Jump to content

browser problem


jmr442

Recommended Posts

Lately when I am using either browser, IE8 or Chrome when I click a link it will give an error message in the form of a long URL in the body of the browser. So I followed the directions above and here I am posting the files, thanks for the help.

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 7:02:51 AM, on 9/11/2010

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16385)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe

C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe

C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe

C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe

C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe

C:\Program Files (x86)\Launch Manager\LManager.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe

C:\Users\Jay Richards\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Jay Richards\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Jay Richards\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Users\Jay Richards\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Jay Richards\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Jay Richards\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&a...g4z1l5t4402x266

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&a...g4z1l5t4402x266

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&a...g4z1l5t4402x266

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"

O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"

O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED

O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [Acer Assist Launcher] C:\Program Files (x86)\Acer\Acer Assist\launcher.exe

O4 - HKLM\..\Run: [AT&T Communication Manager] "C:\Program Files (x86)\AT&T\Communication Manager\ATTCM.exe" -a

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKCU\..\Run: [Google Update] "C:\Users\Jay Richards\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: bmnet.dll

O10 - Unknown file in Winsock LSP: bmnet.dll

O10 - Unknown file in Winsock LSP: bmnet.dll

O16 - DPF: Web-Based Email Tools - http://email04.secureserver.net/Download.CAB

O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/...s/wlscctrl2.cab

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)

O23 - Service: AT&T RcAppSvc (ATTRcAppSvc) - SmithMicro Inc. - C:\Program Files (x86)\AT&T\Communication Manager\RcAppSvc.exe

O23 - Service: AT&T Con App Svc (CAATT) - SmithMicro Inc. - C:\Program Files (x86)\AT&T\Communication Manager\ConAppsSvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\Acer Games\Acer Game Console\GameConsoleService.exe

O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe

O23 - Service: NeatWorks Database Controller (NeatWorksDatabaseController) - The Neat Company - C:\Program Files (x86)\NeatWorks\exec\NeatWorksDatabaseController.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 12547 bytes

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Database version: 4475

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

9/11/2010 6:53:07 AM

mbam-log-2010-09-11 (06-53-07).txt

Scan type: Quick scan

Objects scanned: 143356

Time elapsed: 8 minute(s), 23 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

DDS (Ver_10-03-17.01) - NTFSX64

Run by Jay Richards at 6:23:53.34 on Sat 09/11/2010

Internet Explorer: 8.0.7600.16385

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.2812.1473 [GMT -4:00]

============== Running Processes ===============

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

C:\Program Files (x86)\Acer\Registration\GregHSRW.exe

C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe

C:\Program Files (x86)\NeatWorks\exec\NeatWorksDatabaseController.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe

C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe

C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

C:\Windows\SysWOW64\PnkBstrB.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe

C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe

C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe

C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe

C:\Program Files (x86)\Launch Manager\LManager.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Acer\Acer Updater\UpdaterService.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe

C:\Windows\system32\svchost.exe -k netsvcs

c:\Program Files\Microsoft Security Essentials\MsMpEng.exe

C:\Program Files\Microsoft Security Essentials\msseces.exe

C:\Windows\system32\taskhost.exe

C:\Users\Jay Richards\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Jay Richards\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Jay Richards\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\Jay Richards\Desktop\dds (1).scr

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/ig

uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5532&r=27360310d535l04g4z1l5t4402x266

uSearch Bar =

mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5532&r=27360310d535l04g4z1l5t4402x266

mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5532&r=27360310d535l04g4z1l5t4402x266

mLocal Page = c:\windows\syswow64\blank.htm

uInternet Settings,ProxyOverride = <local>

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files (x86)\google\googletoolbarnotifier\5.6.5612.1312\swg.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll

uRun: [Google Update] "c:\users\jay richards\appdata\local\google\update\GoogleUpdate.exe" /c

uRun: [swg] "c:\program files (x86)\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

mRun: [EgisTecLiveUpdate] "c:\program files (x86)\egistec egis software update\EgisUpdate.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files (x86)\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [ArcadeDeluxeAgent] "c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\ArcadeDeluxeAgent.exe"

mRun: [PlayMovie] "c:\program files (x86)\acer arcade deluxe\playmovie\PMVService.exe"

mRun: [NortonOnlineBackupReminder] "c:\program files (x86)\symantec\norton online backup\activation\NobuActivation.exe" UNATTENDED

mRun: [LManager] c:\program files (x86)\launch manager\LManager.exe

mRun: [startCCC] "c:\program files (x86)\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun

mRun: [Acer Assist Launcher] c:\program files (x86)\acer\acer assist\launcher.exe

mRun: [<NO NAME>]

mRun: [AT&T Communication Manager] "c:\program files (x86)\at&t\communication manager\ATTCM.exe" -a

mRun: [Adobe ARM] "c:\program files (x86)\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [Malwarebytes' Anti-Malware] "c:\program files (x86)\malwarebytes' anti-malware\mbamgui.exe" /starttray

mRun: [sunJavaUpdateSched] "c:\program files (x86)\common files\java\java update\jusched.exe"

mRun: [QuickTime Task] "c:\program files (x86)\quicktime\QTTask.exe" -atboottime

StartupFolder: c:\users\jayric~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files (x86)\microsoft office\office12\ONENOTEM.EXE

StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\quickb~1.lnk - c:\program files (x86)\common files\intuit\quickbooks\qbupdate\qbupdate.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

IE: E&xport to Microsoft Excel - c:\progra~2\micros~1\office12\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files (x86)\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files (x86)\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~2\micros~1\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~2\micros~1\office12\REFIEBAR.DLL

LSP: bmnet.dll

DPF: Web-Based Email Tools - hxxp://email04.secureserver.net/Download.CAB

DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

mASetup: Neat ADF Scanner 2008 - reg copy "HKLM\Software\Wow6432Node\The Neat Company\Neat ADF Scanner 2008" "HKCU\Software\The Neat Company\Neat ADF Scanner 2008" /s /f

BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files (x86)\google\google toolbar\GoogleToolbar_64.dll

BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg64.dll

TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\google\google toolbar\GoogleToolbar_64.dll

mRun-x64: [RtHDVCpl] c:\program files\realtek\audio\hda\RAVCpl64.exe

mRun-x64: [Acer ePower Management] c:\program files\acer\acer epower management\ePowerTray.exe

mRun-x64: [mwlDaemon] c:\program files (x86)\egistec\mywinlocker 3\x86\mwlDaemon.exe

mRun-x64: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

mRun-x64: [MSSE] "c:\program files\microsoft security essentials\msseces.exe" -hide -runkey

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-8-26 69152]

R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-3-25 173984]

R1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\drivers\mwlPSDFilter.sys [2009-6-2 22576]

R1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\drivers\mwlPSDNserv.sys [2009-6-2 20016]

R1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\drivers\mwlPSDVDisk.sys [2009-6-2 60464]

R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 59904]

R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-11-5 203264]

R2 ePowerSvc;Acer ePower Service;c:\program files\acer\acer epower management\ePowerSvc.exe [2009-11-5 844320]

R2 Greg_Service;GRegService;c:\program files (x86)\acer\registration\GregHSRW.exe [2009-8-28 1150496]

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\lavasoft\ad-aware\AAWService.exe [2010-8-12 1355928]

R2 MBAMService;MBAMService;c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe [2010-6-5 304464]

R2 MWLService;MyWinLocker Service;c:\program files (x86)\egistec\mywinlocker 3\x86\MWLService.exe [2009-9-10 305448]

R2 NeatWorksDatabaseController;NeatWorks Database Controller;c:\program files (x86)\neatworks\exec\NeatWorksDatabaseController.exe [2010-3-1 351384]

R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\newtech infosystems\nti backup now 5\SchedulerSvc.exe [2009-6-17 144640]

R2 Updater Service;Updater Service;c:\program files\acer\acer updater\UpdaterService.exe [2009-11-5 240160]

R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\drivers\L1C62x64.sys [2009-11-5 58880]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-6-5 24664]

R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-3-25 40832]

R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [2010-1-29 34872]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-13 17920]

S2 gupdate;Google Update Service (gupdate);c:\program files (x86)\google\update\GoogleUpdate.exe [2010-3-2 135664]

S3 ATTRcAppSvc;AT&T RcAppSvc;c:\program files (x86)\at&t\communication manager\RcAppSvc.exe [2008-11-20 113152]

S3 CAATT;AT&T Con App Svc;c:\program files (x86)\at&t\communication manager\ConAppsSvc.exe [2008-11-20 125440]

S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files (x86)\lavasoft\ad-aware\kernexplorer64.sys [2010-8-12 16928]

S3 MSSQL$NR2007;SQL Server (NR2007);c:\program files (x86)\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe [2009-5-27 29262680]

S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\newtech infosystems\nti backup now 5\BackupSvc.exe [2009-6-17 50432]

S3 PCTINDIS5X64;PCTINDIS5X64 NDIS Protocol Driver;c:\windows\system32\PCTINDIS5X64.sys [2008-11-20 43032]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2009-11-5 225824]

S3 SMSIVZAM5X64;SMSIVZAM5X64 NDIS Protocol Driver;c:\progra~2\verizo~1\vzacce~1\SMSIVZAM5X64.SYS [2009-5-25 43032]

S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-3-4 1255736]

=============== Created Last 30 ================

2010-09-10 07:43:07 0 d-----w- c:\program files (x86)\Microsoft Antimalware

2010-09-10 07:42:54 0 d-----w- c:\program files\Microsoft Security Essentials

2010-08-29 13:14:08 0 d-----w- c:\programdata\Apple Computer

2010-08-26 15:11:46 15880 ----a-w- c:\windows\system32\lsdelete.exe

2010-08-26 12:48:51 69152 ----a-w- c:\windows\system32\drivers\Lbd.sys

2010-08-26 12:33:14 0 dc-h--w- c:\programdata\{ECC164E0-3133-4C70-A831-F08DB2940F70}

2010-08-26 12:32:50 0 d-----w- c:\programdata\Lavasoft

2010-08-26 12:32:50 0 d-----w- c:\program files (x86)\Lavasoft

2010-08-22 22:17:28 0 d-----w- c:\programdata\Apple

2010-08-17 23:16:57 0 d-----w- c:\program files (x86)\Business Objects

==================== Find3M ====================

2010-07-29 06:30:34 82944 ----a-w- c:\windows\syswow64\iccvid.dll

2010-07-27 14:03:24 12867584 ----a-w- c:\windows\syswow64\shell32.dll

2010-07-17 09:00:12 153376 ----a-w- c:\windows\syswow64\javaws.exe

2010-07-17 09:00:12 145184 ----a-w- c:\windows\syswow64\javaw.exe

2010-07-17 09:00:10 145184 ----a-w- c:\windows\syswow64\java.exe

2010-07-17 09:00:04 423656 ----a-w- c:\windows\syswow64\deployJava1.dll

2010-06-30 07:13:46 1192960 ----a-w- c:\windows\system32\wininet.dll

2010-06-30 06:25:31 978432 ----a-w- c:\windows\syswow64\wininet.dll

2010-06-30 06:25:18 1226240 ----a-w- c:\windows\syswow64\urlmon.dll

2010-06-30 06:22:45 606208 ----a-w- c:\windows\syswow64\mstime.dll

2010-06-30 06:22:34 5971456 ----a-w- c:\windows\syswow64\mshtml.dll

2010-06-30 06:22:33 64512 ----a-w- c:\windows\syswow64\msfeedsbs.dll

2010-06-30 06:21:57 48128 ----a-w- c:\windows\syswow64\jsproxy.dll

2010-06-30 06:21:47 185856 ----a-w- c:\windows\syswow64\iepeers.dll

2010-06-30 06:21:47 176640 ----a-w- c:\windows\syswow64\ieui.dll

2010-06-30 06:21:46 10985472 ----a-w- c:\windows\syswow64\ieframe.dll

2010-06-30 06:21:44 381440 ----a-w- c:\windows\syswow64\iedkcs32.dll

2010-06-30 06:19:16 12800 ----a-w- c:\windows\syswow64\msfeedssync.exe

2010-06-21 15:35:05 214816 ----a-w- c:\windows\syswow64\PnkBstrB.exe

2010-06-19 07:05:01 5507968 ----a-w- c:\windows\system32\ntoskrnl.exe

2010-06-19 06:53:18 52224 ----a-w- c:\windows\system32\rtutils.dll

2010-06-19 06:33:29 3955080 ----a-w- c:\windows\syswow64\ntkrnlpa.exe

2010-06-19 06:33:29 3899784 ----a-w- c:\windows\syswow64\ntoskrnl.exe

2010-06-19 06:23:50 37376 ----a-w- c:\windows\syswow64\rtutils.dll

2010-06-19 04:32:34 3122688 ----a-w- c:\windows\system32\win32k.sys

2010-06-16 06:11:10 340992 ----a-w- c:\windows\system32\schannel.dll

2010-06-16 05:48:35 224256 ----a-w- c:\windows\syswow64\schannel.dll

2009-07-14 05:37:38 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat

2009-07-14 05:37:38 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat

2009-07-14 05:37:38 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat

2009-07-14 05:37:38 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat

2009-07-14 04:54:24 174 --sha-w- c:\program files\desktop.ini

2009-07-14 04:54:24 174 --sha-w- c:\program files (x86)\desktop.ini

2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat

2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat

2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat

2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat

2009-06-10 20:44:08 9633792 --sha-r- c:\windows\fonts\StaticCache.dat

2010-04-10 11:10:57 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010041020100411\index.dat

