Antivirus Suite Aftermath

[Apulver]

Our computer recently became infected with Antivirus Suite. I am running Windows XP on a laptop via integrated wireless connection.

Originally I had disabled the AV Suite pop-ups by hitting "end process" in the Windows Task Manager on a file installed by AV Suite. Norton still did not detect any viruses, etc. I then attempted running Norton with after restarting Windows with a diagnostic startup via MSCONFIG. Again, Norton did not detect anything. Windows was eventually returned to normal startup mode via MSCONFIG.

I proceeded to restart windows in SAFE mode and scan with Norton. Norton was able to identify/remove 4 threats.

Here is where things got bad.

After I restarted Windows in NORMAL (not safe) mode, I noticed a number of things had changed. First, the normally green-colored "start" button in the bottom left corner was now gray, smaller, and using different font. In fact, the windows font had been changed in numerous different places and the top border colors on windows were changed to a flat grey. Second, I noticed that even though MSCONFIG was running in normal (not diagnostic or selective) startup mode, there were only a few programs running in startup (the box in the bottom-right corner).

(1) There was no icons or programs dealing with internet connection, or signal strength, or anything dealing with my laptop's internal wireless system ("wireless network connection"). Needless to say, I have lost all internet connection ability. In internet explorer, hitting "diagnose connection problems" returns an error message to the effect that no device is assigned to the progrem and/or no device can be found

(2) There is NOTHING listed in the windows hardware Device Manager

(3) Some programs, like microsoft word and Sonic Recordnow, still open and function normally

(4) My printer is not functioning and along with thumb drives will not be recognized when powered and connected via USB, however the mouse and keyboards (also attached via USB) work fine

(5) Norton antivirus will run a full system scan during safe mode only, but won't even initialize during normal startup

After doing some research I located Malwarebytes and ran the free version via directions listed here:

http://forums.malwarebytes.org/index.php?showtopic=53741

Please note that...

(1) Presumably due to my internet issues, I was NOT able to update the malware definitions, even after adjusting the proxy settings according to directions. I repeatedly recieved an error when hitting the update button that stated the following:

MBAM_ERROR_UPDATING (12007, 0, WinHttpoSendRequest)

(2) Without updating, I still was able to eliminate about 63 malware threats (4-5 which had names relating to the AV suite, the remainder being adware)

(3) I have since downloaded and updated definitions using via "manual update"

(4) I have since underwent the process for the "I'm infected what do I do now" post. Files are attached.

Even after going through all of these steps, my desktop / internet connections / hardware task manager / USB connection functionality still look exactly the same. I am fearful that AV Suite has already done damage that will require replacement of my computer.

Without internet connection, I have to search for solutions via work computers and transfer files to my laptop. I have no idea what to do now.

PLEASE HELP! Is there any fix to this?

Attach.zip

DDS.txt

mbam_log_2010_06_27__17_25_03_.txt

[Elise]

Hello ,

And My name is Elise and I'll be glad to help you with your computer problems.

I will be working on your malware issues, this may or may not solve other issues you may have with your machine.

Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.

• The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen.
  
• Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic.
  
• The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.
  
• Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.
  

You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications.

-----------------------------------------------------------

COMBOFIX

---------------

Please download ComboFix from one of these locations:

Bleepingcomputer
ForoSpyware

• Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  
• Double click on Combofix.exe and follow the prompts.
  
• As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  
• Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
  

**Please note: If the Microsoft Windows Recovery Console is already installed, or if you are running Vista, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

[Apulver]

I have attached ComboFix.txt

Please note that due to my inability to connect to the internet on the infected computer, I was unable to download the Microsoft Recovery Console (which apparantly prevents combofix's effectiveness). If you know of a link to download Microsoft Recovery Console, please let me know and I can download the file on this computer, transfer it via CDR, and then re-run the program with it installed.

After running combofix, a (red shield) Windows Security Alerts icon pops up in the bottom-right corner of the screen warning that i have no firewall/protection enabled. This was not present before combofix. It is the only thing that seems to have changed, but it is also the first improvement I've had since attempting to fix this thing.

Thanks, and please advise

ComboFix.txt

[Elise]

Hello again,

Please run the following script and let me know if internet connectivity is restored afterwards. If not, please let me know how you are connected to the internet.

CF-SCRIPT

-------------

We need to execute a CF-script.

• Close any open browsers.
  
• Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  
• Click Start > Run and in the box that opens type notepad and press enter. Copy/paste the text in the codebox below into it:
  

DDs::
uInternet Settings,ProxyServer = http=127.0.0.1:5555

Save this as CFScript.txt, in the same location as ComboFix.exe

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

[Apulver]

I did as instructed and have attached the new combofix log.

My internet connection was not fixed (neither before the scan when combofix attempted to download Microsoft Recovery Console, nor after the scan post-restart).

The infected computer usually connects to the internet via wireless connection, however, as noted above the bottom-right corner of windows does not even list the "Wireless Internet Connection" Icon.

Please note that our internet connection is otherwise working fine. In fact, the computer from which I am writing is currently connected to the wireless router and functioning normally.

Thanks for the continuing assistance. Please advise.

ComboFix.txt

[Elise]

Lets check a few things here:

Click Start > Control Panel, and doubleclick on Network Connections. Let me know if your connection is listed there and if so, let me know what its status is (i.e., enabled, disabled, acquiring network access...). Try to right click on it and select Repair. Let me know what comes back.

[Apulver]

Unfortunately there is nothing listed there... it is just a blank window. This is similar to my device manager, which also lists nothing in the window.

Thanks for the rapid responses.

[Elise]

Very strange, lets see if we can find out a bit more about it.

OTL

-----

Please download OTL from one of the following mirrors:

• • This is THE Mirror
    

[*]Save it to your desktop.

[*]Double click on the icon on your desktop.

[*]Click the "Scan All Users" checkbox.

[*]Push the button.

