B6A4-C16C8F734300}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{AAE1D07E-9179-423D-B970-E8740718CF14}" = lport=138 | protocol=17 | dir=in | app=system | "{AB7C0A08-118E-4505-8120-C34D0CEF9FFE}" = lport=2869 | protocol=6 | dir=in | app=system | "{B367D034-9D4F-4457-8B47-FA522FDBD2A0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{EDFEDE5E-0A36-474D-A31D-52BBA88E0637}" = lport=137 | protocol=17 | dir=in | app=system | "{F0A55D3E-6B1C-4BF0-93AD-8FD0B0D1F3BE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{F8A3B1EB-7446-4A86-8578-29A81ABC83F9}" = lport=445 | protocol=6 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{09C75EAC-B1D6-468A-82B5-F2C9B43C6145}" = protocol=6 | dir=in | app=c:\program files\tournament indicator\indicator.exe | "{0E7A2061-78EB-4E6A-A1EB-E49DD96499CC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{1480E180-E0D3-4EB8-938B-B016A7F4B6A9}" = protocol=17 | dir=in | app=c:\program files\kontiki\kservice.exe | "{19FA041F-4AE9-4B1B-B567-4366934BF38D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{269D9A50-12AE-4A61-AA3A-C541593F8347}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | "{57180817-9FF3-444D-8FA9-29035755FA2F}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe | "{6AB143C3-1E94-4F43-B7E2-DCFE5329974B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{6D5AD34C-9A88-410D-A75D-04555DFA2893}" = protocol=6 | dir=in | app=c:\program files\kontiki\kservice.exe | "{727B0252-821E-4235-B85C-B4214FA34638}" = protocol=17 | dir=in | app=c:\program files\tournament indicator\indicator.exe | "{80963369-F6B8-47D6-A8E9-D936B06804B1}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{8D000837-4B57-427E-85A1-EFA536B49223}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{8D9AB0EE-A19E-4D06-B29E-500334CB09DE}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe | "{916B65A8-4DB0-43AA-8DA4-3FE3FFDD1CA9}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{9302A047-5702-4B8A-812A-6B72CDCC0D97}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{A502D30D-810F-4BBC-B1B7-5D01FA29A3B4}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe | "{AF4CFE4A-0740-462E-8976-C1AF8E8ED065}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe | "{BB47A209-7480-4534-8422-F4A8D8F71E7D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{BC5E3A9B-7960-406F-87DE-2425EB68C3D8}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | "{BD6502D0-673D-416D-8A55-88290E8010D0}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe | "{CD0D19A0-8ACD-4F5E-94CA-EA7661C0B71C}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe | "{D8499549-7547-4222-9FD9-DC18E083CD47}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe | "{D9F56415-85A9-4674-8EB3-1B816C3E4085}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe | "{E7B57986-73F0-46ED-9EEF-01526E6BDD80}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{F0AC4E30-C34A-46DB-A585-154016353758}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe | "{F556DC6E-D8C0-4A50-85B6-2E34DB8B096C}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | "TCP Query User{0131BF2F-68E3-4D3D-9923-28A7D778685C}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "TCP Query User{789E7EA3-D49C-4564-8D78-0A1B620C4097}C:\program files\b2bpoker\noiqpoker\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\b2bpoker\noiqpoker\jre\bin\javaw.exe | "TCP Query User{7F28DC86-7B88-4547-89A3-CCEB17DC85F8}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | "TCP Query User{8269AFD2-D629-4DA1-B4D3-13B702CD5C59}C:\users\matt\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\matt\appdata\local\google\chrome\application\chrome.exe | "UDP Query User{0F7980C6-3D5C-440D-AC75-DCE9B9256E6E}C:\program files\b2bpoker\noiqpoker\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\b2bpoker\noiqpoker\jre\bin\javaw.exe | "UDP Query User{9B4511B4-F2ED-447A-8660-65876F8E6F54}C:\users\matt\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\matt\appdata\local\google\chrome\application\chrome.exe | "UDP Query User{9DA7B9BA-7FA5-420A-BDD1-8E7A766BE100}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{E5205368-1794-48CA-B517-439955D5F2FA}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant "{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0 "{0F4F4815-76AD-4B26-8763-72F3344041C2}" = TOSHIBA Manuals "{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist "{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works "{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate "{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.5.3 "{1BD07DF4-FB06-41BA-B896-B2DA59000C96}" = Windows Live Toolbar "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{24ED4D80-8294-11D5-96CD-0040266301AD}" = FinePixViewer Ver.3.2 "{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java 6 Update 10 "{2883F6F5-0509-43F3-868C-D50330DD9DD3}" = TOSHIBA Hardware Setup "{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java 6 Update 3 "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7 "{3560CE5A-C4EF-4DB0-9ECC-BA035FE309C5}" = MSN Toolbar "{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials "{4B1E87C3-00DE-4898-8E39-E390AAEF2391}" = TOSHIBA Supervisor Password "{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack "{5980B928-1C95-4B3E-957B-B02D8147FF9E}" = Desktop SMS "{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator "{5ECB3A3C-980B-4D12-9724-25DCB07A1F47}" = iTunes "{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center "{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER "{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com "{7694E0B1-2332-448B-9235-929F84B41E3F}" = Active@ ISO Burner "{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = LiveUpdate BVRP Software "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TRDCReminder "{78225D0F-D12C-09E4-5D6D-A64D763E8982}" = BBC iPlayer Desktop "{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}" = TOSHIBA ConfigFree "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{87C2248A-C7DD-49ED-9BCD-B312A9D0819E}" = Epson Easy Photo Print 2 "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A253629-0511-4854-8B4E-46E57E66005C}" = Bonjour "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player "{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel
  9. mh2286
    My laptop is infected with a trojan according to spyware doctor and it keeps crashing (blue screen) when i try to fix it with SD and sometimes just randomly. The file location is \\?\GLOBALROOT\DEVICE\_MAX++>\42873245.X86.DLI I've tried downloading avast to run a boot-time scan but it seems the virus has corrupted it because it didn't run the boot-time scan and now when i load it up it says it is 'unsecured' and nothing happens when I click fix. I've also ran win32kdiag but that stops when it reads 'cannot acces: C:Windows etc etc' As you may have guessed I have no idea what I'm doing and only tried the above because I read some of the solutions for similar problems on the forum. Any help would be hugely appreciated, Thanks
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.