2010-04-11 12:46:08 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010041120100412\index.dat

2010-04-12 13:06:47 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010041220100413\index.dat

2010-04-13 13:37:25 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010041320100414\index.dat

2010-04-14 14:41:56 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010041420100415\index.dat

2010-04-15 14:48:32 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010041520100416\index.dat

2010-04-16 17:07:24 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010041620100417\index.dat

2010-04-17 18:45:11 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010041720100418\index.dat

2010-04-18 19:09:59 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010041820100419\index.dat

2010-04-19 20:42:13 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010041920100420\index.dat

2010-04-21 15:15:11 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010042120100422\index.dat

2010-04-22 15:30:26 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010042220100423\index.dat

2010-04-24 13:10:27 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010042420100425\index.dat

2010-04-25 16:01:12 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010042520100426\index.dat

2010-04-26 15:00:49 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010042620100427\index.dat

2010-04-27 15:44:34 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010042720100428\index.dat

2010-04-29 11:34:19 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010042920100430\index.dat

2010-05-03 11:16:06 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010050320100504\index.dat

2010-05-04 14:52:51 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010050420100505\index.dat

2010-05-05 15:01:53 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010050520100506\index.dat

2010-05-06 15:02:17 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010050620100507\index.dat

2010-05-08 14:18:36 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010050820100509\index.dat

2010-05-09 18:30:13 16384 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010050920100510\index.dat

2010-05-11 00:15:57 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010051020100511\index.dat

2010-05-12 00:42:04 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010051120100512\index.dat

2010-05-13 01:06:53 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010051220100513\index.dat

2010-05-14 01:26:32 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010051320100514\index.dat

2010-05-15 13:25:53 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010051520100516\index.dat

2010-05-16 21:15:56 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010051620100517\index.dat

2010-05-17 21:26:58 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010051720100518\index.dat

2010-05-18 21:48:58 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010051820100519\index.dat

2010-05-19 22:24:49 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010051920100520\index.dat

2010-05-20 22:31:52 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010052020100521\index.dat

2010-05-22 17:36:50 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010052220100523\index.dat

2010-05-23 21:16:48 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010052320100524\index.dat

2010-05-24 21:29:08 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010052420100525\index.dat

2010-05-26 04:33:18 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010052620100527\index.dat

2010-05-27 11:25:39 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010052720100528\index.dat

2010-05-28 13:53:42 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010052820100529\index.dat

2010-05-29 19:11:54 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010052920100530\index.dat

2010-05-30 19:35:47 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010053020100531\index.dat

2010-05-31 22:11:35 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010053120100601\index.dat

2010-06-07 13:06:32 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010053120100607\index.dat

2010-06-07 13:06:32 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010060720100608\index.dat

2010-06-08 13:39:39 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010060820100609\index.dat

2010-06-09 21:18:47 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010060920100610\index.dat

2010-06-10 21:34:14 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010061020100611\index.dat

2010-06-12 09:44:11 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010061220100613\index.dat

2009-07-14 01:39:53 398848 --sha-w- c:\windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f696639a2\WinMail.exe

2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

============= FINISH: 6:25:13.22 ===============

Link to post
Share on other sites

Hi,

Download OTL to your Desktop

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Check the box that says Scan All Users.
  • Download the following file scan.txt to your Desktop. Click here to download it. You may need to right click on it and select "Save"
  • Double click inside the Custom Scan box at the bottom
  • A window will appear saying "Click Ok to load a custom scan from a file or Cancel to cancel"
  • Click the Ok button and navigate to the file scan.txt which we just saved to your desktop
  • Select scan.txt and click Open. Writing will now appear under the Custom Scan box
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic

Link to post
Share on other sites

OTL Extras logfile created on: 9/19/2010 11:36:06 AM - Run 1

OTL by OldTimer - Version 3.2.14.0 Folder = C:\Users\Jay Richards\Desktop

64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 62.00% Memory free

5.00 Gb Paging File | 4.00 Gb Available in Paging File | 68.00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 136.95 Gb Total Space | 93.18 Gb Free Space | 68.04% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: ACER

Current User Name: Jay Richards

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: All users

Include 64bit Scans

Company Name Whitelist: On

Skip Microsoft Files: On

File Age = 90 Days

Output = Standard

Quick Scan

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-318679398-4083057737-1884335965-1000\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- C:\Users\Jay Richards\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %* File not found

cmdfile [open] -- "%1" %* File not found

comfile [open] -- "%1" %* File not found

exefile [open] -- "%1" %* File not found

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %* File not found

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1" File not found

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S File not found

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 0

"DisableNotifications" = 0

"DefaultOutboundAction" = 0

"DefaultInboundAction" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

"DefaultOutboundAction" = 0

"DefaultInboundAction" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

"DefaultOutboundAction" = 0

"DefaultInboundAction" = 0

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{08BE46F7-166A-4716-8603-75518EA54B3F}" = Driver Installer

"{79BF7CB8-1E09-489F-9547-DB3EE8EA3F16}" = Microsoft SQL Server Native Client

"{7EA2D88A-C8B7-4102-8644-0A437B6FC143}" = Neat Mobile Scanner Driver

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{86177DAE-38B1-49DD-912E-35CB703AB779}" = Microsoft SQL Server VSS Writer

"{8A2BC7D4-A7D3-45D5-B3D2-394718C53C41}" = Neat ADF Scanner 2008 Driver

"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007

"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007

"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{95C9C76F-ECF3-40FA-94F8-5DDFB6BAF40D}" = Microsoft Security Essentials

"{ACCA82EB-7088-919E-5E1C-100A24F11CCF}" = ATI Catalyst Install Manager

"{AF64F216-D859-43FC-9068-0005A41AEBA3}" = AT&T Communication Manager

"{D1108D4B-72F8-419F-88C5-ABB8DC09B3C7}" = Neat Mobile Scanner (Silver) Driver

"{DDE25FC9-892D-4D24-9325-3BAA5C15ACA9}" = Neat Mobile Scanner 2008 Driver

"{E2FCA441-6D7B-CD78-3ADF-42EA9FA06065}" = ccc-utility64

"{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" = Microsoft Antimalware

"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148

"Microsoft Security Essentials" = Microsoft Security Essentials

"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard

"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2

"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer

"{183F0908-AD5E-8B3B-5F06-28B1A8C65C62}" = CCC Help Japanese

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{23E9588B-05ED-BC2F-EB69-101A96511EF1}" = ccc-core-static

"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8

"{2484D1EA-CBA4-60BB-82B9-F8477D25C47A}" = CCC Help Dutch

"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe

"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 21

"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com

"{29802D65-9514-DB20-36CD-E47A94C8AEB9}" = Catalyst Control Center Graphics Full Existing

"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (NR2007)

"{2F61E9D7-CD05-643E-A04E-CC1A8B6610BA}" = CCC Help Finnish

"{2FA3CDD8-1436-497D-6339-789936561E99}" = CCC Help German

"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver

"{34123E80-BE96-6282-1167-6696730AF6D2}" = CCC Help Korean

"{34A350D1-64FB-36D8-9D0C-1CD8E392DBA5}" = Google Talk Plugin

"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform

"{3D20EF26-2E9A-D388-851D-E7675BBACFF5}" = Catalyst Control Center Core Implementation

"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker

"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management

"{4024F49B-65D4-D6B2-2A1D-6DBF6F09F181}" = CCC Help Greek

"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant

"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis

"{49A63237-FD38-AE77-6DF6-FFB41499A4E6}" = CCC Help Hungarian

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4CC2DA26-EE5B-4125-9073-FF0FF51579A0}" = Culinary Nutrition Manager

"{4F0FC827-B693-F166-612E-EA89D798540C}" = CCC Help Chinese Traditional

"{52FBF90E-D2EF-A2A3-1CCA-6984596B1B02}" = CCC Help English

"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)

"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service

"{628CBFE4-3823-67FB-26D2-566899C3BB5C}" = CCC Help Italian

"{63F26DAE-CB0D-98B6-3019-D4FC3D0DD203}" = Catalyst Control Center InstallProxy

"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail

"{652EB559-6865-DEF4-2409-D506963C15FD}" = CCC Help Polish

"{67E03279-F703-408F-B4BF-46B5FC8D70CD}" = Microsoft Works

"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker

"{68987945-A387-4C25-0C59-21F2AF657E65}" = CCC Help Thai

"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{6B45E33B-6BB4-234B-2F5F-65B1A103801D}" = CCC Help Russian

"{6B99737C-9FDC-50F9-C9A4-AB7DA5C9A336}" = Catalyst Control Center Graphics Full New

"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7BD1EAE4-2E08-4087-8600-44B0ACB0C887}" = NeatWorks Core Files

"{7BE74C0E-F300-D0A6-780B-C93BB78DE58C}" = CCC Help Norwegian

"{7E545666-F422-45FD-B3DF-C0B99A1A579F}" = QuickBooks Pro 2007

"{7E75ACC5-B0EC-7006-183A-374974019911}" = Catalyst Control Center Graphics Light

"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management

"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials

"{82809116-D1EE-443C-AE31-F19E709DDF7A}" = AMD USB Filter Driver

"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system

"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{91208A47-5D08-4C79-986F-1931940F51BB}" = QuickBooks Product Listing Service

"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)

"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader

"{97124B44-C17B-C352-44B1-403D0D706173}" = CCC Help Czech

"{9ACA8261-11D1-F8A1-C154-7F8B23515C79}" = CCC Help Swedish

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A7CA6CC5-465B-41F8-96B5-F66BDF4482C7}" = VZAccess Manager

"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}" = Apple Application Support

"{A9574A7E-C024-EED1-7A81-CC4786A1915A}" = CCC Help Portuguese

"{AA32D2A6-1299-0F05-BF8D-04075A9F69EB}" = CCC Help Turkish

"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.3.4 MUI

"{B53EA976-7D1C-48D7-9C6D-05DEEB0EA8FD}" = BlackBerry Device Software Updater

"{BCC05B1F-7397-799A-9EDB-AC10123BB17A}" = CCC Help Chinese Standard

"{BEF4FD8A-29FF-C250-468A-5FC55F0E3451}" = Catalyst Control Center Localization All

"{C2D129C0-7508-11DF-9F1B-005056806466}" = Google Earth

"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup

"{CE26F10F-C80F-4377-908B-1B7882AE2CE3}" = Crystal Reports Basic Runtime for Visual Studio 2008

"{CF7A62B6-F712-412E-9914-D80033A7F8B8}" = Catalyst Control Center - Branding

"{D25F26E6-7F37-4580-9E83-2BDD9BE9E0CE}" = BlackBerry Desktop Software 6.0

"{D41301F8-90FD-9CE8-CD2C-ED2B9D5F07E3}" = CCC Help Spanish

"{D43AD08C-BE76-8C5B-FD90-4B665EF60E2E}" = CCC Help Danish

"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery

"{DA4CA661-5ABF-9218-6E42-84BF89F43655}" = CCC Help French

"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware

"{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide

"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update

"{E37E645E-4A0C-4D9E-B30A-7B19E797E743}" = BlackBerry USB Drivers

"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant

"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime

"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)

"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01

"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"Acer Assist" = Acer Assist

"Acer Registration" = Acer Registration

"Acer Screensaver" = Acer ScreenSaver

"Acer Welcome Center" = Welcome Center

"Ad-Aware" = Ad-Aware

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"BlackBerry_Desktop" = BlackBerry Desktop Software 6.0

"FLV Player" = FLV Player 2.0 (build 25)

"GridVista" = Acer GridVista

"HOMESTUDENTR" = Microsoft Office Home and Student 2007

"Identity Card" = Identity Card

"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5

"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2

"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8

"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe

"Intuit SiteBuilder" = Intuit SiteBuilder

"LManager" = Launch Manager

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Microsoft SQL Server 2005" = Microsoft SQL Server 2005

"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package

"NeatWorks" = NeatWorks

"Pdf995" = Pdf995

"PunkBusterSvc" = PunkBuster Services

"WildTangent acer Master Uninstall" = Acer Games

"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner

"WinLiveSuite_Wave3" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-318679398-4083057737-1884335965-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Google Chrome" = Google Chrome

"Move Media Player" = Move Media Player

"UnityWebPlayer" = Unity Web Player

========== Last 10 Event Log Errors ==========

[ Application Events ]

Error - 8/13/2010 12:34:53 AM | Computer Name = Acer | Source = SideBySide | ID = 16842785

Description = Activation context generation failed for "c:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksWP.exe".

Dependent

Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"

could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 8/13/2010 3:33:06 AM | Computer Name = Acer | Source = Google Update | ID = 20

Description =

Error - 8/13/2010 3:39:06 AM | Computer Name = Acer | Source = Google Update | ID = 20

Description =

Error - 8/13/2010 4:33:07 AM | Computer Name = Acer | Source = Google Update | ID = 20

Description =

Error - 8/13/2010 4:39:06 AM | Computer Name = Acer | Source = Google Update | ID = 20

Description =

Error - 8/13/2010 5:33:06 AM | Computer Name = Acer | Source = Google Update | ID = 20

Description =

Error - 8/13/2010 5:39:06 AM | Computer Name = Acer | Source = Google Update | ID = 20

Description =

Error - 8/13/2010 11:33:06 AM | Computer Name = Acer | Source = Google Update | ID = 20

Description =

Error - 8/13/2010 11:39:06 AM | Computer Name = Acer | Source = Google Update | ID = 20

Description =

Error - 8/16/2010 10:06:05 AM | Computer Name = Acer | Source = Application Hang | ID = 1002

Description = The program Explorer.EXE version 6.1.7600.16450 stopped interacting

with Windows and was closed. To see if more information about the problem is available,

check the problem history in the Action Center control panel. Process ID: ab8 Start

Time: 01cb3a8c990a389b Termination Time: 78 Application Path: C:\Windows\Explorer.EXE

Report

Id: 6479de33-a93f-11df-89ad-705ab6137eff

[ OSession Events ]

Error - 7/16/2010 7:10:19 AM | Computer Name = Acer | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:

12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 738

seconds with 0 seconds of active time. This session ended with a crash.