[*]Two reports will open, copy and paste them in a reply here:

• OTListIt.txt <-- Will be opened
  
• Extra.txt <-- Will be minimized
  

[Apulver]

OTL logfile created on: 7/2/2010 5:44:05 PM - Run 1

OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\Andy Pulver\Desktop

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 82.00% Memory free

4.00 Gb Paging File | 4.00 Gb Available in Paging File | 95.00% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 71.47 Gb Total Space | 9.98 Gb Free Space | 13.96% Space Free | Partition Type: NTFS

Drive D: | 0.94 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: PULVER

Current User Name: Andy Pulver

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/07/02 10:39:51 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andy Pulver\Desktop\OTL.exe

PRC - [2008/09/25 06:56:41 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2008/02/19 09:07:06 | 000,502,800 | ---- | M] (Microsoft® Corporation) -- C:\Program Files\Microsoft Money Plus\MNYCoreFiles\mnyinsit.exe

PRC - [2008/02/09 17:06:33 | 000,238,968 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe

PRC - [2008/02/05 15:29:20 | 000,054,512 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe

PRC - [2007/11/28 20:51:10 | 000,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

PRC - [2005/10/31 11:18:48 | 000,101,888 | ---- | M] (Walt Disney Internet Group) -- C:\Program Files\ESPNRunTime\DIGServices.exe

PRC - [2005/10/31 11:05:44 | 000,278,528 | ---- | M] (Walt Disney Internet Group) -- C:\Program Files\DIGStream\digstream.exe

PRC - [2004/09/13 09:33:20 | 000,155,648 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe

PRC - [2004/08/19 07:40:08 | 000,045,056 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApntEx.exe

PRC - [2004/07/26 14:04:38 | 000,098,304 | ---- | M] (Saitek) -- C:\Program Files\Saitek\Software\SaiSmart.exe

PRC - [2004/06/22 08:05:02 | 000,172,032 | ---- | M] (HP) -- C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\hpztsb10.exe

PRC - [2004/04/09 13:54:44 | 000,163,840 | ---- | M] (WIDCOMM, Inc.) -- C:\Program Files\Dell\Bluetooth Software\bin\btwdins.exe

PRC - [2004/04/08 20:23:40 | 000,561,213 | ---- | M] (WIDCOMM, Inc.) -- C:\Program Files\Dell\Bluetooth Software\BTTray.exe

PRC - [2004/01/06 23:01:00 | 000,110,592 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe

PRC - [2003/10/29 00:06:00 | 000,024,576 | R--- | M] (BVRP Software) -- C:\Program Files\Digital Line Detect\DLG.exe

PRC - [2003/06/25 11:24:48 | 000,049,152 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd.exe

PRC - [2003/05/14 16:37:56 | 000,098,304 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\SYSTEM32\BacsTray.exe

========== Modules (SafeList) ==========

MOD - [2010/07/02 10:39:51 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andy Pulver\Desktop\OTL.exe

MOD - [2008/04/13 17:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\msscript.ocx

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (hpdj)

SRV - [2010/03/19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)

SRV - [2009/08/22 00:21:19 | 000,117,640 | R--- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe -- (Norton Internet Security)

SRV - [2008/08/04 11:20:16 | 003,220,856 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)

SRV - [2008/02/09 17:06:33 | 000,238,968 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)

SRV - [2007/11/28 20:51:10 | 000,583,048 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe -- (LiveUpdate Notice Service)

SRV - [2007/01/19 13:54:14 | 000,097,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\MSN Messenger\usnsvc.exe -- (usnjsvc)

SRV - [2004/04/09 13:54:44 | 000,163,840 | ---- | M] (WIDCOMM, Inc.) [Auto | Running] -- C:\Program Files\Dell\Bluetooth Software\bin\btwdins.exe -- (btwdins)

========== Driver Services (SafeList) ==========

DRV - [2010/05/28 12:33:19 | 000,331,640 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100617.005\IDSXpx86.sys -- (IDSxpx86)

DRV - [2010/05/27 01:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)

DRV - [2010/05/27 01:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)

DRV - [2010/05/10 01:00:00 | 001,347,504 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100621.022\NAVEX15.SYS -- (NAVEX15)

DRV - [2010/05/10 01:00:00 | 000,085,552 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100621.022\NAVENG.SYS -- (NAVENG)

DRV - [2010/02/03 20:11:15 | 000,482,432 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\NIS\1008000.029\ccHPx86.sys -- (ccHP)

DRV - [2009/09/08 21:49:16 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\SYMEVENT.SYS -- (SymEvent)

DRV - [2009/08/22 00:21:19 | 000,310,320 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1008000.029\SYMEFA.SYS -- (SymEFA)

DRV - [2009/08/22 00:21:19 | 000,308,272 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\NIS\1008000.029\SRTSP.SYS -- (SRTSP)

DRV - [2009/08/22 00:21:19 | 000,259,632 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\NIS\1008000.029\BHDrvx86.sys -- (BHDrvx86)

DRV - [2009/08/22 00:21:19 | 000,217,136 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\NIS\1008000.029\SYMTDI.SYS -- (SYMTDI)

DRV - [2009/08/22 00:21:19 | 000,089,904 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\NIS\1008000.029\SYMFW.SYS -- (SYMFW)

DRV - [2009/08/22 00:21:19 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1008000.029\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)

DRV - [2009/08/22 00:21:19 | 000,036,400 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\NIS\1008000.029\SYMNDIS.SYS -- (SYMNDIS)

DRV - [2009/08/22 00:21:19 | 000,033,072 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\NIS\1008000.029\SYMIDS.SYS -- (SYMIDS)

DRV - [2009/08/22 00:21:06 | 000,036,400 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\SymIM.sys -- (SymIMMP)

DRV - [2009/08/22 00:21:06 | 000,036,400 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\SymIM.sys -- (SymIM)

DRV - [2008/04/13 11:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)

DRV - [2008/04/13 11:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)

DRV - [2006/05/03 09:50:42 | 001,540,608 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys -- (ati2mtag)

DRV - [2005/09/26 05:32:53 | 000,008,413 | ---- | M] (RealNetworks, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mcstrm.sys -- (MCSTRM)

DRV - [2005/09/16 14:26:09 | 000,015,781 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)

DRV - [2005/05/03 15:09:28 | 001,033,728 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_DPV.SYS -- (HSF_DPV)

DRV - [2005/05/03 15:08:50 | 000,208,384 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSFHWICH.sys -- (HSFHWICH)

DRV - [2005/05/03 15:08:44 | 000,705,408 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_CNXT.sys -- (winachsf)

DRV - [2004/12/01 03:22:00 | 000,087,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)

DRV - [2004/11/23 02:56:00 | 000,040,480 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\drvnddm.sys -- (drvnddm)

DRV - [2004/11/16 08:03:52 | 000,108,791 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\Apfiltr.sys -- (ApfiltrService)

DRV - [2004/11/16 01:05:00 | 000,100,603 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnudfa.sys -- (tfsnudfa)

DRV - [2004/11/16 01:05:00 | 000,098,714 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnudf.sys -- (tfsnudf)

DRV - [2004/11/16 01:05:00 | 000,086,554 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnifs.sys -- (tfsnifs)

DRV - [2004/11/16 01:05:00 | 000,034,843 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsncofs.sys -- (tfsncofs)

DRV - [2004/11/16 01:05:00 | 000,025,883 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnboio.sys -- (tfsnboio)

