Jump to content

Quinnee

Members
  • Posts

    16
  • Joined

  • Last visited

Reputation

0 Neutral

About Quinnee

  • Birthday 06/13/1994

Profile Information

  • Location
    Texas
  1. I will do this, thanks again for all the help. I am glad to know it's safe and how to keep it that way!
  2. I updated windows like you asked. Here's the ESET scan results C:\Program Files (x86)\TalismanOnline\client.exe probably a variant of Win32/Packed.Themida application cleaned by deleting - quarantined C:\Users\Deb\Downloads\TalismanOnline_1626_Setup.exe probably a variant of Win32/Packed.Themida application deleted - quarantined C:\_OTL\MovedFiles\10192010_143255\C_Users\Deb\AppData\Local\10727299.exe a variant of Win32/Kryptik.HNQ trojan cleaned by deleting - quarantined C:\_OTL\MovedFiles\10192010_143255\C_Users\Deb\AppData\Local\Temp\Gt0.exe a variant of Win32/Kryptik.HMZ trojan cleaned by deleting - quarantined C:\_OTL\MovedFiles\10192010_143255\C_Users\Deb\AppData\Local\Temp\Gt1.exe a variant of Win32/Kryptik.HNB trojan cleaned by deleting - quarantined C:\_OTL\MovedFiles\10192010_143255\C_Windows\Gmupoa.exe a variant of Win32/Kryptik.HMZ trojan cleaned by deleting - quarantined C:\_OTL\MovedFiles\10192010_143255\C_Windows\Gmupob.exe a variant of Win32/Kryptik.HMZ trojan cleaned by deleting - quarantined C:\_OTL\MovedFiles\10192010_143255\C_Windows\Gmupoc.exe a variant of Win32/Kryptik.HMZ trojan cleaned by deleting - quarantined
  3. Thank you so much, glad you could help!
  4. It seems to be doing great! I've scanned with Malwarebytes. Here's the results- Malwarebytes' Anti-Malware 1.45 www.malwarebytes.org Database version: 3970 Windows 6.0.6001 Service Pack 1 Internet Explorer 8.0.6001.18975 10/19/2010 3:59:04 PM mbam-log-2010-10-19 (15-59-04).txt Scan type: Quick scan Objects scanned: 114122 Time elapsed: 4 minute(s), 6 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 1 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\Users\Deb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Security Tool.LNK (Rogue.SecurityTool) -> Quarantined and deleted successfully.
  5. All processes killed ========== OTL ========== Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\KOO9RV9K4Z deleted successfully. C:\Users\Deb\AppData\Local\Temp\Gt1.exe moved successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\SMH2B46TDP deleted successfully. C:\Users\Deb\AppData\Local\Temp\Gt0.exe moved successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\10727299 deleted successfully. C:\Users\Deb\AppData\Local\10727299.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully. C:\Windows\Gmupoc.exe moved successfully. C:\Windows\Gmupob.exe moved successfully. C:\Windows\Gmupoa.exe moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Deb ->Temp folder emptied: 1502852427 bytes ->Temporary Internet Files folder emptied: 115296511 bytes ->Java cache emptied: 46992331 bytes ->FireFox cache emptied: 42282761 bytes ->Google Chrome cache emptied: 274396794 bytes ->Opera cache emptied: 10726363 bytes ->Flash cache emptied: 2474918 bytes User: Debbie ->Temp folder emptied: 83337 bytes ->Temporary Internet Files folder emptied: 1401700 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 37165709 bytes %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 7319701 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes RecycleBin emptied: 18355404 bytes Total Files Cleaned = 1,964.00 mb OTL by OldTimer - Version 3.2.15.2 log created on 10192010_143255 Files\Folders moved on Reboot... C:\Users\Deb\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNCRFH85\index[1].php moved successfully. C:\Users\Deb\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W7YCED2F\iframe[1].htm moved successfully. C:\Users\Deb\AppData\Local\Microsoft\Windows\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully. File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WWVLBJQD\desktop.ini scheduled to be moved on reboot. File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TM43LG16\desktop.ini scheduled to be moved on reboot. File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5C9ZXTVX\desktop.ini scheduled to be moved on reboot. File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\202S6S0U\desktop.ini scheduled to be moved on reboot. File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini scheduled to be moved on reboot. File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini scheduled to be moved on reboot. Registry entries deleted on Reboot...