Error - 7/21/2010 2:07:00 PM | Computer Name = Acer | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:

12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 2561

seconds with 1500 seconds of active time. This session ended with a crash.

Error - 7/22/2010 12:25:19 PM | Computer Name = Acer | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:

12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 5090

seconds with 2160 seconds of active time. This session ended with a crash.

Error - 7/23/2010 1:45:34 PM | Computer Name = Acer | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:

12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 131

seconds with 0 seconds of active time. This session ended with a crash.

Error - 8/2/2010 12:51:58 PM | Computer Name = Acer | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:

12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 7215

seconds with 4260 seconds of active time. This session ended with a crash.

Error - 8/2/2010 12:54:03 PM | Computer Name = Acer | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:

12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 37

seconds with 0 seconds of active time. This session ended with a crash.

Error - 8/19/2010 12:32:19 PM | Computer Name = Acer | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:

12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 267630

seconds with 7080 seconds of active time. This session ended with a crash.

Error - 8/23/2010 1:08:25 PM | Computer Name = Acer | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:

12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 10864

seconds with 3900 seconds of active time. This session ended with a crash.

Error - 8/24/2010 12:36:38 PM | Computer Name = Acer | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:

12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 76192

seconds with 12780 seconds of active time. This session ended with a crash.

Error - 9/15/2010 8:03:09 PM | Computer Name = Acer | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:

12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 35261

seconds with 1680 seconds of active time. This session ended with a crash.

[ System Events ]

Error - 9/17/2010 5:43:11 PM | Computer Name = Acer | Source = atikmdag | ID = 43029

Description = Display is not active

Error - 9/17/2010 5:44:59 PM | Computer Name = Acer | Source = Microsoft Antimalware | ID = 2001

Description = %%861 has encountered an error trying to update signatures. New Signature

Version: Previous Signature Version: 1.89.1786.0 Update Source: %%859 Update Stage:

%%853 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803

User:

NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6103.0 Error

code: 0x80240022 Error description: The program can't check for definition updates.

Error - 9/17/2010 5:44:59 PM | Computer Name = Acer | Source = Microsoft Antimalware | ID = 2001

Description = %%861 has encountered an error trying to update signatures. New Signature

Version: Previous Signature Version: 1.89.1786.0 Update Source: %%859 Update Stage:

%%853 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803

User:

NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6103.0 Error

code: 0x80240022 Error description: The program can't check for definition updates.

Error - 9/17/2010 8:10:52 PM | Computer Name = Acer | Source = Service Control Manager | ID = 7011

Description = A timeout (300000 milliseconds) was reached while waiting for a transaction

response from the Wlansvc service.

Error - 9/17/2010 8:10:55 PM | Computer Name = Acer | Source = atikmdag | ID = 43029

Description = Display is not active

Error - 9/18/2010 8:15:10 PM | Computer Name = Acer | Source = Service Control Manager | ID = 7011

Description = A timeout (300000 milliseconds) was reached while waiting for a transaction

response from the ShellHWDetection service.

Error - 9/18/2010 8:15:12 PM | Computer Name = Acer | Source = atikmdag | ID = 43029

Description = Display is not active

Error - 9/18/2010 10:24:44 PM | Computer Name = Acer | Source = atikmdag | ID = 43029

Description = Display is not active

Error - 9/19/2010 11:17:18 AM | Computer Name = Acer | Source = Service Control Manager | ID = 7011

Description = A timeout (300000 milliseconds) was reached while waiting for a transaction

response from the Wlansvc service.

Error - 9/19/2010 11:17:21 AM | Computer Name = Acer | Source = atikmdag | ID = 43029

Description = Display is not active

< End of report >

< End of report >

Link to post
Share on other sites

OTL logfile created on: 9/19/2010 11:36:06 AM - Run 1

OTL by OldTimer - Version 3.2.14.0 Folder = C:\Users\Jay Richards\Desktop

64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 62.00% Memory free

5.00 Gb Paging File | 4.00 Gb Available in Paging File | 68.00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 136.95 Gb Total Space | 93.18 Gb Free Space | 68.04% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: ACER

Current User Name: Jay Richards

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: All users

Include 64bit Scans

Company Name Whitelist: On

Skip Microsoft Files: On

File Age = 90 Days

Output = Standard

Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/09/19 11:30:17 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Users\Jay Richards\Desktop\OTL.exe

PRC - [2010/09/12 18:18:13 | 000,975,928 | ---- | M] (Google Inc.) -- C:\Users\Jay Richards\AppData\Local\Google\Chrome\Application\chrome.exe

PRC - [2010/09/05 08:49:42 | 000,864,624 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe

PRC - [2010/09/05 08:49:41 | 001,355,928 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe

PRC - [2010/08/03 21:20:30 | 003,322,200 | ---- | M] (Research In Motion) -- C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe

PRC - [2010/08/03 21:20:28 | 001,167,192 | ---- | M] (Research In Motion) -- C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.AutoUpdate.exe

PRC - [2010/07/20 19:12:42 | 001,686,360 | ---- | M] (Research In Motion Limited) -- C:\Program Files (x86)\Common Files\Research in Motion\RIMDeviceManager\RIMDeviceManager.exe

PRC - [2010/06/21 11:35:05 | 000,214,816 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe

PRC - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2010/04/29 15:39:32 | 000,437,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

PRC - [2010/03/14 00:46:40 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe

PRC - [2010/03/01 15:50:24 | 000,351,384 | ---- | M] (The Neat Company) -- C:\Program Files (x86)\NeatWorks\exec\NeatWorksDatabaseController.exe

PRC - [2010/01/27 11:34:24 | 000,376,832 | ---- | M] (Research In Motion Limited) -- C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\BbDevMgr.exe

PRC - [2009/11/05 16:19:56 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

PRC - [2009/10/29 07:47:34 | 000,419,112 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe

PRC - [2009/10/21 22:53:42 | 000,181,480 | ---- | M] (Acer Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe

PRC - [2009/09/10 09:42:46 | 000,305,448 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe

PRC - [2009/09/10 09:42:30 | 000,349,480 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe

PRC - [2009/08/28 05:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe

PRC - [2009/08/18 05:42:08 | 001,157,128 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe

PRC - [2009/08/04 01:09:34 | 000,199,464 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe

PRC - [2009/07/03 22:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe

PRC - [2009/06/17 21:31:58 | 000,144,640 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

PRC - [2009/02/26 15:24:50 | 000,097,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

========== Modules (SafeList) ==========

MOD - [2010/09/19 11:30:17 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Users\Jay Richards\Desktop\OTL.exe

MOD - [2010/06/30 02:21:47 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ieproxy.dll

MOD - [2009/09/10 09:42:00 | 000,268,584 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\sysenv.dll

MOD - [2009/09/10 09:41:42 | 000,120,104 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll

MOD - [2009/07/13 21:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll

MOD - [2009/07/13 21:16:19 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll

MOD - [2009/07/13 21:16:18 | 001,011,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll

MOD - [2009/07/13 21:16:16 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll

MOD - [2009/07/13 21:16:16 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\thumbcache.dll

MOD - [2009/07/13 21:16:15 | 000,363,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\StructuredQuery.dll

MOD - [2009/07/13 21:16:15 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll

MOD - [2009/07/13 21:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll

MOD - [2009/07/13 21:16:13 | 000,643,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SearchFolder.dll

MOD - [2009/07/13 21:16:13 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll

MOD - [2009/07/13 21:16:11 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll

MOD - [2009/07/13 21:16:03 | 001,661,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\networkexplorer.dll

MOD - [2009/07/13 21:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll

MOD - [2009/07/13 21:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll

MOD - [2009/07/13 21:15:09 | 000,854,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll

MOD - [2009/07/13 21:15:07 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll

MOD - [2009/07/13 21:14:52 | 000,309,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\actxprxy.dll

MOD - [2009/07/13 21:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx

MOD - [2009/07/13 21:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll

MOD - [2008/11/11 06:16:38 | 000,133,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\xmllite.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrB.exe -- (PnkBstrB)

SRV:64bit: - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA)

SRV:64bit: - [2010/03/25 23:48:42 | 000,017,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)

SRV:64bit: - [2009/10/29 15:10:02 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)

SRV:64bit: - [2009/07/29 08:03:42 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV:64bit: - [2009/07/03 22:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)

SRV - [2010/09/05 08:49:41 | 001,355,928 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)

SRV - [2010/06/21 11:35:05 | 000,214,816 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)

SRV - [2010/06/18 21:59:12 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Acer Games\Acer Game Console\GameConsoleService.exe -- (GameConsoleService)

SRV - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2010/03/14 00:46:40 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)

SRV - [2010/03/01 15:50:24 | 000,351,384 | ---- | M] (The Neat Company) [Auto | Running] -- C:\Program Files (x86)\NeatWorks\exec\NeatWorksDatabaseController.exe -- (NeatWorksDatabaseController)

SRV - [2009/09/10 09:42:46 | 000,305,448 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)

SRV - [2009/08/28 05:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service)

SRV - [2009/06/17 21:31:58 | 000,144,640 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe -- (NTISchedulerSvc)

SRV - [2009/06/17 21:31:46 | 000,050,432 | ---- | M] (NewTech InfoSystems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe -- (NTIBackupSvc)

SRV - [2008/11/20 22:07:42 | 000,113,152 | ---- | M] (SmithMicro Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\AT&T\Communication Manager\RcAppSvc.exe -- (ATTRcAppSvc)

SRV - [2008/11/20 22:07:08 | 000,125,440 | ---- | M] (SmithMicro Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\AT&T\Communication Manager\ConAppsSvc.exe -- (CAATT)

SRV - [2007/11/08 00:48:20 | 000,020,480 | ---- | M] (Intuit) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)

SRV - [2006/11/09 16:30:14 | 000,065,536 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)

========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usbccid.sys -- (USBCCID)

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\Rts516xIR.sys -- (RtsUIR)

DRV:64bit: - [2010/08/12 08:15:20 | 000,069,152 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd)

DRV:64bit: - [2010/04/29 15:39:28 | 000,024,664 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)

DRV:64bit: - [2009/11/11 21:35:24 | 000,225,824 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)

DRV:64bit: - [2009/11/06 00:56:06 | 001,550,848 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)

DRV:64bit: - [2009/07/29 18:11:24 | 006,038,016 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)

DRV:64bit: - [2009/07/27 03:04:36 | 000,058,880 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20)

DRV:64bit: - [2009/07/13 21:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2009/07/13 21:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/07/13 20:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)

DRV:64bit: - [2009/07/13 20:00:13 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Dot4Scan.sys -- (Dot4Scan)

DRV:64bit: - [2009/06/18 08:12:32 | 000,272,432 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)

DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)

DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009/06/02 07:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)

DRV:64bit: - [2009/06/02 07:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)

DRV:64bit: - [2009/06/02 07:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)

DRV:64bit: - [2009/05/09 02:14:20 | 000,015,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)

DRV:64bit: - [2009/05/05 04:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)

DRV:64bit: - [2009/05/05 04:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)

DRV:64bit: - [2009/05/04 09:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)

DRV:64bit: - [2009/04/03 10:39:58 | 000,034,872 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)

DRV:64bit: - [2009/01/09 17:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)

DRV:64bit: - [2008/11/20 21:59:02 | 000,043,032 | ---- | M] (Smith Micro Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\PCTINDIS5X64.sys -- (PCTINDIS5X64)

DRV:64bit: - [2008/08/22 13:05:40 | 000,030,088 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\swmsflt.sys -- (swmsflt)

DRV:64bit: - [2008/05/20 19:33:36 | 000,028,416 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)

DRV - [2010/08/12 08:15:22 | 000,016,928 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys -- (Lavasoft Kernexplorer)

DRV - [2009/05/25 16:43:58 | 000,043,032 | ---- | M] (Smith Micro Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Verizon Wireless\VZAccess Manager\SMSIVZAM5X64.sys -- (SMSIVZAM5X64)

DRV - [2008/11/20 22:02:48 | 000,018,816 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Stopped] -- C:\Windows\SysWow64\drivers\tcpipBM.sys -- (tcpipBM)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&a...g4z1l5t4402x266

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&a...g4z1l5t4402x266

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&a...g4z1l5t4402x266

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&a...g4z1l5t4402x266

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-318679398-4083057737-1884335965-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&a...g4z1l5t4402x266

IE - HKU\S-1-5-21-318679398-4083057737-1884335965-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig

IE - HKU\S-1-5-21-318679398-4083057737-1884335965-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-318679398-4083057737-1884335965-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll (Google Inc.)