DRV - [2004/11/16 01:05:00 | 000,015,227 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnopio.sys -- (tfsnopio)

DRV - [2004/11/16 01:05:00 | 000,006,363 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnpool.sys -- (tfsnpool)

DRV - [2004/11/16 01:05:00 | 000,004,123 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsndrct.sys -- (tfsndrct)

DRV - [2004/11/16 01:05:00 | 000,002,239 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsndres.sys -- (tfsndres)

DRV - [2004/11/15 16:37:52 | 000,264,440 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\stac97.sys -- (STAC97) Audio Driver (WDM)

DRV - [2004/08/03 20:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\NV4_MINI.SYS -- (nv)

DRV - [2004/07/26 13:54:48 | 000,056,576 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\SaiH053c.sys -- (SaiH053c)

DRV - [2004/07/26 13:54:14 | 000,026,752 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\SaiNtBus.sys -- (SaiNtBus)

DRV - [2004/07/26 13:54:14 | 000,015,616 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\SaiMini.sys -- (SaiMini)

DRV - [2004/07/14 11:29:04 | 000,005,627 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\sscdbhk5.sys -- (sscdbhk5)

DRV - [2004/07/14 11:28:50 | 000,023,545 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ssrtln.sys -- (ssrtln)

DRV - [2004/06/30 08:39:36 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)

DRV - [2004/04/08 19:48:22 | 000,016,896 | ---- | M] (WIDCOMM, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\btaudio.sys -- (btaudio)

DRV - [2004/04/08 19:41:50 | 001,239,338 | ---- | M] (WIDCOMM, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)

DRV - [2004/04/08 19:34:44 | 000,030,235 | ---- | M] (WIDCOMM, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\btport.sys -- (BTDriver)

DRV - [2004/04/08 19:25:00 | 000,053,336 | ---- | M] (WIDCOMM, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\btwusb.sys -- (BTWUSB)

DRV - [2004/03/29 17:28:24 | 000,014,531 | ---- | M] (iRiver, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ifp800.sys -- (IFP800)

DRV - [2004/02/20 14:13:50 | 000,312,960 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\BCMWL5.SYS -- (BCM43XX)

DRV - [2004/02/20 13:31:30 | 000,012,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\DELL\Drivers\R87747\ATIXPGAA.SYS -- (ATIXPGAA)

DRV - [2004/02/13 08:46:00 | 000,017,153 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)

DRV - [2003/11/13 16:17:00 | 001,042,816 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_DP.sys -- (HSF_DP)

DRV - [2003/05/21 15:47:12 | 000,175,360 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\b57xp32.sys -- (b57w2k)

DRV - [2001/08/17 12:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)

DRV - [2001/08/17 12:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)

DRV - [2001/08/17 12:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)

DRV - [2001/08/17 12:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)

DRV - [2001/08/17 12:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)

DRV - [2001/08/17 11:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)

DRV - [2001/08/17 11:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)

DRV - [2001/08/17 11:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)

DRV - [2001/08/17 11:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)

DRV - [2001/08/17 11:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)

DRV - [2001/08/17 11:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)

DRV - [2001/08/17 11:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)

DRV - [2001/08/17 11:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)

DRV - [2001/08/17 11:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)

DRV - [2001/08/17 11:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-4063700298-1993143524-3490183359-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/

IE - HKU\S-1-5-21-4063700298-1993143524-3490183359-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2010/04/24 12:35:59 | 000,000,000 | ---D | M]

O1 HOSTS File: ([2010/07/01 18:01:58 | 000,000,027 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\SYSTEM32\dla\tfswshx.dll (Sonic Solutions)

O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.8.0.41\CoIEPlg.dll (Symantec Corporation)

O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.8.0.41\IPSBHO.dll (Symantec Corporation)

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.8.0.41\CoIEPlg.dll (Symantec Corporation)

O3 - HKLM\..\Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - No CLSID value found.

O3 - HKU\S-1-5-21-4063700298-1993143524-3490183359-1006\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.

O3 - HKU\S-1-5-21-4063700298-1993143524-3490183359-1006\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.8.0.41\CoIEPlg.dll (Symantec Corporation)

O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)

O4 - HKLM..\Run: [AtiPTA] C:\WINDOWS\System32\atiptaxx.exe (ATI Technologies, Inc.)

O4 - HKLM..\Run: [bacstray] C:\WINDOWS\System32\BacsTray.exe (Broadcom Corporation)

O4 - HKLM..\Run: [DIGServices] C:\Program Files\ESPNRunTime\DIGServices.exe (Walt Disney Internet Group)

O4 - HKLM..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe (Walt Disney Internet Group)

O4 - HKLM..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe (Hewlett-Packard)

O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\hpztsb10.exe (HP)

O4 - HKLM..\Run: [Profiler] C:\Program Files\Saitek\Software\Profiler.exe (Saitek)

O4 - HKLM..\Run: [saiSmart] C:\Program Files\Saitek\Software\SaiSmart.exe (Saitek)

O4 - HKLM..\Run: [symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe (Symantec Corporation)

O4 - HKLM..\Run: [updateManager] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)

O4 - HKU\S-1-5-21-4063700298-1993143524-3490183359-1006..\Run: [MoneyInsights] C:\Program Files\Microsoft Money Plus\MNYCoreFiles\mnyinsit.exe (Microsoft® Corporation)

O4 - HKU\S-1-5-21-4063700298-1993143524-3490183359-1006..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

O4 - HKU\S-1-5-21-4063700298-1993143524-3490183359-1006..\Run: [TCOYFReminder] C:\Program Files\TCOYF\tcoyftray.exe (Ovusoft, LLC)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe File not found

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\BTTray.lnk = C:\Program Files\Dell\Bluetooth Software\BTTray.exe (WIDCOMM, Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ymetray.lnk = C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe (Yahoo! Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-4063700298-1993143524-3490183359-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-4063700298-1993143524-3490183359-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\S-1-5-21-4063700298-1993143524-3490183359-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-21-4063700298-1993143524-3490183359-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)

O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\Dell\Bluetooth Software\btsendto_ie_ctx.htm ()

O9 - Extra Button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyPoker.net\partypokernet.exe File not found

O9 - Extra 'Tools' menuitem : PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyPoker.net\partypokernet.exe File not found

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O15 - HKU\S-1-5-21-4063700298-1993143524-3490183359-1006\..Trusted Domains: //@surf.mar@/ ([]money in Local intranet)

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)

O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://support.microsoft.com/OAS/ActiveX/MSDcode.cab (Microsoft Data Collection Control)

O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.1...toUploader5.cab (Facebook Photo Uploader 5 Control)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/3/9...heckControl.cab (Windows Genuine Advantage Validation Tool)

O16 - DPF: {26B2A5DA-BFD6-422F-A89A-28A54C74B12B} http://www.costcophotocenter.com/upload/ac...veX_Control.cab (Photo Upload Plugin Class)

O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcafee.com/molbin/shared/m...90/mcinsctl.cab (Reg Error: Key error.)