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)

O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3:64bit: - HKU\S-1-5-21-318679398-4083057737-1884335965-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3 - HKU\S-1-5-21-318679398-4083057737-1884335965-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)

O4:64bit: - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)

O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [Acer Assist Launcher] C:\Program Files (x86)\Acer\Acer Assist\launcher.exe ()

O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)

O4 - HKLM..\Run: [AT&T Communication Manager] C:\Program Files (x86)\AT&T\Communication Manager\ATTCM.exe (ATT)

O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)

O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)

O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)

O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-318679398-4083057737-1884335965-1000..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found

O4 - Startup: C:\Users\Jay Richards\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKU\S-1-5-21-318679398-4083057737-1884335965-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)

O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)

O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found

O13 - gopher Prefix: missing

O13 - gopher Prefix: missing

O15 - HKU\S-1-5-21-318679398-4083057737-1884335965-1000\..Trusted Ranges: Range1 ([http] in Computer)

O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onecare.live.com/resource/...s/wlscctrl2.cab (Windows Live OneCare safety scanner control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_21)

O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_21)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_21)

O16 - DPF: Web-Based Email Tools http://email04.secureserver.net/Download.CAB (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 65.32.5.111 65.32.5.112

O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{be9cfc5d-3a03-11df-a954-92c938d93052}\Shell - "" = AutoRun

O33 - MountPoints2\{be9cfc5d-3a03-11df-a954-92c938d93052}\Shell\AutoRun\command - "" = E:\WIN\setup.exe -- File not found

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O34 - HKLM BootExecute: (lsdelete) - File not found

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 90 Days ==========

[2010/09/19 11:30:09 | 000,576,000 | ---- | C] (OldTimer Tools) -- C:\Users\Jay Richards\Desktop\OTL.exe

[2010/09/13 22:57:39 | 000,000,000 | ---D | C] -- C:\Users\Jay Richards\AppData\Roaming\Mozilla

[2010/09/13 18:08:21 | 000,000,000 | ---D | C] -- C:\Users\Jay Richards\Documents\BlackBerry

[2010/09/11 07:02:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro

[2010/09/10 03:43:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Antimalware

[2010/09/10 03:42:54 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials

[2010/08/29 09:14:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple

[2010/08/29 09:14:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime

[2010/08/29 09:14:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer

[2010/08/26 08:48:51 | 000,069,152 | ---- | C] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys

[2010/08/26 08:34:30 | 000,000,000 | ---D | C] -- C:\Users\Jay Richards\AppData\Local\Sunbelt Software

[2010/08/26 08:33:14 | 000,000,000 | -H-D | C] -- C:\ProgramData\{ECC164E0-3133-4C70-A831-F08DB2940F70}

[2010/08/26 08:32:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft

[2010/08/26 08:32:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft

[2010/08/23 11:39:38 | 000,000,000 | ---D | C] -- C:\Users\Jay Richards\AppData\Local\Apple Computer

[2010/08/22 18:17:34 | 000,000,000 | ---D | C] -- C:\Users\Jay Richards\AppData\Local\Apple

[2010/08/22 18:17:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update

[2010/08/22 18:17:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple

[2010/08/17 19:16:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Business Objects

[2010/08/17 18:48:01 | 000,000,000 | ---D | C] -- C:\Users\Jay Richards\AppData\Local\Deployment

[2010/08/07 05:45:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java

[2010/07/28 11:36:41 | 000,157,712 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysWow64\drivers\tmcomm.sys

[2010/07/27 15:09:18 | 000,000,000 | ---D | C] -- C:\Users\Jay Richards\AppData\Local\Adobe

[2010/07/22 20:11:43 | 000,000,000 | -H-D | C] -- C:\MyWinLockerData

[2010/07/08 06:30:11 | 000,000,000 | ---D | C] -- C:\Users\Jay Richards\AppData\Local\Apps

[2010/06/24 12:30:35 | 000,000,000 | ---D | C] -- C:\Users\Jay Richards\Documents\OneNote Notebooks

[2010/06/21 12:58:16 | 000,000,000 | ---D | C] -- C:\Windows\twain_64

[2010/06/21 12:57:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\The Neat Company

[2010/06/21 12:57:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Comscan

========== Files - Modified Within 90 Days ==========

[2010/09/19 11:39:45 | 004,718,592 | -HS- | M] () -- C:\Users\Jay Richards\ntuser.dat

[2010/09/19 11:39:15 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2010/09/19 11:33:01 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-318679398-4083057737-1884335965-1000UA.job

[2010/09/19 11:30:17 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Users\Jay Richards\Desktop\OTL.exe

[2010/09/19 11:18:24 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2010/09/19 11:17:32 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-318679398-4083057737-1884335965-1000Core.job

[2010/09/19 11:17:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010/09/18 20:21:16 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2010/09/18 20:21:16 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2010/09/17 18:09:44 | 000,046,466 | ---- | M] () -- C:\Users\Jay Richards\Desktop\Airgas South Lonie Expenses 9-13-2010.xlsx

[2010/09/17 13:07:05 | 000,056,708 | ---- | M] () -- C:\Users\Jay Richards\Desktop\On the go sandwich box.pdf

[2010/09/17 13:07:02 | 000,000,060 | ---- | M] () -- C:\Windows\wpd99.drv

[2010/09/17 13:06:28 | 000,054,272 | ---- | M] () -- C:\Users\Jay Richards\Desktop\On the go sandwich box.doc

[2010/09/17 11:35:45 | 000,053,801 | ---- | M] () -- C:\Users\Jay Richards\Desktop\Lake Nona Market Menu.pdf

[2010/09/17 11:17:14 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2010/09/17 11:17:01 | 2211,483,648 | -HS- | M] () -- C:\hiberfil.sys

[2010/09/17 08:05:28 | 001,294,974 | -H-- | M] () -- C:\Users\Jay Richards\AppData\Local\IconCache.db

[2010/09/17 06:18:48 | 000,042,589 | ---- | M] () -- C:\Users\Jay Richards\Desktop\Breakfast Sandwich to Go.pdf

[2010/09/16 21:19:34 | 000,048,128 | ---- | M] () -- C:\Users\Jay Richards\Desktop\Breakfast Sandwich to Go.doc

[2010/09/16 19:34:15 | 000,002,432 | ---- | M] () -- C:\Users\Jay Richards\Desktop\Google Chrome.lnk

[2010/09/16 14:15:03 | 000,023,222 | ---- | M] () -- C:\Users\Jay Richards\Desktop\W6J.jpg

[2010/09/15 11:14:26 | 000,144,700 | ---- | M] () -- C:\Users\Jay Richards\Desktop\AIRGASMIDAMERICASALESAUDITSept_15_2010Rev(13).xlsx

[2010/09/15 09:25:33 | 000,031,535 | ---- | M] () -- C:\Users\Jay Richards\Desktop\DUKES Original version SALES AUDIT - AIRGAS SOUTH Sept 15th 2010 REV (2).xlsx

[2010/09/15 08:11:07 | 000,263,446 | ---- | M] () -- C:\Users\Jay Richards\Desktop\DUKES -Airgas South Sales Audit Tracker - Aug 2010 .xlsx

[2010/09/14 21:41:14 | 000,793,570 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2010/09/14 21:41:14 | 000,671,336 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2010/09/14 21:41:14 | 000,125,630 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2010/09/13 21:26:13 | 000,031,360 | ---- | M] () -- C:\Users\Jay Richards\Documents\Airgas South Lonie Expenses 9-13-2010.xlsx

[2010/09/13 21:12:19 | 000,031,423 | ---- | M] () -- C:\Users\Jay Richards\Documents\Airgas South Expenses 9-13-2010.xlsx

[2010/09/13 18:09:00 | 000,003,584 | ---- | M] () -- C:\Users\Jay Richards\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/09/12 22:03:29 | 000,013,001 | ---- | M] () -- C:\Users\Jay Richards\Documents\daily sales calc.xlsx

[2010/09/12 18:27:38 | 000,698,413 | ---- | M] () -- C:\Users\Jay Richards\Documents\jello.jpg

[2010/09/11 07:02:29 | 000,003,007 | ---- | M] () -- C:\Users\Jay Richards\Desktop\HiJackThis.lnk

[2010/09/10 03:42:54 | 000,001,035 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk

[2010/09/06 15:00:42 | 000,031,405 | ---- | M] () -- C:\Users\Jay Richards\Documents\Expenses 8-13-2010.xlsx

[2010/09/06 14:51:37 | 000,031,235 | ---- | M] () -- C:\Users\Jay Richards\Documents\Expenses 8-12-2010.xlsx

[2010/09/06 14:51:05 | 000,031,441 | ---- | M] () -- C:\Users\Jay Richards\Documents\Expenses 8-11-2010.xlsx

[2010/09/06 14:46:57 | 000,031,482 | ---- | M] () -- C:\Users\Jay Richards\Documents\Expenses 8-10-2010.xlsx

[2010/09/06 14:34:25 | 000,031,286 | ---- | M] () -- C:\Users\Jay Richards\Documents\Expenses 8-9-2010.xlsx

[2010/09/06 14:33:45 | 000,031,397 | ---- | M] () -- C:\Users\Jay Richards\Documents\Expenses 8-6-2010.xlsx

[2010/09/06 14:23:43 | 000,031,375 | ---- | M] () -- C:\Users\Jay Richards\Documents\Expenses 7-23-2010.xlsx

[2010/09/06 14:16:00 | 000,031,456 | ---- | M] () -- C:\Users\Jay Richards\Documents\Expenses 6-28-2010.xlsx

[2010/09/06 14:10:47 | 000,031,314 | ---- | M] () -- C:\Users\Jay Richards\Documents\Expenses 6-18-2010.xlsx

[2010/09/06 14:09:33 | 000,031,587 | ---- | M] () -- C:\Users\Jay Richards\Documents\Expenses 6-17-2010.xlsx

[2010/09/06 13:57:48 | 000,031,400 | ---- | M] () -- C:\Users\Jay Richards\Documents\Expenses 6-9-2010.xlsx

[2010/09/06 13:51:10 | 000,031,409 | ---- | M] () -- C:\Users\Jay Richards\Documents\Expenses 6-7-2010.xlsx

[2010/09/06 13:41:17 | 000,031,337 | ---- | M] () -- C:\Users\Jay Richards\Documents\Expenses 6-4-2010.xlsx

[2010/09/06 13:35:48 | 000,031,463 | ---- | M] () -- C:\Users\Jay Richards\Documents\Expenses 6-3-2010.xlsx

[2010/09/06 13:26:24 | 000,031,416 | ---- | M] () -- C:\Users\Jay Richards\Documents\Expenses 5-18-2010.xlsx

[2010/09/06 12:47:49 | 000,031,539 | ---- | M] () -- C:\Users\Jay Richards\Documents\Expenses 5-13-2010.xlsx

[2010/09/06 12:39:50 | 000,031,495 | ---- | M] () -- C:\Users\Jay Richards\Documents\Expenses 5-12-2010.xlsx

[2010/09/06 12:26:53 | 000,031,575 | ---- | M] () -- C:\Users\Jay Richards\Documents\Expenses 5-10-2010.xlsx

[2010/09/06 12:17:28 | 000,031,485 | ---- | M] () -- C:\Users\Jay Richards\Documents\Expenses 3-30-2010.xlsx

[2010/09/06 11:27:39 | 000,031,373 | ---- | M] () -- C:\Users\Jay Richards\Documents\Expenses 3-18-2010.xlsx

[2010/09/06 11:21:33 | 000,031,550 | ---- | M] () -- C:\Users\Jay Richards\Documents\Expenses 3-17-2010.xlsx

[2010/09/06 11:13:45 | 000,031,336 | ---- | M] () -- C:\Users\Jay Richards\Documents\Expenses 3-16-2010.xlsx

[2010/09/06 11:07:22 | 000,031,437 | ---- | M] () -- C:\Users\Jay Richards\Documents\Expenses 3-15-2010.xlsx

[2010/09/06 10:59:19 | 000,031,473 | ---- | M] () -- C:\Users\Jay Richards\Documents\Expenses 3-12-2010.xlsx

[2010/09/06 10:55:23 | 000,031,525 | ---- | M] () -- C:\Users\Jay Richards\Documents\Expenses 3-11-2010.xlsx

[2010/09/06 10:37:36 | 000,031,440 | ---- | M] () -- C:\Users\Jay Richards\Documents\Expenses 3-10-2010.xlsx

[2010/09/06 10:32:27 | 000,031,526 | ---- | M] () -- C:\Users\Jay Richards\Documents\Expenses 3-9-2010.xlsx

[2010/09/06 09:17:38 | 000,031,315 | ---- | M] () -- C:\Users\Jay Richards\Documents\Expenses 3-5-2010.xlsx

[2010/09/06 09:11:51 | 000,031,190 | ---- | M] () -- C:\Users\Jay Richards\Documents\Expenses 3-8-2010.xlsx

[2010/09/05 17:54:49 | 000,031,450 | ---- | M] () -- C:\Users\Jay Richards\Documents\Expenses 2-17-2010.xlsx

[2010/09/05 17:49:40 | 000,031,297 | ---- | M] () -- C:\Users\Jay Richards\Documents\Expenses 2-16-2010.xlsx

[2010/09/05 17:41:45 | 000,031,237 | ---- | M] () -- C:\Users\Jay Richards\Documents\Expenses 2-15-2010.xlsx

[2010/09/05 17:26:14 | 000,031,330 | ---- | M] () -- C:\Users\Jay Richards\Documents\Expenses 2-12-2010.xlsx

[2010/09/05 17:20:21 | 000,031,235 | ---- | M] () -- C:\Users\Jay Richards\Documents\Expenses 2-11-2010.xlsx

[2010/09/05 17:16:10 | 000,031,264 | ---- | M] () -- C:\Users\Jay Richards\Documents\Expenses 2-10-2010.xlsx