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab (MSN Photo Upload Tool)

O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://www.mpix.com/customer/uploading/act...geUploader5.cab (Image Uploader Control)

O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} http://www.systemrequirementslab.com/sysreqlab2.cab (System Requirements Lab Class)

O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager)

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdat...b?1144890235671 (MUWebControl Class)

O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/inst...ctDetection.cab (GMNRev Class)

O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.0...oUploader55.cab (Facebook Photo Uploader 5 Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.)

O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} http://web1.shutterfly.com/downloads/Uploader.cab (Shutterfly Picture Upload Plugin)

O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} http://h20264.www2.hp.com/ediags/dd/instal...nosticsxp2k.cab (DDRevision Class)

O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx (Get_ActiveX Control)

O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} http://download.mcafee.com/molbin/shared/m...,23/mcgdmgr.cab (Reg Error: Key error.)

O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} http://www.systemrequirementslab.com/sysreqlab.cab (System Requirements Lab Class)

O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O16 - DPF: {EFD1E13D-1CB3-4545-B754-CA410FE7734F} http://www.costcophotocenter.com/upload/ac...veX_Control.cab (Photo Upload Plugin Class)

O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)

O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.8.0.41\CoIEPlg.dll (Symantec Corporation)

O18 - Protocol\Handler\widimg {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\SYSTEM32\BTXPPanel.dll (WIDCOMM, Inc.)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2004/08/11 15:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/07/02 17:43:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andy Pulver\Desktop\Fix 7-2

[2010/07/02 17:43:28 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Andy Pulver\Desktop\OTL.exe

[2010/07/01 18:12:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andy Pulver\Desktop\Fix 7-1

[2010/07/01 18:03:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp

[2010/07/01 17:50:55 | 000,000,000 | ---D | C] -- C:\ComboFix

[2010/06/30 18:32:02 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe

[2010/06/30 18:32:02 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe

[2010/06/30 18:32:02 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe

[2010/06/30 18:32:02 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe

[2010/06/30 18:31:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT

[2010/06/30 18:31:07 | 000,000,000 | ---D | C] -- C:\Qoobox

[2010/06/30 18:30:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andy Pulver\Desktop\Fix 6-30

[2010/06/28 05:52:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andy Pulver\Desktop\attachments to post

[2010/06/28 05:51:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andy Pulver\Desktop\attachments to zip

[2010/06/28 05:47:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andy Pulver\Desktop\defogger

[2010/06/22 19:08:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andy Pulver\Application Data\Malwarebytes

[2010/06/22 19:08:35 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2010/06/22 19:08:33 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2010/06/22 19:08:33 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2010/06/22 19:08:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes

[2010/06/21 17:26:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andy Pulver\Desktop\New Folder

[2010/06/19 16:20:49 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Support

[2010/06/09 15:11:10 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll

[9 C:\Documents and Settings\Andy Pulver\My Documents\*.tmp files -> C:\Documents and Settings\Andy Pulver\My Documents\*.tmp -> ]

[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/07/02 17:42:21 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL

[2010/07/02 17:39:32 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job

[2010/07/02 17:39:13 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT

[2010/07/02 17:39:07 | 2146,725,888 | -HS- | M] () -- C:\hiberfil.sys

[2010/07/02 10:39:51 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andy Pulver\Desktop\OTL.exe

[2010/07/02 07:02:00 | 007,864,320 | -H-- | M] () -- C:\Documents and Settings\Andy Pulver\NTUSER.DAT

[2010/07/02 07:02:00 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Andy Pulver\NTUSER.INI

[2010/07/02 07:01:55 | 006,430,432 | -H-- | M] () -- C:\Documents and Settings\Andy Pulver\Local Settings\Application Data\IconCache.db

[2010/07/01 18:02:06 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini

[2010/07/01 18:01:58 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\ETC\hosts

[2010/06/28 05:47:07 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Andy Pulver\defogger_reenable

[2010/06/23 14:51:04 | 000,293,376 | ---- | M] () -- C:\Documents and Settings\Andy Pulver\Desktop\7llv1cx5.exe

[2010/06/23 14:50:40 | 000,525,824 | ---- | M] () -- C:\Documents and Settings\Andy Pulver\Desktop\dds.scr

[2010/06/22 19:35:11 | 000,000,603 | ---- | M] () -- C:\WINDOWS\WIN.INI

[2010/06/22 19:35:11 | 000,000,211 | RHS- | M] () -- C:\BOOT.INI

[2010/06/21 18:21:31 | 000,001,100 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat

[2010/06/21 17:47:28 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2010/06/21 17:45:40 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2010/06/21 11:17:00 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4063700298-1993143524-3490183359-1006UA.job

[2010/06/21 01:57:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2010/06/20 13:17:00 | 000,000,950 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4063700298-1993143524-3490183359-1006Core.job

[2010/06/19 09:23:06 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk

[2010/06/19 08:32:01 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm

[2010/06/19 08:32:01 | 000,000,232 | -H-- | M] () -- C:\sqmdata15.sqm

[2010/06/18 17:38:44 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm

[2010/06/18 17:38:44 | 000,000,232 | -H-- | M] () -- C:\sqmdata14.sqm

[2010/06/18 09:19:58 | 000,022,528 | ---- | M] () -- C:\Documents and Settings\Andy Pulver\My Documents\Jens shower to do list.doc

[2010/06/18 09:19:55 | 000,069,632 | ---- | M] () -- C:\Documents and Settings\Andy Pulver\My Documents\JENS BABY SHOWER GIFT LIST.doc

[2010/06/17 19:23:10 | 010,649,600 | ---- | M] () -- C:\Documents and Settings\Andy Pulver\My Documents\PulverFamily.mny

[2010/06/17 19:23:10 | 000,000,384 | ---- | M] () -- C:\Documents and Settings\Andy Pulver\My Documents\PulverFamily.lrd

[2010/06/17 19:23:06 | 010,558,351 | R--- | M] () -- C:\Documents and Settings\Andy Pulver\My Documents\PulverFamily Backup_2010-06-17_192303.mbf

[2010/06/17 19:18:35 | 000,039,424 | ---- | M] () -- C:\Documents and Settings\Andy Pulver\My Documents\Birthday party guest list.doc

[2010/06/16 13:32:53 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Andy Pulver\My Documents\Sleeper Game.doc

[2010/06/16 09:45:07 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\Andy Pulver\My Documents\Jen's baby shower.doc

[2010/06/15 18:14:05 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm

[2010/06/15 18:14:05 | 000,000,232 | -H-- | M] () -- C:\sqmdata13.sqm

[2010/06/15 18:09:13 | 010,283,847 | R--- | M] () -- C:\Documents and Settings\Andy Pulver\My Documents\PulverFamily Backup_2010-06-15_180910.mbf

[2010/06/15 17:44:02 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm

[2010/06/15 17:44:02 | 000,000,232 | -H-- | M] () -- C:\sqmdata12.sqm

[2010/06/15 15:13:18 | 010,197,815 | R--- | M] () -- C:\Documents and Settings\Andy Pulver\My Documents\PulverFamily Backup_2010-06-15_151314.mbf

[2010/06/15 13:14:59 | 000,243,417 | ---- | M] () -- C:\Documents and Settings\Andy Pulver\Desktop\Door Sign001.jpg

[2010/06/15 07:12:26 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm

[2010/06/15 07:12:26 | 000,000,232 | -H-- | M] () -- C:\sqmdata11.sqm

[2010/06/14 06:48:29 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm

[2010/06/14 06:48:29 | 000,000,232 | -H-- | M] () -- C:\sqmdata10.sqm

[2010/06/13 19:37:54 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm

[2010/06/13 19:37:54 | 000,000,232 | -H-- | M] () -- C:\sqmdata09.sqm

[2010/06/12 20:07:07 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm

[2010/06/12 20:07:07 | 000,000,232 | -H-- | M] () -- C:\sqmdata08.sqm

[2010/06/11 18:12:48 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm

[2010/06/11 18:12:48 | 000,000,232 | -H-- | M] () -- C:\sqmdata07.sqm

[2010/06/10 21:21:40 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm

[2010/06/10 21:21:40 | 000,000,232 | -H-- | M] () -- C:\sqmdata06.sqm

[2010/06/10 19:12:38 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk

[2010/06/10 19:03:25 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm

[2010/06/10 19:03:25 | 000,000,232 | -H-- | M] () -- C:\sqmdata05.sqm

[2010/06/10 18:39:50 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm

[2010/06/10 18:39:50 | 000,000,232 | -H-- | M] () -- C:\sqmdata04.sqm

[2010/06/10 15:51:59 | 000,445,608 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT

[2010/06/10 15:51:59 | 000,072,774 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT

[2010/06/10 15:51:58 | 000,525,094 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI

[2010/06/10 13:01:39 | 000,202,528 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2010/06/10 08:15:54 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2010/06/10 07:43:34 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm

[2010/06/10 07:43:34 | 000,000,232 | -H-- | M] () -- C:\sqmdata03.sqm

[2010/06/09 18:17:54 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm

[2010/06/09 18:17:54 | 000,000,232 | -H-- | M] () -- C:\sqmdata02.sqm

[2010/06/09 07:12:14 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm

[2010/06/09 07:12:14 | 000,000,232 | -H-- | M] () -- C:\sqmdata01.sqm

[2010/06/07 10:32:16 | 000,000,232 | -H-- | M] () -- C:\sqmdata00.sqm

[2010/06/07 10:32:15 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm

[2010/06/06 14:51:13 | 000,392,704 | ---- | M] () -- C:\Documents and Settings\Andy Pulver\My Documents\Jen baby shower return address labels.doc

[2010/06/06 14:48:29 | 000,045,056 | ---- | M] () -- C:\Documents and Settings\Andy Pulver\My Documents\Jen's baby shower address lables.doc

[2010/06/06 14:39:11 | 000,045,056 | ---- | M] () -- C:\Documents and Settings\Andy Pulver\My Documents\Birthday party gift list.doc

[2010/06/06 14:38:26 | 000,052,736 | ---- | M] () -- C:\Documents and Settings\Andy Pulver\My Documents\Birthday party address labels.doc

[2010/06/05 23:51:44 | 000,245,760 | ---- | M] () -- C:\Documents and Settings\Andy Pulver\My Documents\birthday party return address labels.doc

[2010/06/05 15:17:29 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm

[2010/06/05 15:17:29 | 000,000,232 | -H-- | M] () -- C:\sqmdata19.sqm

[2010/06/04 19:32:38 | 000,075,776 | ---- | M] () -- C:\Documents and Settings\Andy Pulver\My Documents\Jen is registered at Babies.doc

[2010/06/04 19:06:54 | 000,166,912 | ---- | M] () -- C:\Documents and Settings\Andy Pulver\My Documents\Jen is registered at.doc

[2010/06/04 15:02:14 | 000,030,208 | ---- | M] () -- C:\Documents and Settings\Andy Pulver\My Documents\Jens shower guest list.doc

[2010/06/04 13:22:05 | 000,226,728 | R--- | M] (Coupons, Inc.) -- C:\WINDOWS\System32\cpnprt2.cid

[2010/06/02 18:48:01 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm

[2010/06/02 18:48:01 | 000,000,232 | -H-- | M] () -- C:\sqmdata18.sqm

[9 C:\Documents and Settings\Andy Pulver\My Documents\*.tmp files -> C:\Documents and Settings\Andy Pulver\My Documents\*.tmp -> ]

[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/06/30 18:32:02 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe

[2010/06/30 18:32:02 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe

[2010/06/30 18:32:02 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe

[2010/06/30 18:32:02 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe

[2010/06/30 18:32:02 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe

[2010/06/28 05:47:07 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Andy Pulver\defogger_reenable

[2010/06/24 17:29:09 | 2146,725,888 | -HS- | C] () -- C:\hiberfil.sys

[2010/06/23 17:52:30 | 000,525,824 | ---- | C] () -- C:\Documents and Settings\Andy Pulver\Desktop\dds.scr

[2010/06/23 17:52:30 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Andy Pulver\Desktop\7llv1cx5.exe

[2010/06/22 19:35:11 | 000,001,757 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk

[2010/06/22 19:35:11 | 000,000,918 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ymetray.lnk

[2010/06/22 19:35:11 | 000,000,667 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\BTTray.lnk

[2010/06/22 19:35:11 | 000,000,493 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk

[2010/06/17 19:23:05 | 010,558,351 | R--- | C] () -- C:\Documents and Settings\Andy Pulver\My Documents\PulverFamily Backup_2010-06-17_192303.mbf

[2010/06/16 13:32:53 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Andy Pulver\My Documents\Sleeper Game.doc