[2010/09/05 17:12:32 | 000,031,360 | ---- | M] () -- C:\Users\Jay Richards\Documents\Expenses 2-9-2010.xlsx

[2010/09/05 16:32:59 | 000,031,262 | ---- | M] () -- C:\Users\Jay Richards\Documents\Expenses 2-5-2010.xlsx

[2010/09/05 16:32:30 | 000,031,247 | ---- | M] () -- C:\Users\Jay Richards\Documents\Expenses 2-4-2010.xlsx

[2010/09/05 16:32:09 | 000,031,162 | ---- | M] () -- C:\Users\Jay Richards\Documents\Expenses 2-3-2010.xlsx

[2010/09/05 16:31:36 | 000,031,217 | ---- | M] () -- C:\Users\Jay Richards\Documents\Expenses 2-2-2010.xlsx

[2010/09/05 16:30:55 | 000,031,245 | ---- | M] () -- C:\Users\Jay Richards\Documents\Expenses 2-1-2010.xlsx

[2010/09/05 16:24:30 | 000,031,305 | ---- | M] () -- C:\Users\Jay Richards\Documents\expenses 1-29-2010.xlsx

[2010/09/05 15:50:33 | 000,031,301 | ---- | M] () -- C:\Users\Jay Richards\Documents\expenses 1-28-2010.xlsx

[2010/09/05 15:50:25 | 000,031,299 | ---- | M] () -- C:\Users\Jay Richards\Documents\expenses 1-26-2010.xlsx

[2010/09/05 15:35:39 | 000,031,304 | ---- | M] () -- C:\Users\Jay Richards\Documents\expenses 1-27-2010.xlsx

[2010/09/05 15:24:04 | 000,029,762 | ---- | M] () -- C:\Users\Jay Richards\Documents\Expenses 1-25-2010.xlsx

[2010/09/01 17:48:15 | 000,026,112 | ---- | M] () -- C:\Users\Jay Richards\Desktop\Pantry.doc

[2010/08/31 15:41:37 | 000,575,477 | ---- | M] () -- C:\Users\Jay Richards\Desktop\New York NJ NE.pdf

[2010/08/31 15:27:59 | 000,022,992 | ---- | M] () -- C:\Users\Jay Richards\Desktop\New England NY and Nj.kml

[2010/08/31 15:24:35 | 000,521,147 | ---- | M] () -- C:\Users\Jay Richards\Desktop\Airgas East All locations except plants.pdf

[2010/08/31 15:19:01 | 000,033,647 | ---- | M] () -- C:\Users\Jay Richards\Desktop\All AG East.kml

[2010/08/30 09:57:46 | 000,190,424 | ---- | M] () -- C:\Users\Jay Richards\Desktop\Dukes Airgas SW Location Report 8-4-2010.xlsx

[2010/08/29 09:14:20 | 000,001,849 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk

[2010/08/28 11:21:09 | 000,662,378 | ---- | M] () -- C:\Users\Jay Richards\Desktop\document1.pdf

[2010/08/28 10:34:24 | 000,004,453 | ---- | M] () -- C:\Users\Jay Richards\Desktop\Branches id a problems.kml

[2010/08/28 10:30:42 | 000,014,374 | ---- | M] () -- C:\Users\Jay Richards\Desktop\BatchGeo.kml

[2010/08/28 00:47:01 | 000,002,235 | ---- | M] () -- C:\Users\Public\Desktop\BlackBerry Desktop Software.lnk

[2010/08/27 14:41:35 | 000,053,248 | ---- | M] () -- C:\Users\Jay Richards\Desktop\Report.xls

[2010/08/27 14:40:04 | 005,098,496 | ---- | M] () -- C:\Users\Jay Richards\Desktop\Return Reviews (3).doc

[2010/08/26 08:54:13 | 000,000,256 | ---- | M] () -- C:\Windows\SysWow64\pool.bin

[2010/08/26 08:33:12 | 000,001,170 | ---- | M] () -- C:\Users\Jay Richards\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk

[2010/08/26 08:33:12 | 000,001,146 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk

[2010/08/24 14:05:11 | 000,019,751 | ---- | M] () -- C:\Users\Jay Richards\Desktop\UniSelect Letter Head.docx

[2010/08/24 12:30:43 | 000,027,967 | ---- | M] () -- C:\Users\Jay Richards\Documents\DUKES SALES AUDIT - AIRGAS SOUTHAugust 6 - 13th, 2010 REV (1).xlsx

[2010/08/24 08:00:11 | 000,019,746 | ---- | M] () -- C:\Users\Jay Richards\Desktop\questionable transactions.xlsx

[2010/08/23 09:59:45 | 000,020,104 | ---- | M] () -- C:\Users\Jay Richards\Desktop\Saturday returns.xlsx

[2010/08/22 21:22:23 | 000,002,018 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk

[2010/08/20 09:47:10 | 000,025,971 | ---- | M] () -- C:\Users\Jay Richards\Desktop\Report.xlsx

[2010/08/19 18:43:31 | 000,158,937 | ---- | M] () -- C:\Users\Jay Richards\Desktop\Acct return ratios.xlsx

[2010/08/19 13:05:04 | 000,253,026 | ---- | M] () -- C:\Users\Jay Richards\Desktop\Returns from Jan 2010 (1).xlsx

[2010/08/16 14:50:24 | 009,076,736 | R--- | M] () -- C:\Users\Jay Richards\PJRNML LLC.QBW

[2010/08/16 14:50:24 | 000,458,752 | R--- | M] () -- C:\Users\Jay Richards\PJRNML LLC.QBW.TLG

[2010/08/16 14:50:24 | 000,000,339 | ---- | M] () -- C:\Users\Jay Richards\pjrnml llc.qbw.nd

[2010/08/13 07:34:37 | 000,010,719 | ---- | M] () -- C:\Users\Jay Richards\Documents\Book1.xlsx

[2010/08/12 22:09:08 | 000,361,376 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2010/08/12 08:15:20 | 000,069,152 | ---- | M] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys

[2010/08/12 08:15:20 | 000,015,880 | ---- | M] () -- C:\Windows\SysNative\lsdelete.exe

[2010/08/08 22:34:13 | 000,054,096 | ---- | M] () -- C:\Users\Jay Richards\Desktop\Presentation2.pdf

[2010/08/08 22:32:54 | 000,055,386 | ---- | M] () -- C:\Users\Jay Richards\Desktop\Presentation1.pdf

[2010/08/08 21:58:50 | 000,042,747 | ---- | M] () -- C:\Users\Jay Richards\Desktop\Bodegas Tapas Bar.pdf

[2010/08/05 16:13:51 | 000,011,662 | ---- | M] () -- C:\Users\Jay Richards\Desktop\AG SW FL GA ROUND @.xlsx

[2010/08/05 11:05:09 | 000,002,288 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk

[2010/08/02 13:11:31 | 000,301,188 | ---- | M] () -- C:\Users\Jay Richards\Desktop\DUKES - AIRGAS SOUTHWEST OCT 2009 - 2010 - Secret Shopper Master Tracker 7-27-2010.xlsx

[2010/07/30 14:36:32 | 000,012,658 | ---- | M] () -- C:\Users\Jay Richards\Desktop\j.xlsx

[2010/07/23 11:40:42 | 000,013,846 | ---- | M] () -- C:\Users\Jay Richards\Documents\Dukes - Airgas Mid America Interviews July 21 - 22.docx

[2010/07/23 10:33:50 | 000,000,000 | ---- | M] () -- C:\Users\Jay Richards\defogger_reenable

[2010/07/22 18:22:06 | 000,025,256 | ---- | M] () -- C:\Confession Template on Letter Head.docx

[2010/07/22 09:35:03 | 000,011,516 | ---- | M] () -- C:\Users\Jay Richards\Documents\Evansville St. Joe Questions for Bob and Tommy.xlsx

[2010/07/14 20:01:26 | 000,001,114 | ---- | M] () -- C:\Users\Jay Richards\Documents\Documents - Shortcut.lnk

[2010/07/14 19:56:00 | 000,015,076 | ---- | M] () -- C:\Users\Jay Richards\Documents\Steven_Cahill_Resume_2010 (1).docx

[2010/07/13 07:52:45 | 021,864,894 | ---- | M] () -- C:\Users\Jay Richards\Documents\LoaderBackup-(2010-07-13).ipd

[2010/07/12 15:43:49 | 032,824,694 | ---- | M] () -- C:\Users\Jay Richards\Documents\LoaderBackup-(2010-07-12).ipd

[2010/07/08 13:22:05 | 000,000,256 | ---- | M] () -- C:\Users\Jay Richards\Documents\pool.bin

[2010/07/08 12:45:54 | 034,012,344 | ---- | M] () -- C:\Users\Jay Richards\Documents\Backup-(2010-07-08).ipd

[2010/07/08 11:44:12 | 000,123,508 | ---- | M] () -- C:\Users\Jay Richards\Documents\DUKES - AIRGAS MASTER TRACKER TEMPLATE WITH COMMENTS FOR REVISION.xlsx

[2010/07/08 10:24:37 | 000,122,684 | ---- | M] () -- C:\Users\Jay Richards\Documents\DUKES - AIRGAS MASTER TRACKER TEMPLATE11.xlsx

[2010/07/08 06:35:59 | 000,000,017 | ---- | M] () -- C:\Users\Jay Richards\AppData\Local\resmon.resmoncfg

[2010/06/24 12:30:35 | 000,001,310 | ---- | M] () -- C:\Users\Jay Richards\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk

========== Files Created - No Company Name ==========

[2010/09/17 13:06:58 | 000,056,708 | ---- | C] () -- C:\Users\Jay Richards\Desktop\On the go sandwich box.pdf

[2010/09/17 06:30:00 | 000,053,801 | ---- | C] () -- C:\Users\Jay Richards\Desktop\Lake Nona Market Menu.pdf

[2010/09/17 06:26:26 | 000,054,272 | ---- | C] () -- C:\Users\Jay Richards\Desktop\On the go sandwich box.doc

[2010/09/17 06:18:45 | 000,042,589 | ---- | C] () -- C:\Users\Jay Richards\Desktop\Breakfast Sandwich to Go.pdf

[2010/09/16 21:07:50 | 000,048,128 | ---- | C] () -- C:\Users\Jay Richards\Desktop\Breakfast Sandwich to Go.doc

[2010/09/16 14:15:03 | 000,023,222 | ---- | C] () -- C:\Users\Jay Richards\Desktop\W6J.jpg

[2010/09/15 10:58:09 | 000,144,700 | ---- | C] () -- C:\Users\Jay Richards\Desktop\AIRGASMIDAMERICASALESAUDITSept_15_2010Rev(13).xlsx

[2010/09/15 09:23:59 | 000,031,535 | ---- | C] () -- C:\Users\Jay Richards\Desktop\DUKES Original version SALES AUDIT - AIRGAS SOUTH Sept 15th 2010 REV (2).xlsx

[2010/09/13 21:26:27 | 000,046,466 | ---- | C] () -- C:\Users\Jay Richards\Desktop\Airgas South Lonie Expenses 9-13-2010.xlsx

[2010/09/13 21:24:35 | 000,031,360 | ---- | C] () -- C:\Users\Jay Richards\Documents\Airgas South Lonie Expenses 9-13-2010.xlsx

[2010/09/13 21:12:18 | 000,031,423 | ---- | C] () -- C:\Users\Jay Richards\Documents\Airgas South Expenses 9-13-2010.xlsx

[2010/09/13 18:09:00 | 000,003,584 | ---- | C] () -- C:\Users\Jay Richards\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/09/12 19:46:27 | 000,013,001 | ---- | C] () -- C:\Users\Jay Richards\Documents\daily sales calc.xlsx

[2010/09/12 18:27:37 | 000,698,413 | ---- | C] () -- C:\Users\Jay Richards\Documents\jello.jpg

[2010/09/11 07:02:29 | 000,003,007 | ---- | C] () -- C:\Users\Jay Richards\Desktop\HiJackThis.lnk

[2010/09/10 03:42:54 | 000,001,035 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk

[2010/09/06 14:57:03 | 000,031,405 | ---- | C] () -- C:\Users\Jay Richards\Documents\Expenses 8-13-2010.xlsx

[2010/09/06 14:51:36 | 000,031,235 | ---- | C] () -- C:\Users\Jay Richards\Documents\Expenses 8-12-2010.xlsx

[2010/09/06 14:48:56 | 000,031,441 | ---- | C] () -- C:\Users\Jay Richards\Documents\Expenses 8-11-2010.xlsx

[2010/09/06 14:46:57 | 000,031,482 | ---- | C] () -- C:\Users\Jay Richards\Documents\Expenses 8-10-2010.xlsx

[2010/09/06 14:34:24 | 000,031,286 | ---- | C] () -- C:\Users\Jay Richards\Documents\Expenses 8-9-2010.xlsx

[2010/09/06 14:29:48 | 000,031,397 | ---- | C] () -- C:\Users\Jay Richards\Documents\Expenses 8-6-2010.xlsx

[2010/09/06 14:23:42 | 000,031,375 | ---- | C] () -- C:\Users\Jay Richards\Documents\Expenses 7-23-2010.xlsx

[2010/09/06 14:15:59 | 000,031,456 | ---- | C] () -- C:\Users\Jay Richards\Documents\Expenses 6-28-2010.xlsx

[2010/09/06 14:10:46 | 000,031,314 | ---- | C] () -- C:\Users\Jay Richards\Documents\Expenses 6-18-2010.xlsx

[2010/09/06 14:09:32 | 000,031,587 | ---- | C] () -- C:\Users\Jay Richards\Documents\Expenses 6-17-2010.xlsx

[2010/09/06 13:57:47 | 000,031,400 | ---- | C] () -- C:\Users\Jay Richards\Documents\Expenses 6-9-2010.xlsx

[2010/09/06 13:51:10 | 000,031,409 | ---- | C] () -- C:\Users\Jay Richards\Documents\Expenses 6-7-2010.xlsx

[2010/09/06 13:41:17 | 000,031,337 | ---- | C] () -- C:\Users\Jay Richards\Documents\Expenses 6-4-2010.xlsx

[2010/09/06 13:35:48 | 000,031,463 | ---- | C] () -- C:\Users\Jay Richards\Documents\Expenses 6-3-2010.xlsx

[2010/09/06 12:51:38 | 000,031,416 | ---- | C] () -- C:\Users\Jay Richards\Documents\Expenses 5-18-2010.xlsx

[2010/09/06 12:43:03 | 000,031,539 | ---- | C] () -- C:\Users\Jay Richards\Documents\Expenses 5-13-2010.xlsx

[2010/09/06 12:30:34 | 000,031,495 | ---- | C] () -- C:\Users\Jay Richards\Documents\Expenses 5-12-2010.xlsx

[2010/09/06 12:19:21 | 000,031,575 | ---- | C] () -- C:\Users\Jay Richards\Documents\Expenses 5-10-2010.xlsx

[2010/09/06 11:54:59 | 000,031,485 | ---- | C] () -- C:\Users\Jay Richards\Documents\Expenses 3-30-2010.xlsx

[2010/09/06 11:23:47 | 000,031,373 | ---- | C] () -- C:\Users\Jay Richards\Documents\Expenses 3-18-2010.xlsx

[2010/09/06 11:21:14 | 000,031,550 | ---- | C] () -- C:\Users\Jay Richards\Documents\Expenses 3-17-2010.xlsx

[2010/09/06 11:11:33 | 000,031,336 | ---- | C] () -- C:\Users\Jay Richards\Documents\Expenses 3-16-2010.xlsx

[2010/09/06 11:00:43 | 000,031,437 | ---- | C] () -- C:\Users\Jay Richards\Documents\Expenses 3-15-2010.xlsx

[2010/09/06 10:48:27 | 000,031,473 | ---- | C] () -- C:\Users\Jay Richards\Documents\Expenses 3-12-2010.xlsx

[2010/09/06 10:39:53 | 000,031,525 | ---- | C] () -- C:\Users\Jay Richards\Documents\Expenses 3-11-2010.xlsx

[2010/09/06 10:32:53 | 000,031,440 | ---- | C] () -- C:\Users\Jay Richards\Documents\Expenses 3-10-2010.xlsx

[2010/09/06 10:20:20 | 000,031,526 | ---- | C] () -- C:\Users\Jay Richards\Documents\Expenses 3-9-2010.xlsx

[2010/09/06 09:11:51 | 000,031,190 | ---- | C] () -- C:\Users\Jay Richards\Documents\Expenses 3-8-2010.xlsx

[2010/09/05 18:11:22 | 000,031,315 | ---- | C] () -- C:\Users\Jay Richards\Documents\Expenses 3-5-2010.xlsx

[2010/09/05 17:47:15 | 000,031,450 | ---- | C] () -- C:\Users\Jay Richards\Documents\Expenses 2-17-2010.xlsx

[2010/09/05 17:45:02 | 000,031,297 | ---- | C] () -- C:\Users\Jay Richards\Documents\Expenses 2-16-2010.xlsx

[2010/09/05 17:24:45 | 000,031,330 | ---- | C] () -- C:\Users\Jay Richards\Documents\Expenses 2-12-2010.xlsx

[2010/09/05 17:19:57 | 000,031,235 | ---- | C] () -- C:\Users\Jay Richards\Documents\Expenses 2-11-2010.xlsx

[2010/09/05 17:02:32 | 000,031,264 | ---- | C] () -- C:\Users\Jay Richards\Documents\Expenses 2-10-2010.xlsx

[2010/09/05 16:57:00 | 000,031,360 | ---- | C] () -- C:\Users\Jay Richards\Documents\Expenses 2-9-2010.xlsx

[2010/09/05 16:50:07 | 000,031,237 | ---- | C] () -- C:\Users\Jay Richards\Documents\Expenses 2-15-2010.xlsx

[2010/09/05 16:13:15 | 000,031,262 | ---- | C] () -- C:\Users\Jay Richards\Documents\Expenses 2-5-2010.xlsx

[2010/09/05 16:11:33 | 000,031,247 | ---- | C] () -- C:\Users\Jay Richards\Documents\Expenses 2-4-2010.xlsx

[2010/09/05 16:05:53 | 000,031,162 | ---- | C] () -- C:\Users\Jay Richards\Documents\Expenses 2-3-2010.xlsx

[2010/09/05 16:01:36 | 000,031,217 | ---- | C] () -- C:\Users\Jay Richards\Documents\Expenses 2-2-2010.xlsx

[2010/09/05 15:50:18 | 000,031,245 | ---- | C] () -- C:\Users\Jay Richards\Documents\Expenses 2-1-2010.xlsx

[2010/09/05 15:18:40 | 000,031,305 | ---- | C] () -- C:\Users\Jay Richards\Documents\expenses 1-29-2010.xlsx

[2010/09/05 15:17:38 | 000,031,301 | ---- | C] () -- C:\Users\Jay Richards\Documents\expenses 1-28-2010.xlsx

[2010/09/05 15:08:23 | 000,031,304 | ---- | C] () -- C:\Users\Jay Richards\Documents\expenses 1-27-2010.xlsx

[2010/09/05 15:07:31 | 000,031,299 | ---- | C] () -- C:\Users\Jay Richards\Documents\expenses 1-26-2010.xlsx

[2010/09/05 15:07:05 | 000,029,762 | ---- | C] () -- C:\Users\Jay Richards\Documents\Expenses 1-25-2010.xlsx

[2010/09/01 17:48:14 | 000,026,112 | ---- | C] () -- C:\Users\Jay Richards\Desktop\Pantry.doc

[2010/08/31 15:41:31 | 000,575,477 | ---- | C] () -- C:\Users\Jay Richards\Desktop\New York NJ NE.pdf

[2010/08/31 15:27:59 | 000,022,992 | ---- | C] () -- C:\Users\Jay Richards\Desktop\New England NY and Nj.kml

[2010/08/31 15:24:30 | 000,521,147 | ---- | C] () -- C:\Users\Jay Richards\Desktop\Airgas East All locations except plants.pdf

[2010/08/31 15:19:01 | 000,033,647 | ---- | C] () -- C:\Users\Jay Richards\Desktop\All AG East.kml

[2010/08/29 09:14:20 | 000,001,849 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk

[2010/08/28 10:54:57 | 000,662,378 | ---- | C] () -- C:\Users\Jay Richards\Desktop\document1.pdf

[2010/08/28 10:34:24 | 000,004,453 | ---- | C] () -- C:\Users\Jay Richards\Desktop\Branches id a problems.kml

[2010/08/28 10:30:41 | 000,014,374 | ---- | C] () -- C:\Users\Jay Richards\Desktop\BatchGeo.kml

[2010/08/28 01:08:40 | 000,000,231 | ---- | C] () -- C:\Users\Jay Richards\AppData\Roaming\Rim.Desktop.Exception.log

[2010/08/28 00:47:21 | 000,000,807 | ---- | C] () -- C:\Users\Jay Richards\AppData\Roaming\Rim.Desktop.HttpServerSetup.log

[2010/08/28 00:47:01 | 000,002,235 | ---- | C] () -- C:\Users\Public\Desktop\BlackBerry Desktop Software.lnk

[2010/08/27 14:41:16 | 000,053,248 | ---- | C] () -- C:\Users\Jay Richards\Desktop\Report.xls

[2010/08/26 11:11:46 | 000,015,880 | ---- | C] () -- C:\Windows\SysNative\lsdelete.exe

[2010/08/26 08:33:12 | 000,001,170 | ---- | C] () -- C:\Users\Jay Richards\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk

[2010/08/26 08:33:12 | 000,001,146 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk

[2010/08/24 14:05:10 | 000,019,751 | ---- | C] () -- C:\Users\Jay Richards\Desktop\UniSelect Letter Head.docx

[2010/08/24 11:48:42 | 000,027,967 | ---- | C] () -- C:\Users\Jay Richards\Documents\DUKES SALES AUDIT - AIRGAS SOUTHAugust 6 - 13th, 2010 REV (1).xlsx

[2010/08/24 08:02:25 | 005,098,496 | ---- | C] () -- C:\Users\Jay Richards\Desktop\Return Reviews (3).doc

[2010/08/23 15:36:52 | 000,019,746 | ---- | C] () -- C:\Users\Jay Richards\Desktop\questionable transactions.xlsx

[2010/08/23 12:32:09 | 000,263,446 | ---- | C] () -- C:\Users\Jay Richards\Desktop\DUKES -Airgas South Sales Audit Tracker - Aug 2010 .xlsx

[2010/08/23 09:59:44 | 000,020,104 | ---- | C] () -- C:\Users\Jay Richards\Desktop\Saturday returns.xlsx

[2010/08/20 08:06:55 | 000,025,971 | ---- | C] () -- C:\Users\Jay Richards\Desktop\Report.xlsx

[2010/08/19 18:17:12 | 000,158,937 | ---- | C] () -- C:\Users\Jay Richards\Desktop\Acct return ratios.xlsx

[2010/08/19 13:05:03 | 000,253,026 | ---- | C] () -- C:\Users\Jay Richards\Desktop\Returns from Jan 2010 (1).xlsx

[2010/08/10 08:47:12 | 000,010,719 | ---- | C] () -- C:\Users\Jay Richards\Documents\Book1.xlsx

[2010/08/08 22:34:09 | 000,054,096 | ---- | C] () -- C:\Users\Jay Richards\Desktop\Presentation2.pdf

[2010/08/08 22:32:50 | 000,055,386 | ---- | C] () -- C:\Users\Jay Richards\Desktop\Presentation1.pdf

[2010/08/08 21:58:46 | 000,042,747 | ---- | C] () -- C:\Users\Jay Richards\Desktop\Bodegas Tapas Bar.pdf

[2010/08/05 13:34:40 | 000,011,662 | ---- | C] () -- C:\Users\Jay Richards\Desktop\AG SW FL GA ROUND @.xlsx

[2010/08/05 11:05:09 | 000,002,288 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk

[2010/08/02 12:53:27 | 000,301,188 | ---- | C] () -- C:\Users\Jay Richards\Desktop\DUKES - AIRGAS SOUTHWEST OCT 2009 - 2010 - Secret Shopper Master Tracker 7-27-2010.xlsx

[2010/07/29 11:24:03 | 000,012,658 | ---- | C] () -- C:\Users\Jay Richards\Desktop\j.xlsx

[2010/07/23 10:33:50 | 000,000,000 | ---- | C] () -- C:\Users\Jay Richards\defogger_reenable

[2010/07/23 09:52:40 | 000,013,846 | ---- | C] () -- C:\Users\Jay Richards\Documents\Dukes - Airgas Mid America Interviews July 21 - 22.docx

[2010/07/22 18:22:05 | 000,025,256 | ---- | C] () -- C:\Confession Template on Letter Head.docx

[2010/07/22 08:57:21 | 000,011,516 | ---- | C] () -- C:\Users\Jay Richards\Documents\Evansville St. Joe Questions for Bob and Tommy.xlsx

[2010/07/14 20:01:26 | 000,001,114 | ---- | C] () -- C:\Users\Jay Richards\Documents\Documents - Shortcut.lnk

[2010/07/14 18:19:36 | 000,015,076 | ---- | C] () -- C:\Users\Jay Richards\Documents\Steven_Cahill_Resume_2010 (1).docx

[2010/07/13 07:52:44 | 021,864,894 | ---- | C] () -- C:\Users\Jay Richards\Documents\LoaderBackup-(2010-07-13).ipd

[2010/07/12 15:43:48 | 032,824,694 | ---- | C] () -- C:\Users\Jay Richards\Documents\LoaderBackup-(2010-07-12).ipd

[2010/07/09 08:59:07 | 000,190,424 | ---- | C] () -- C:\Users\Jay Richards\Desktop\Dukes Airgas SW Location Report 8-4-2010.xlsx

[2010/07/08 12:46:00 | 000,000,256 | ---- | C] () -- C:\Users\Jay Richards\Documents\pool.bin

[2010/07/08 12:45:53 | 034,012,344 | ---- | C] () -- C:\Users\Jay Richards\Documents\Backup-(2010-07-08).ipd

[2010/07/08 11:44:11 | 000,123,508 | ---- | C] () -- C:\Users\Jay Richards\Documents\DUKES - AIRGAS MASTER TRACKER TEMPLATE WITH COMMENTS FOR REVISION.xlsx

[2010/07/08 10:24:36 | 000,122,684 | ---- | C] () -- C:\Users\Jay Richards\Documents\DUKES - AIRGAS MASTER TRACKER TEMPLATE11.xlsx

[2010/07/08 06:35:59 | 000,000,017 | ---- | C] () -- C:\Users\Jay Richards\AppData\Local\resmon.resmoncfg

[2010/06/24 12:30:35 | 000,001,310 | ---- | C] () -- C:\Users\Jay Richards\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk

[2010/05/27 09:49:52 | 000,000,157 | ---- | C] () -- C:\Users\Jay Richards\AppData\Roaming\BBMS_EXCEPTION.txt