[2010/06/15 18:09:11 | 010,283,847 | R--- | C] () -- C:\Documents and Settings\Andy Pulver\My Documents\PulverFamily Backup_2010-06-15_180910.mbf

[2010/06/15 15:13:18 | 010,197,815 | R--- | C] () -- C:\Documents and Settings\Andy Pulver\My Documents\PulverFamily Backup_2010-06-15_151314.mbf

[2010/06/15 13:15:11 | 000,243,417 | ---- | C] () -- C:\Documents and Settings\Andy Pulver\Desktop\Door Sign001.jpg

[2010/06/14 22:23:03 | 000,022,528 | ---- | C] () -- C:\Documents and Settings\Andy Pulver\My Documents\Jens shower to do list.doc

[2010/06/14 20:32:19 | 000,000,384 | ---- | C] () -- C:\Documents and Settings\Andy Pulver\My Documents\PulverFamily.lrd

[2010/06/10 19:09:36 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk

[2010/06/06 14:51:53 | 000,069,632 | ---- | C] () -- C:\Documents and Settings\Andy Pulver\My Documents\JENS BABY SHOWER GIFT LIST.doc

[2010/06/06 14:37:40 | 000,045,056 | ---- | C] () -- C:\Documents and Settings\Andy Pulver\My Documents\Birthday party gift list.doc

[2010/06/05 23:32:51 | 000,245,760 | ---- | C] () -- C:\Documents and Settings\Andy Pulver\My Documents\birthday party return address labels.doc

[2010/06/04 19:32:38 | 000,075,776 | ---- | C] () -- C:\Documents and Settings\Andy Pulver\My Documents\Jen is registered at Babies.doc

[2010/06/04 19:06:54 | 000,166,912 | ---- | C] () -- C:\Documents and Settings\Andy Pulver\My Documents\Jen is registered at.doc

[2010/06/04 15:02:06 | 000,392,704 | ---- | C] () -- C:\Documents and Settings\Andy Pulver\My Documents\Jen baby shower return address labels.doc

[2010/06/04 14:55:00 | 000,045,056 | ---- | C] () -- C:\Documents and Settings\Andy Pulver\My Documents\Jen's baby shower address lables.doc

[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll

[2007/07/09 17:48:40 | 000,000,082 | ---- | C] () -- C:\WINDOWS\AW6.ini

[2007/07/06 13:33:02 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\ESUtil.dll

[2006/12/03 19:15:27 | 000,036,962 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll

[2006/09/18 13:29:44 | 000,000,047 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2006/03/31 12:00:35 | 000,000,011 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.ini

[2006/01/07 16:55:47 | 000,000,484 | ---- | C] () -- C:\WINDOWS\cdplayer.ini

[2005/12/08 07:13:30 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\SAICFG.dll

[2005/12/07 12:00:02 | 000,205,824 | ---- | C] () -- C:\WINDOWS\patchw32.dll

[2005/12/07 11:58:32 | 000,205,824 | ---- | C] () -- C:\WINDOWS\pw32a.dll

[2005/09/25 16:58:09 | 000,010,385 | ---- | C] () -- C:\WINDOWS\hpdj3600.ini

[2005/09/23 15:48:42 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini

[2005/09/16 14:40:13 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2005/09/16 14:32:33 | 000,000,264 | ---- | C] () -- C:\WINDOWS\wininit.ini

[2005/09/16 14:29:15 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2005/09/16 13:54:54 | 000,000,515 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI

[2005/03/09 21:02:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI

[2004/09/15 19:49:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini

[2004/08/11 15:25:56 | 000,000,791 | ---- | C] () -- C:\WINDOWS\ORUN32.INI

[2004/08/04 03:00:00 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\FXSPERF.INI

[2004/04/08 20:03:24 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll

[2003/01/07 13:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

[2002/10/06 11:42:57 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll

[2002/10/04 16:04:25 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll

[2002/10/04 16:04:24 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll

[2002/10/04 16:04:17 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll

[2002/05/15 21:29:04 | 000,000,607 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest

[2001/11/23 16:18:00 | 000,000,597 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest

[2001/11/14 11:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:02C77207

< End of report >

OTL Extras logfile created on: 7/2/2010 5:44:06 PM - Run 1

OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\Andy Pulver\Desktop

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 82.00% Memory free

4.00 Gb Paging File | 4.00 Gb Available in Paging File | 95.00% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 71.47 Gb Total Space | 9.98 Gb Free Space | 13.96% Space Free | Partition Type: NTFS

Drive D: | 0.94 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: PULVER

Current User Name: Andy Pulver

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 0

"DoNotAllowExceptions" = 0

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- File not found

"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL -- File not found

"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL -- File not found

"C:\Program Files\MSN Messenger\msncall.exe" = C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) -- File not found

"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\Yahoo!\Yahoo! Music Jukebox\YahooMusicEngine.exe" = C:\Program Files\Yahoo!\Yahoo! Music Jukebox\YahooMusicEngine.exe:*:Enabled:Yahoo! Music Jukebox -- (Yahoo! Inc.)

"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- (Microsoft Corporation)

"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{03ADCA1C-BCF0-4B12-AFCF-8EBF2CB3AB07}" = SST Programming Software

"{03CDDD00-BD57-4326-9480-4C74449AF597}" = PhotoStitch

"{072D2077-9E22-4F7F-B817-A92CA6CCC843}" = iriver Music Manager

"{093625E3-7B87-49D3-AA53-AD0FCFABAF49}" = Camera Window

"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager

"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE

"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA

"{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}" = Sid Meier's Pirates!

"{1F63ED0B-EDD2-4037-B6AB-1358C624AF48}" = Scan

"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD

"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 14

"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com

"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime

"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java SE Runtime Environment 6 Update 1

"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java 6 Update 2

"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java 6 Update 3

"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java 6 Update 5

"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7

"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10

"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Page

"{3C69D304-9CAE-4D36-857D-63E990D90963}" = TheRecord Player

"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting

"{4192EAC0-6B36-4723-B216-D0E86E7757AC}" = Jasc Paint Shop Photo Album 5

"{43602F34-1AA3-44FB-AEB2-D08C2C73743F}" = Paint.NET v3.36

"{4CCC7F68-A437-4559-A840-F5E010934951}" = HP Driver Diagnostics

"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support

"{571700F0-DB9D-4B3A-B03D-35A14BB5939F}" = Windows Live Messenger

"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool

"{5D26966C-952F-49D9-9C91-07C4E8FAB252}" = PrintingPress

"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0

"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.1

"{68D60342-7686-45C9-B8EB-40EF843D0460}" = Dell Networking Guide

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{6BF19E39-2DE8-4D7D-8838-D8B6F873DF57}" = Deco

"{6E179C77-7335-458D-9537-4F4EAC0181ED}" = Photo Click

"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer

"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{76BC2442-0002-47FA-9617-43BAD82BEF4C}" = Bonjour

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{78C496B9-5A6B-4692-8C2E-AFFFC34E4961}" = Jasc Paint Shop Pro Studio, Dell Editon

"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper

"{7F1B3341-A94E-4F5C-B587-CA0EB964221E}" = Microsoft Money Shared Libraries

"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder

"{89EE857B-8970-4F9F-AB58-A1C873AC72B3}" = Broadcom Advanced Control Suite

"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system

"{90535871-81B9-4D99-8A13-A7EE97F2D7FE}" = Dell Bluetooth Software

"{91130409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Basic Edition 2003

"{91A5B6C0-EF4E-4830-AC7D-6761C0A9B292}" = hp deskjet 3600

"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!