[2010/04/01 05:59:01 | 000,000,036 | ---- | C] () -- C:\Users\Jay Richards\AppData\Local\housecall.guid.cache

[2010/03/17 06:33:12 | 000,000,122 | ---- | C] () -- C:\Users\Jay Richards\AppData\Roaming\wklnhst.dat

[2010/03/14 14:01:26 | 000,000,028 | ---- | C] () -- C:\Windows\pdf995.ini

[2010/03/14 13:56:01 | 000,000,060 | ---- | C] () -- C:\Windows\wpd99.drv

[2010/03/14 13:56:00 | 000,047,616 | ---- | C] () -- C:\Windows\SysWow64\pdf995mon64.dll

[2010/03/10 21:29:42 | 000,000,100 | ---- | C] () -- C:\Users\Jay Richards\AppData\Local\fusioncache.dat

[2010/03/08 08:44:05 | 000,744,580 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2009/11/05 16:32:57 | 000,008,415 | ---- | C] () -- C:\ProgramData\ArcadeDeluxe3.log

[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

========== LOP Check ==========

[2010/03/02 04:54:23 | 000,000,000 | ---D | M] -- C:\Users\Jay Richards\AppData\Roaming\Acer

[2010/03/28 18:02:49 | 000,000,000 | ---D | M] -- C:\Users\Jay Richards\AppData\Roaming\Bytemobile

[2010/04/30 15:09:37 | 000,000,000 | ---D | M] -- C:\Users\Jay Richards\AppData\Roaming\CasinoOnNet

[2010/03/02 04:54:21 | 000,000,000 | ---D | M] -- C:\Users\Jay Richards\AppData\Roaming\Leadertech

[2010/03/14 14:01:26 | 000,000,000 | ---D | M] -- C:\Users\Jay Richards\AppData\Roaming\pdf995

[2010/08/28 01:08:39 | 000,000,000 | ---D | M] -- C:\Users\Jay Richards\AppData\Roaming\Research In Motion

[2010/03/28 10:29:26 | 000,000,000 | ---D | M] -- C:\Users\Jay Richards\AppData\Roaming\ScanSoft

[2010/03/28 17:38:14 | 000,000,000 | ---D | M] -- C:\Users\Jay Richards\AppData\Roaming\Sierra Wireless

[2010/03/17 06:33:12 | 000,000,000 | ---D | M] -- C:\Users\Jay Richards\AppData\Roaming\Template

[2010/06/01 10:55:39 | 000,000,000 | ---D | M] -- C:\Users\Jay Richards\AppData\Roaming\Unity

[2010/03/01 09:05:31 | 000,000,000 | ---D | M] -- C:\Users\Jay Richards\AppData\Roaming\WildTangent

[2010/04/26 21:30:49 | 000,032,740 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >

[2010/09/17 11:17:01 | 000,002,236 | ---- | M] () -- C:\aaw7boot.log

[2009/11/05 15:47:05 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK

[2010/07/22 18:22:06 | 000,025,256 | ---- | M] () -- C:\Confession Template on Letter Head.docx

[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt

[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt

[2007/11/07 08:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt

[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt

[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt

[2007/11/07 08:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt

[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt

[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt

[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt

[2007/11/07 08:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini

[2010/09/17 11:17:01 | 2211,483,648 | -HS- | M] () -- C:\hiberfil.sys

[2007/11/07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

[2007/11/07 08:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini

[2007/11/07 08:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll

[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll

[2007/11/07 08:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll

[2007/11/07 08:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll

[2007/11/07 08:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll

[2007/11/07 08:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll

[2007/11/07 08:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll

[2007/11/07 08:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll

[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll

[2010/06/01 17:53:25 | 000,036,864 | ---- | M] (Homestead Technologies, Inc.) -- C:\nphssb.dll

[2010/06/01 17:53:25 | 000,000,247 | ---- | M] () -- C:\nphssb.xpt

[2010/09/17 11:17:01 | 2948,648,960 | -HS- | M] () -- C:\pagefile.sys

[2009/11/05 15:57:50 | 000,002,051 | ---- | M] () -- C:\RHDSetup.log

[2010/06/21 12:45:43 | 000,008,269 | ---- | M] () -- C:\spi.scanning.log

[2007/11/07 08:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp

[2007/11/07 08:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab

[2007/11/07 08:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI

< %systemroot%\Fonts\*.com >

[2009/07/14 01:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont

[2009/07/14 01:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont

[2009/07/14 01:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont

[2009/07/14 01:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >

[2009/06/10 16:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

[2009/07/10 16:15:46 | 000,306,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

[2010/05/26 10:25:54 | 000,001,686 | -HS- | M] () -- C:\Users\Jay Richards\AppData\Roaming\Microsoft\LastFlashConfig.wfc

< %PROGRAMFILES%\*.* >

[2009/07/14 00:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >

[2010/03/02 04:55:24 | 000,000,221 | -HS- | M] () -- C:\Users\Jay Richards\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >

[2010/06/21 09:12:56 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Users\Jay Richards\Desktop\ATF_Cleaner.exe

[2010/09/19 11:30:17 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Users\Jay Richards\Desktop\OTL.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

[2009/06/10 17:20:04 | 000,000,802 | ---- | M] () -- C:\Windows\addins\FXSEXT.ecf

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >

[2010/08/05 06:37:13 | 000,000,402 | -HS- | M] () -- C:\Users\Jay Richards\Favorites\desktop.ini

[2010/03/14 21:04:00 | 000,036,352 | ---- | M] () -- C:\Users\Jay Richards\Favorites\Dukes Expense example blank.xls

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

[2009/11/05 16:35:58 | 000,008,415 | ---- | M] () -- C:\ProgramData\ArcadeDeluxe3.log

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.exe >

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< %USERPROFILE%\Templates\*.tmp >

< %SYSTEMDRIVE%\explorexxx.exe\*.* >

< %Windir%\Installer\*.tmp >

[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]

< %systemroot%\System32\*.xco >

< %ProgramFiles%\system32\*.* >

< %systemroot%\System32\windos\*.* >

< %SystemRoot%\system32\sandbox\*.* >

< %SystemRoot%\system32\*.amo >

< %SystemRoot%\system32\Windows Live\*.* >

< %ProgramFiles%\logs\*.* >

< %ProgramFiles%\Bifrost\*.* >

< %SystemRoot%\system32\*.goo >

< %systemroot%\system32\IME\*.* >

< %systemroot%\BackUp\*.* >

< %systemroot%\system32\*.ico >

[2009/06/10 17:17:19 | 000,116,288 | ---- | M] () -- C:\Windows\SysWOW64\PerfCenterCpl.ico

< %systemroot%\system\*.dat >

< %systemroot%\system\*.exe >

< %AppData%\Macromedia\Common\*.* >

< %SYSTEMDRIVE%\dir\*.* /s >

< %systemroot%\system32\ras\*.exe >

< %SYSTEMDRIVE%\MFILES\*.* >

< %SYSTEMDRIVE%\mDNSRespon.exe\*.* >

< %systemroot%\system32\services\*.* >

< %systemroot%\Spooler\*.* >

< %ProgramFiles%\system32\*.* >

< %systemroot%\system32\Setup\*.dll /x >

< %systemroot%\system32\*.mine >

< %SYSTEMDRIVE%\cleansweep.exe\*.* >

< %systemroot%\system32\ras\*.dll >

< %systemroot%\system32\ras\*.drv >

< %systemroot%\*.iq >

< %systemroot%\system32\XP\*.* >

< %SYSTEMDRIVE%\Extracted\*.* >

< %systemroot%\system32\windows\*.* >

< %systemroot%\logs\*.* >

< %SYSTEMDRIVE%\Win.Msi\*.* >

< %systemroot%\regedit\*.* >

< %systemroot%\system32\skype\*.* >

< %AppData%\Adobe\dlluplwin25\*.* >

< %UserProfile%\*.dat >

[2010/09/19 11:44:24 | 004,718,592 | -HS- | M] () -- C:\Users\Jay Richards\ntuser.dat

< %UserProfile%\*.dll >

< %systemroot%\system32\*.sxo >

< %SYSTEMDRIVE%\Gazma\*.* /s >

< %systemroot%\system32\spynet\*.* >

< %systemroot%\system32\System\*.* >

< %appdata%\Microsoft\Windows\*.* >

< %systemroot%\system32\WinDir\*.* >

< %systemroot%\_\*.* >

< %systemroot%\system32\windows32\*.* >

< %ProgramFiles%\win\*.* >

< %AppData%\Microsoft\CD Burning\*.* >

< %systemroot%\*.cab >

< %systemroot%\K.Backup\*.* >

< %ProgramFiles%\Massenger\*.* >

< %systemroot%\System32\*.doc >

< %systemroot%\Office12\*.* >

< %systemroot%\System32\Rundl32.exe\*.* >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

========== Alternate Data Streams ==========

@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:DFC5A2B2

@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:A8ADE5D8

< End of report >

Link to post
Share on other sites

Hi,

Please read carefully and follow these steps.

  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Download TFC to your desktop

  • Open the file and close any other windows.
  • It will close all programs itself when run, make sure to let it run uninterrupted.
  • Click the Start button to begin the process. The program should not take long to finish its job
  • Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Start Malwarebytes' Anti-Malware

  • Once the program has loaded, click the "Update" tab and click the "Check For updates" button.
  • Once the updates were downloaded, click the "Scanner" tab, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I'd like us to scan your machine with ESET OnlineScan

  1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  2. Click the esetOnline.png button.
  3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    1. Click on esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop.
    2. Double click on the esetSmartInstallDesktopIcon.png icon on your desktop.

    3. Check esetAcceptTerms.png
    4. Click the esetStart.png button.
    5. Accept any security warnings from your browser.
    6. Check esetScanArchives.png
    7. Push the Start button.
    8. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    9. When the scan completes, push esetListThreats.png
    10. Push esetExport.png, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    11. Push the esetBack.png button.
    12. Push esetFinish.png

Link to post
Share on other sites

2010/09/19 17:57:51.0379 TDSS rootkit removing tool 2.4.2.1 Sep 7 2010 14:43:44

2010/09/19 17:57:51.0379 ================================================================================

2010/09/19 17:57:51.0379 SystemInfo:

2010/09/19 17:57:51.0379

2010/09/19 17:57:51.0379 OS Version: 6.1.7600 ServicePack: 0.0

2010/09/19 17:57:51.0379 Product type: Workstation

2010/09/19 17:57:51.0380 ComputerName: ACER

2010/09/19 17:57:51.0382 UserName: Jay Richards

2010/09/19 17:57:51.0382 Windows directory: C:\Windows

2010/09/19 17:57:51.0382 System windows directory: C:\Windows

2010/09/19 17:57:51.0382 Running under WOW64

2010/09/19 17:57:51.0382 Processor architecture: Intel x64

2010/09/19 17:57:51.0382 Number of processors: 1

2010/09/19 17:57:51.0382 Page size: 0x1000

2010/09/19 17:57:51.0382 Boot type: Normal boot

2010/09/19 17:57:51.0382 ================================================================================

2010/09/19 17:57:51.0383 Utility is running under WOW64

2010/09/19 17:57:51.0792 Initialize success

2010/09/19 17:57:59.0966 ================================================================================

2010/09/19 17:57:59.0966 Scan started

2010/09/19 17:57:59.0966 Mode: Manual;

2010/09/19 17:57:59.0966 ================================================================================

2010/09/19 17:58:00.0464 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys

2010/09/19 17:58:00.0527 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys

2010/09/19 17:58:00.0600 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys

2010/09/19 17:58:00.0673 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

2010/09/19 17:58:00.0738 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

2010/09/19 17:58:00.0813 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

2010/09/19 17:58:00.0907 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys

2010/09/19 17:58:00.0988 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys

2010/09/19 17:58:01.0067 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys

2010/09/19 17:58:01.0125 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys

2010/09/19 17:58:01.0180 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

2010/09/19 17:58:01.0221 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

2010/09/19 17:58:01.0284 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys

2010/09/19 17:58:01.0342 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

2010/09/19 17:58:01.0400 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys

2010/09/19 17:58:01.0469 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys

2010/09/19 17:58:01.0547 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

2010/09/19 17:58:01.0590 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

2010/09/19 17:58:01.0676 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

2010/09/19 17:58:01.0738 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys

2010/09/19 17:58:01.0841 athr (d6cad7e5b05055bb8226bdcb1644da27) C:\Windows\system32\DRIVERS\athrx.sys

2010/09/19 17:58:02.0112 atikmdag (2db9047aac9d981f59ce06d04d70c4d8) C:\Windows\system32\DRIVERS\atikmdag.sys

2010/09/19 17:58:02.0359 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys

2010/09/19 17:58:02.0504 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

2010/09/19 17:58:02.0611 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

2010/09/19 17:58:02.0691 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

2010/09/19 17:58:02.0791 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

2010/09/19 17:58:02.0854 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys

2010/09/19 17:58:02.0894 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

2010/09/19 17:58:02.0937 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

2010/09/19 17:58:03.0016 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

2010/09/19 17:58:03.0059 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

2010/09/19 17:58:03.0114 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

2010/09/19 17:58:03.0155 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

2010/09/19 17:58:03.0209 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

2010/09/19 17:58:03.0297 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

2010/09/19 17:58:03.0366 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys

2010/09/19 17:58:03.0442 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

2010/09/19 17:58:03.0485 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

2010/09/19 17:58:03.0562 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

2010/09/19 17:58:03.0588 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys

2010/09/19 17:58:03.0644 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys

2010/09/19 17:58:03.0713 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

2010/09/19 17:58:03.0749 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys

2010/09/19 17:58:03.0809 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

2010/09/19 17:58:03.0913 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys

2010/09/19 17:58:03.0969 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

2010/09/19 17:58:04.0020 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

2010/09/19 17:58:04.0149 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys

2010/09/19 17:58:04.0190 Dot4Print (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys

2010/09/19 17:58:04.0228 Dot4Scan (488669cd1cd3bdcfdd9a5fda72209069) C:\Windows\system32\DRIVERS\Dot4Scan.sys

2010/09/19 17:58:04.0267 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys

2010/09/19 17:58:04.0342 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

2010/09/19 17:58:04.0412 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys

2010/09/19 17:58:04.0599 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

2010/09/19 17:58:04.0792 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

2010/09/19 17:58:04.0865 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys

2010/09/19 17:58:04.0954 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

2010/09/19 17:58:05.0014 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

2010/09/19 17:58:05.0096 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

2010/09/19 17:58:05.0181 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

2010/09/19 17:58:05.0232 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

2010/09/19 17:58:05.0293 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

2010/09/19 17:58:05.0351 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys

2010/09/19 17:58:05.0426 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

2010/09/19 17:58:05.0476 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

2010/09/19 17:58:05.0547 fvevol (b8b2a6e1558f8f5de5ce431c5b2c7b09) C:\Windows\system32\DRIVERS\fvevol.sys

2010/09/19 17:58:05.0607 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

2010/09/19 17:58:05.0735 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

2010/09/19 17:58:05.0807 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys

2010/09/19 17:58:05.0877 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys

2010/09/19 17:58:05.0918 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

2010/09/19 17:58:05.0961 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

2010/09/19 17:58:06.0013 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

2010/09/19 17:58:06.0088 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys

2010/09/19 17:58:06.0163 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys

2010/09/19 17:58:06.0226 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys

2010/09/19 17:58:06.0301 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys

2010/09/19 17:58:06.0364 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

2010/09/19 17:58:06.0425 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys

2010/09/19 17:58:06.0522 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

2010/09/19 17:58:06.0660 IntcAzAudAddService (0c3cf4b3bae28e121a1689e3538f8712) C:\Windows\system32\drivers\RTKVHD64.sys

2010/09/19 17:58:06.0755 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys

2010/09/19 17:58:06.0817 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

2010/09/19 17:58:06.0886 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys

2010/09/19 17:58:06.0941 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys

2010/09/19 17:58:06.0998 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

2010/09/19 17:58:07.0067 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

2010/09/19 17:58:07.0122 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys

2010/09/19 17:58:07.0184 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys

2010/09/19 17:58:07.0260 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

2010/09/19 17:58:07.0322 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys

2010/09/19 17:58:07.0389 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys

2010/09/19 17:58:07.0463 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys

2010/09/19 17:58:07.0512 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

2010/09/19 17:58:07.0614 L1C (2377ec4cc3e356655b996f39b43486b6) C:\Windows\system32\DRIVERS\L1C62x64.sys

2010/09/19 17:58:07.0797 Lavasoft Kernexplorer (2002853cf2c6328cb6f6fc9dd14393ca) C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys

2010/09/19 17:58:07.0872 Lbd (3c46290f7a5d45ba6ef32c248e22aa69) C:\Windows\system32\DRIVERS\Lbd.sys

2010/09/19 17:58:07.0984 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

2010/09/19 17:58:08.0084 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

2010/09/19 17:58:08.0143 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

2010/09/19 17:58:08.0201 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

2010/09/19 17:58:08.0256 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

2010/09/19 17:58:08.0313 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

2010/09/19 17:58:08.0396 MBAMProtector (e330051cce41eb4522e5dcebc15adcea) C:\Windows\system32\drivers\mbam.sys

2010/09/19 17:58:08.0485 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

2010/09/19 17:58:08.0538 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

2010/09/19 17:58:08.0607 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

2010/09/19 17:58:08.0672 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

2010/09/19 17:58:08.0744 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

2010/09/19 17:58:08.0804 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

2010/09/19 17:58:08.0854 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys

2010/09/19 17:58:08.0975 MpFilter (c4d8c3031c7cd5884ca856b15307e997) C:\Windows\system32\DRIVERS\MpFilter.sys

2010/09/19 17:58:09.0046 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys

2010/09/19 17:58:09.0106 MpNWMon (a768f58c55d3f303e686a7646348aec3) C:\Windows\system32\DRIVERS\MpNWMon.sys

2010/09/19 17:58:09.0158 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

2010/09/19 17:58:09.0234 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys

2010/09/19 17:58:09.0301 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys

2010/09/19 17:58:09.0355 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys

2010/09/19 17:58:09.0406 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys

2010/09/19 17:58:09.0456 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys

2010/09/19 17:58:09.0522 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys

2010/09/19 17:58:09.0598 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

2010/09/19 17:58:09.0663 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

2010/09/19 17:58:09.0713 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys

2010/09/19 17:58:09.0797 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

2010/09/19 17:58:09.0886 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

2010/09/19 17:58:09.0937 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

2010/09/19 17:58:10.0001 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys

2010/09/19 17:58:10.0102 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

2010/09/19 17:58:10.0196 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

2010/09/19 17:58:10.0241 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

2010/09/19 17:58:10.0300 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

2010/09/19 17:58:10.0366 mwlPSDFilter (6ffecc25b39dc7652a0cec0ada9db589) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys

2010/09/19 17:58:10.0416 mwlPSDNServ (0befe32ca56d6ee89d58175725596a85) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys

2010/09/19 17:58:10.0469 mwlPSDVDisk (d43bc633b8660463e446e28e14a51262) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys

2010/09/19 17:58:10.0582 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

2010/09/19 17:58:10.0664 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys

2010/09/19 17:58:10.0750 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

2010/09/19 17:58:10.0801 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

2010/09/19 17:58:10.0870 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys

2010/09/19 17:58:10.0920 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys

2010/09/19 17:58:10.0977 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys

2010/09/19 17:58:11.0040 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

2010/09/19 17:58:11.0095 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys

2010/09/19 17:58:11.0211 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

2010/09/19 17:58:11.0275 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

2010/09/19 17:58:11.0335 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

2010/09/19 17:58:11.0444 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys

2010/09/19 17:58:11.0586 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys

2010/09/19 17:58:11.0697 NuidFltr (d4012918d3a3847b44b888d56bc095d6) C:\Windows\system32\DRIVERS\NuidFltr.sys

2010/09/19 17:58:11.0750 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

2010/09/19 17:58:11.0812 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys

2010/09/19 17:58:11.0872 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys

2010/09/19 17:58:11.0944 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys

2010/09/19 17:58:12.0013 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys

2010/09/19 17:58:12.0098 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

2010/09/19 17:58:12.0167 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys

2010/09/19 17:58:12.0232 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys

2010/09/19 17:58:12.0294 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys

2010/09/19 17:58:12.0354 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

2010/09/19 17:58:12.0432 PCTINDIS5X64 (b5d3c24e4ea8e6d4850e83dad8c510d4) C:\Windows\system32\PCTINDIS5X64.SYS

2010/09/19 17:58:12.0493 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

2010/09/19 17:58:12.0557 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

2010/09/19 17:58:12.0885 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys

2010/09/19 17:58:12.0953 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

2010/09/19 17:58:13.0062 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys

2010/09/19 17:58:13.0179 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

2010/09/19 17:58:13.0262 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

2010/09/19 17:58:13.0334 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

2010/09/19 17:58:13.0376 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

2010/09/19 17:58:13.0468 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

2010/09/19 17:58:13.0548 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys

2010/09/19 17:58:13.0615 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

2010/09/19 17:58:13.0664 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

2010/09/19 17:58:13.0723 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys

2010/09/19 17:58:13.0779 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

2010/09/19 17:58:13.0838 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

2010/09/19 17:58:13.0897 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

2010/09/19 17:58:13.0950 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

2010/09/19 17:58:13.0995 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys

2010/09/19 17:58:14.0061 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys

2010/09/19 17:58:14.0159 RimUsb (5790bca445cc40df8b38c2c48608aac2) C:\Windows\system32\Drivers\RimUsb_AMD64.sys

2010/09/19 17:58:14.0227 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys

2010/09/19 17:58:14.0287 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys

2010/09/19 17:58:14.0391 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

2010/09/19 17:58:14.0479 RSUSBSTOR (e220d85daaa8318736f9b6b92f109146) C:\Windows\system32\Drivers\RtsUStor.sys

2010/09/19 17:58:14.0611 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys

2010/09/19 17:58:14.0682 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys

2010/09/19 17:58:14.0766 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

2010/09/19 17:58:14.0843 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

2010/09/19 17:58:14.0925 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

2010/09/19 17:58:14.0983 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

2010/09/19 17:58:15.0070 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys

2010/09/19 17:58:15.0121 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys

2010/09/19 17:58:15.0174 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys

2010/09/19 17:58:15.0226 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

2010/09/19 17:58:15.0293 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

2010/09/19 17:58:15.0346 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

2010/09/19 17:58:15.0414 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

2010/09/19 17:58:15.0515 SMSIVZAM5X64 (b5d3c24e4ea8e6d4850e83dad8c510d4) C:\PROGRA~2\VERIZO~1\VZACCE~1\SMSIVZAM5X64.SYS

2010/09/19 17:58:15.0587 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

2010/09/19 17:58:15.0770 srv (43067a65522eaec33d31a12d6fa8e3f4) C:\Windows\system32\DRIVERS\srv.sys

2010/09/19 17:58:15.0853 srv2 (03715cf9c30b563da35fc5f2b8f7b8e0) C:\Windows\system32\DRIVERS\srv2.sys

2010/09/19 17:58:15.0916 srvnet (fbd09635227a8026c0f7790f604343c6) C:\Windows\system32\DRIVERS\srvnet.sys

2010/09/19 17:58:16.0007 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

2010/09/19 17:58:16.0099 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys

2010/09/19 17:58:16.0180 swmsflt (179de6936fbb0702f89535b27e311b1f) C:\Windows\System32\drivers\swmsflt.sys

2010/09/19 17:58:16.0432 SynTP (bcf305959b53b200ceb2ad25ad22f8a7) C:\Windows\system32\DRIVERS\SynTP.sys

2010/09/19 17:58:16.0622 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys

2010/09/19 17:58:16.0765 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys

2010/09/19 17:58:16.0907 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys

2010/09/19 17:58:16.0979 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

2010/09/19 17:58:17.0021 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

2010/09/19 17:58:17.0082 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys

2010/09/19 17:58:17.0137 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys

2010/09/19 17:58:17.0256 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys

2010/09/19 17:58:17.0331 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys

2010/09/19 17:58:17.0394 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

2010/09/19 17:58:17.0469 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys

2010/09/19 17:58:17.0524 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys

2010/09/19 17:58:17.0605 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys

2010/09/19 17:58:17.0683 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys

2010/09/19 17:58:17.0737 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

2010/09/19 17:58:17.0819 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys

2010/09/19 17:58:17.0933 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys

2010/09/19 17:58:17.0988 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys

2010/09/19 17:58:18.0073 usbfilter (6648c6d7323a2ce0c4776c36cefbcb14) C:\Windows\system32\DRIVERS\usbfilter.sys

2010/09/19 17:58:18.0218 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys

2010/09/19 17:58:18.0273 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys

2010/09/19 17:58:18.0336 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

2010/09/19 17:58:18.0411 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

2010/09/19 17:58:18.0472 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS

2010/09/19 17:58:18.0525 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys

2010/09/19 17:58:18.0571 usbvideo (d501e12614b00a3252073101d6a1a74b) C:\Windows\system32\Drivers\usbvideo.sys

2010/09/19 17:58:18.0662 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys

2010/09/19 17:58:18.0735 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

2010/09/19 17:58:18.0786 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

2010/09/19 17:58:18.0831 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys

2010/09/19 17:58:18.0876 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys

2010/09/19 17:58:18.0928 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys

2010/09/19 17:58:19.0008 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys

2010/09/19 17:58:19.0069 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys

2010/09/19 17:58:19.0125 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

2010/09/19 17:58:19.0196 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

2010/09/19 17:58:19.0273 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

2010/09/19 17:58:19.0344 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

2010/09/19 17:58:19.0410 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

2010/09/19 17:58:19.0477 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

2010/09/19 17:58:19.0524 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

2010/09/19 17:58:19.0625 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

2010/09/19 17:58:19.0692 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

2010/09/19 17:58:19.0844 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

2010/09/19 17:58:19.0898 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

2010/09/19 17:58:20.0069 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys

2010/09/19 17:58:20.0184 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

2010/09/19 17:58:20.0294 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys

2010/09/19 17:58:20.0366 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys

2010/09/19 17:58:20.0542 ================================================================================

2010/09/19 17:58:20.0542 Scan finished

2010/09/19 17:58:20.0542 ================================================================================

Link to post
Share on other sites

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Database version: 4475

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

9/19/2010 6:46:35 PM

mbam-log-2010-09-19 (18-46-35).txt

Scan type: Quick scan

Objects scanned: 142035

Time elapsed: 6 minute(s), 55 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Link to post
Share on other sites

  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.