"{996A2FAA-7514-4628-9D12-A8FC34A0016E}" = iTunes

"{9AB97F52-512B-43EF-AAEC-4825C17B32ED}" = EA.com Update

"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver

"{A1062847-0846-427A-92A1-BB8251A91E91}" = HP PSC & OfficeJet 4.2

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = C-Major Audio

"{A4EA3AB4-E78C-4286-96DF-26035507CE55}" = AiO_Scan

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AC0EE5B0-A8FB-4D0A-AF03-2EDC518F841B}" = Dell Media Experience

"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.2

"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9

"{AF06CAE4-C134-44B1-B699-14FBDB63BD37}" = Dell Picture Studio v3.0

"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0

"{B5C3B892-0849-476C-9F46-B12F84819D57}" = Apple Mobile Device Support

"{BEB03A1A-1EB6-48EB-9985-8B97315EE5C0}" = RemoteCapture 2.7.0

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}" = Canon Utilities ZoomBrowser EX

"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet

"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection

"{CAFECAFE-0013-0001-0122-ABCDEFABCDEF}" = Oracle JInitiator 1.3.1.22

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CDE4CC8B-134B-421E-943C-90799E56F664}" = Dell Media Experience Update

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)

"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect

"{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation)

"{EC3B8CA2-49B8-4D38-BE9C-ABD0F6029168}" = Yahoo! Music Jukebox

"{EF0DD8B7-471C-463B-A298-6066C2FABAF5}" = File Viewer Utility 1.2

"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth

"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT Extension to Microsoft Windows XP CD Writing Wizard

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"All ATI Software" = ATI - Software Uninstall Utility

"AppleWorks 6" = AppleWorks 6

"ATI Display Driver" = ATI Display Driver (Omega 3.8.252)

"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Utility

"CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1" = Conexant D480 MDC V.92 Modem

"ComcastHSI" = Comcast High-Speed Internet Install Wizard

"Coupon Printer for Windows4.0" = Coupon Printer for Windows

"DellSupport" = Dell Support 5.0.0 (766)

"ESPN RunTime" = ESPN RunTime

"Google Updater" = Google Updater

"HP Photo & Imaging" = HP Image Zone 4.2

"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs

"ie7" = Windows Internet Explorer 7

"ie8" = Windows Internet Explorer 8

"InstallShield_{03CDDD00-BD57-4326-9480-4C74449AF597}" = Canon Utilities PhotoStitch 3.1

"InstallShield_{093625E3-7B87-49D3-AA53-AD0FCFABAF49}" = Canon Camera Window for ZoomBrowser EX

"InstallShield_{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}" = Sid Meier's Pirates!

"InstallShield_{3C69D304-9CAE-4D36-857D-63E990D90963}" = TheRecord Player

"InstallShield_{89EE857B-8970-4F9F-AB58-A1C873AC72B3}" = Broadcom Advanced Control Suite

"InstallShield_{BEB03A1A-1EB6-48EB-9985-8B97315EE5C0}" = Canon Utilities RemoteCapture 2.7

"InstallShield_{EF0DD8B7-471C-463B-A298-6066C2FABAF5}" = Canon Utilities File Viewer Utility 1.2

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Money2008b" = Microsoft Money Plus

"Move Networks Player_is1" = Move Networks Player for Internet Explorer

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"NIS" = Norton Internet Security

"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs

"oggcodecs" = oggcodecs 0.71.0946

"OggDS" = Direct Show Ogg Vorbis Filter (remove only)

"Oracle JInitiator 1.3.1.13" = Oracle JInitiator 1.3.1.13

"PhotoRecord" = Canon PhotoRecord

"Picasa 3" = Picasa 3

"PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation)

"Steam App 380" = Half-Life 2: Episode One

"StreetPlugin" = Learn2 Player (Uninstall Only)

"SystemRequirementsLab" = System Requirements Lab

"Taking Charge of Your Fertility Software" = Taking Charge of Your Fertility Software

"ViewpointMediaPlayer" = Viewpoint Media Player

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Windows Media Player 11

"Windows XP Service Pack" = Windows XP Service Pack 3

"WinRAR archiver" = WinRAR archiver

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"WMV9_VCM" = Microsoft Windows Media Video 9 VCM

"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-4063700298-1993143524-3490183359-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Google Chrome" = Google Chrome

"Steam App 1200" = Red Orchestra

"Steam App 1522" = Defcon Demo

"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.8.1

========== Last 10 Event Log Errors ==========

[ Application Events ]

Error - 7/1/2010 8:44:07 PM | Computer Name = PULVER | Source = Google Update | ID = 20

Description =

Error - 7/1/2010 8:46:59 PM | Computer Name = PULVER | Source = Google Update | ID = 20

Description =

Error - 7/1/2010 8:49:26 PM | Computer Name = PULVER | Source = Google Update | ID = 20

Description =

Error - 7/1/2010 8:59:59 PM | Computer Name = PULVER | Source = Google Update | ID = 20

Description =

Error - 7/1/2010 9:16:22 PM | Computer Name = PULVER | Source = Google Update | ID = 20

Description =

Error - 7/1/2010 9:16:38 PM | Computer Name = PULVER | Source = Google Update | ID = 20

Description =

Error - 7/2/2010 9:59:59 AM | Computer Name = PULVER | Source = Google Update | ID = 20

Description =

Error - 7/2/2010 10:00:19 AM | Computer Name = PULVER | Source = Google Update | ID = 20

Description =

Error - 7/2/2010 8:39:28 PM | Computer Name = PULVER | Source = Google Update | ID = 20

Description =

Error - 7/2/2010 8:42:45 PM | Computer Name = PULVER | Source = Google Update | ID = 20

Description =

[ System Events ]

Error - 7/1/2010 8:44:07 PM | Computer Name = PULVER | Source = DCOM | ID = 10005

Description = DCOM got error "%1058" attempting to start the service SENS with arguments

"" in order to run the server: {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}

Error - 7/1/2010 8:44:07 PM | Computer Name = PULVER | Source = DCOM | ID = 10005

Description = DCOM got error "%1058" attempting to start the service SENS with arguments

"" in order to run the server: {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}

Error - 7/1/2010 8:44:07 PM | Computer Name = PULVER | Source = DCOM | ID = 10005

Description = DCOM got error "%1058" attempting to start the service SENS with arguments

"" in order to run the server: {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}

Error - 7/2/2010 9:59:48 AM | Computer Name = PULVER | Source = Service Control Manager | ID = 7001

Description = The Windows Audio service depends on the Plug and Play service which

failed to start because of the following error: %%1058

Error - 7/2/2010 9:59:48 AM | Computer Name = PULVER | Source = Service Control Manager | ID = 7001

Description = The Computer Browser service depends on the Server service which failed

to start because of the following error: %%1058

Error - 7/2/2010 9:59:48 AM | Computer Name = PULVER | Source = Service Control Manager | ID = 7001

Description = The Fax service depends on the Plug and Play service which failed

to start because of the following error: %%1058

Error - 7/2/2010 9:59:48 AM | Computer Name = PULVER | Source = Service Control Manager | ID = 7000

Description = The hpdj service failed to start due to the following error: %%2

Error - 7/2/2010 9:59:48 AM | Computer Name = PULVER | Source = Service Control Manager | ID = 7001

Description = The Windows Firewall/Internet Connection Sharing (ICS) service depends

on the Network Connections service which failed to start because of the following

error: %%1058

Error - 7/2/2010 9:59:51 AM | Computer Name = PULVER | Source = DCOM | ID = 10005

Description = DCOM got error "%1058" attempting to start the service netman with

arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 7/2/2010 9:59:52 AM | Computer Name = PULVER | Source = Service Control Manager | ID = 7026

Description = The following boot-start or system-start driver(s) failed to load:

atitray

< End of report >

[Elise]

Hello again,

Please try to follow the steps here and let me know if that resolves the Network Connections/Device Manager problem.

[Apulver]

I was really hopeful for this one, but unfortunately there is still no internet connection.

However, this step did make a "Safely Remove Hardware" icon reappear in the bottom-right corner of the screen, which is definitely an improvement.

Not sure if this is noteworthy, but in that same box while Windows loads on startup, occasionally icons will appear for just a split second and then dissappear (often times before I can even tell what it is). I have NOT seen any internet connection icon (wireless or otherwise) do this... they are mostly programs (such as HP's printing software updater).

Thanks for the continuing help. What should I try next?

[Elise]

If your Network Connections is still empty, please follow the steps here

Take your time to read through it and let me know if you have any problems with the instructions.

[Apulver]

Progress! But still no internet connection.

All of the icons in Network Connections have reappeared.

My wireless connection says "not connected" and the 1394 connection says "connected"

I right-click on the wireless connection, select repair, and it makes it all the way up until "connecting to the wireless network" where it thinks for a long period of time and then says it cannot connect.

I restarted our modem and wireless router, re-tried repair, with the same results.

Of note, I clicked "view wireless networks" and there are none listed (there are usually about ten)

Any ideas?

[Elise]

Lets see if we can get it to work altogether

Please click Start > Run, type service.msc and press enter. Scroll to the DHCP Service and verify it is set to Automated and Running. If not, start it.

Let me know what the status of the DHCP service is.

[Apulver]

DHCP is active and on automatic

[Elise]

I take it that was already the case and did not fix the issue?

Please click Start > Run, type devmgmt.msc in the runbox and press enter.

Rightclick on your Network Adapter and select Uninstall. Confirm and reboot your computer. The Network Adapter will now automatically be reinstalled.

Let me know if you are now able to connect.

[Apulver]

Regarding my last reply, yes, that was already the case and did not fix the issue

I have also uninstalled the network adaptor(s) and it is still not detecting any wireless networks

To double-check that it wasn't my router, I used my work laptop (the functioning one) to search for wireless networks and was able to detect my home's wireless network

Thanks for the continuing help

[Elise]

Please make sure your integrated wireless network adapter is turned on. It may have some sort of outside switch for that.

[Apulver]

My laptop is an old Dell XPS (gen 1?)... in order to manually activate the wireless network adaptor you press function + f2.

Currently hitting these keys does nothing regarding internet connections.

I'm not sure if there is another way to turn on my wireless adaptor via windows...

[Elise]

In Network Connections make sure it is Enabled (otherwise, right click on the icon and select Enable).

[Apulver]

It is enabled (and has been)... to be sure I disabled/re-enabled my wireless card.

I tried to use Windows "Creating Network Connection" wizard... when I selected my wireless PCI card, the wizard informed me that "some network hardware is still disconnected." This seemed odd, since I uninstalled all network connections and then windows auto-installed them upon startup. I canceled the wizard at that point so that no changes were made. Not sure if this helps at all.

[Elise]

All seems to point at a turned-off card. Fn + f2 should indeed do the trick. Look also if there isn't a slider switch next to your Network adapter slot. Does the adapter have a light turned on?

[Apulver]

Okay here is what I've got, bear with me:

My laptop is equipped for bluetooth and there is an icon in the bottom-right corner that says "enable bluetooth radio". Although I don't know for sure, it seems to be connected to my wireless card.

When I first started my laptop, I could not enable the bluetooth, and it instructed me to press fn + f2. When I did this, I was able to successfully "enable bluetooth radio." Also, when I hit fn + f2 again, it turned off bluetooth radio.

In both situations -- when bluetooth (and presumably my wireless card) is enabled and disabled -- I cannot detect any wireless networks. I've looked all over the laptop and there does not appear to be any sliding switch or button (other than fn + f2) that would activate my wireless modem.

Also, I've searched my keyboard and the f2 key is the ONLY key with any sort of picture suggesting wireless connectivity (it has a picture of a radio tower on it)

It sure seems like I'm pressing the right buttons here to turn on my wireless connectivity... but every time I check, the laptop won't detect a single wireless network. Just before I got Antivirus Suite it could detect about 10 of them, including my personal wireless internet.

Any other suggestions?

[Apulver]

Oh, and the laptop itself does not have any external light to indicate that the wireless adaptor is active

[Elise]

Do you have a driver CD that came with the Integrated Network adapter? If so, try to uninstall it using Add/Remove programs and then reinstall using the CD.