  6. ========== Files Created - No Company Name ========== [2010/10/19 10:10:15 | 000,034,560 | ---- | C] () -- C:\Windows\SysWow64\drivers\Normandy.sys [2010/10/18 23:08:43 | 000,000,278 | -H-- | C] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2010/10/18 23:07:51 | 001,193,472 | ---- | C] () -- C:\Users\Deb\AppData\Local\10727299.exe [2010/10/14 09:51:56 | 000,316,416 | ---- | C] () -- C:\Windows\SysNative\msshsq.dll [2010/10/13 14:08:08 | 001,923,584 | ---- | C] () -- C:\Windows\SysNative\ole32.dll [2010/10/13 14:08:02 | 000,189,952 | ---- | C] () -- C:\Windows\SysNative\t2embed.dll [2010/10/13 14:08:00 | 000,633,856 | ---- | C] () -- C:\Windows\SysNative\comctl32.dll [2010/10/13 14:07:57 | 002,751,488 | ---- | C] () -- C:\Windows\SysNative\win32k.sys [2010/10/13 14:07:47 | 013,425,152 | ---- | C] () -- C:\Windows\SysNative\wmp.dll [2010/10/13 14:07:33 | 008,147,968 | ---- | C] () -- C:\Windows\SysNative\wmploc.DLL [2010/10/13 14:07:22 | 009,257,472 | ---- | C] () -- C:\Windows\SysNative\mshtml.dll [2010/10/13 14:07:20 | 012,474,368 | ---- | C] () -- C:\Windows\SysNative\ieframe.dll [2010/10/13 14:07:16 | 001,486,848 | ---- | C] () -- C:\Windows\SysNative\urlmon.dll [2010/10/13 14:07:16 | 000,710,656 | ---- | C] () -- C:\Windows\SysNative\msfeeds.dll [2010/10/13 14:07:16 | 000,479,232 | ---- | C] () -- C:\Windows\SysNative\html.iec [2010/10/13 14:07:15 | 001,147,904 | ---- | C] () -- C:\Windows\SysNative\wininet.dll [2010/10/13 14:07:14 | 000,096,768 | ---- | C] () -- C:\Windows\SysNative\mshtmled.dll [2010/10/13 14:07:14 | 000,056,832 | ---- | C] () -- C:\Windows\SysNative\licmgr10.dll [2010/10/13 14:07:12 | 002,335,744 | ---- | C] () -- C:\Windows\SysNative\iertutil.dll [2010/10/13 14:07:12 | 001,538,560 | ---- | C] () -- C:\Windows\SysNative\inetcpl.cpl [2010/10/13 14:07:12 | 001,062,912 | ---- | C] () -- C:\Windows\SysNative\mstime.dll [2010/10/13 14:07:12 | 000,459,776 | ---- | C] () -- C:\Windows\SysNative\iedkcs32.dll [2010/10/13 14:07:12 | 000,252,416 | ---- | C] () -- C:\Windows\SysNative\iepeers.dll [2010/10/13 14:07:12 | 000,243,712 | ---- | C] () -- C:\Windows\SysNative\occache.dll [2010/10/13 14:07:12 | 000,219,136 | ---- | C] () -- C:\Windows\SysNative\ieui.dll [2010/10/13 14:07:12 | 000,077,312 | ---- | C] () -- C:\Windows\SysNative\iesetup.dll [2010/10/13 14:07:12 | 000,072,192 | ---- | C] () -- C:\Windows\SysNative\iernonce.dll [2010/10/13 14:07:12 | 000,071,680 | ---- | C] () -- C:\Windows\SysNative\msfeedsbs.dll [2010/10/13 14:07:12 | 000,031,744 | ---- | C] () -- C:\Windows\SysNative\jsproxy.dll [2010/10/13 14:07:11 | 000,162,816 | ---- | C] () -- C:\Windows\SysNative\ieUnatt.exe [2010/10/13 14:07:11 | 000,132,096 | ---- | C] () -- C:\Windows\SysNative\iesysprep.dll [2010/10/13 14:07:10 | 001,638,912 | ---- | C] () -- C:\Windows\SysNative\mshtml.tlb [2010/10/13 14:07:10 | 000,070,656 | ---- | C] () -- C:\Windows\SysNative\ie4uinit.exe [2010/10/13 14:07:10 | 000,012,288 | ---- | C] () -- C:\Windows\SysNative\msfeedssync.exe [2010/10/13 14:07:04 | 000,461,824 | ---- | C] () -- C:\Windows\SysNative\drivers\srv.sys [2010/10/13 14:07:04 | 000,179,712 | ---- | C] () -- C:\Windows\SysNative\srvsvc.dll [2010/10/13 14:07:04 | 000,175,104 | ---- | C] () -- C:\Windows\SysNative\drivers\srv2.sys [2010/10/13 14:07:04 | 000,144,896 | ---- | C] () -- C:\Windows\SysNative\drivers\srvnet.sys [2010/10/13 14:07:04 | 000,017,920 | ---- | C] () -- C:\Windows\SysNative\netevent.dll [2010/10/13 14:07:04 | 000,012,288 | ---- | C] () -- C:\Windows\SysNative\sscore.dll [2010/10/13 14:07:00 | 000,343,040 | ---- | C] () -- C:\Windows\SysNative\schannel.dll [2010/10/13 14:06:59 | 001,090,048 | ---- | C] () -- C:\Windows\SysNative\wmpmde.dll [2010/10/13 09:47:11 | 000,001,888 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010/10/03 15:25:49 | 000,001,727 | ---- | C] () -- C:\Users\Deb\Desktop\LimeWire 5.5.16.lnk [2010/09/28 13:43:04 | 000,002,048 | ---- | C] () -- C:\Windows\SysNative\tzres.dll [2010/09/22 21:10:10 | 000,334,432 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistMSI57F9.txt [2010/09/22 21:10:10 | 000,011,182 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistUI57F9.txt [2010/09/21 18:54:00 | 000,005,245 | ---- | C] () -- C:\Users\Deb\.recently-used.xbel [2010/09/17 13:30:23 | 000,020,958 | ---- | C] () -- C:\Users\Deb\Desktop\Shampoochart3.xlsx [2010/09/16 20:21:19 | 000,010,816 | ---- | C] () -- C:\Users\Deb\Desktop\psychchart2.xlsx [2010/09/16 19:49:16 | 000,010,495 | ---- | C] () -- C:\Users\Deb\Desktop\Piechart1.xlsx [2010/09/15 15:51:05 | 000,295,424 | ---- | C] () -- C:\Windows\SysNative\MP4SDECD.DLL [2010/09/15 15:51:04 | 000,975,360 | ---- | C] () -- C:\Windows\SysNative\inetcomm.dll [2010/09/15 15:50:59 | 000,267,776 | ---- | C] () -- C:\Windows\SysNative\spoolsv.exe [2010/09/15 15:50:57 | 000,622,080 | ---- | C] () -- C:\Windows\SysNative\usp10.dll [2010/09/09 16:29:14 | 000,332,902 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistMSI0939.txt [2010/09/09 16:29:14 | 000,011,118 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistUI0939.txt [2010/09/02 19:42:09 | 000,001,727 | ---- | C] () -- C:\Users\Deb\Application Data\Microsoft\Internet Explorer\Quick Launch\LimeWire 5.5.14.lnk [2010/09/01 11:29:02 | 000,001,921 | ---- | C] () -- C:\Users\Public\Desktop\Bing Maps 3D.lnk [2010/08/23 15:18:10 | 000,335,566 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistMSI228F.txt [2010/08/23 15:18:09 | 000,011,230 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistUI228F.txt [2010/08/19 12:41:13 | 000,442,368 | ---- | C] () -- C:\Windows\SysNative\winhttp.dll [2010/08/19 12:06:26 | 000,024,064 | ---- | C] () -- C:\Windows\SysNative\wsepno.dll [2010/08/19 12:06:26 | 000,012,288 | ---- | C] () -- C:\Windows\SysNative\msshooks.dll [2010/08/19 12:06:25 | 000,106,605 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin [2010/08/19 12:06:25 | 000,106,605 | ---- | C] () -- C:\Windows\SysNative\StructuredQuerySchema.bin [2010/08/19 12:06:25 | 000,080,896 | ---- | C] () -- C:\Windows\SysNative\propdefs.dll [2010/08/19 12:06:25 | 000,067,072 | ---- | C] () -- C:\Windows\SysNative\xmlfilter.dll [2010/08/19 12:06:25 | 000,044,544 | ---- | C] () -- C:\Windows\SysNative\msscb.dll [2010/08/19 12:06:25 | 000,043,008 | ---- | C] () -- C:\Windows\SysNative\rtffilt.dll [2010/08/19 12:06:25 | 000,037,376 | ---- | C] () -- C:\Windows\SysNative\mimefilt.dll [2010/08/19 12:06:25 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin [2010/08/19 12:06:25 | 000,018,904 | ---- | C] () -- C:\Windows\SysNative\StructuredQuerySchemaTrivial.bin [2010/08/19 12:06:23 | 001,676,800 | ---- | C] () -- C:\Windows\SysNative\chsbrkr.dll [2010/08/19 12:06:23 | 000,087,552 | ---- | C] () -- C:\Windows\SysNative\mssitlb.dll [2010/08/19 12:06:23 | 000,040,448 | ---- | C] () -- C:\Windows\SysNative\mssprxy.dll [2010/08/19 12:06:22 | 000,921,088 | ---- | C] () -- C:\Windows\SysNative\propsys.dll [2010/08/19 12:06:22 | 000,347,648 | ---- | C] () -- C:\Windows\SysNative\srchadmin.dll [2010/08/19 12:06:22 | 000,317,440 | ---- | C] () -- C:\Windows\SysNative\thawbrkr.dll [2010/08/19 12:06:22 | 000,280,064 | ---- | C] () -- C:\Windows\SysNative\offfilt.dll [2010/08/19 12:06:22 | 000,181,248 | ---- | C] () -- C:\Windows\SysNative\nlhtml.dll [2010/08/19 12:06:22 | 000,180,736 | ---- | C] () -- C:\Windows\SysNative\korwbrkr.dll [2010/08/19 12:06:21 | 011,967,524 | ---- | C] () -- C:\Windows\SysWow64\korwbrkr.lex [2010/08/19 12:06:21 | 011,967,524 | ---- | C] () -- C:\Windows\SysNative\korwbrkr.lex [2010/08/19 12:06:21 | 006,100,480 | ---- | C] () -- C:\Windows\SysNative\chtbrkr.dll [2010/08/19 12:06:21 | 000,796,672 | ---- | C] () -- C:\Windows\SysNative\mssvp.dll [2010/08/19 12:06:21 | 000,498,176 | ---- | C] () -- C:\Windows\SysNative\mssph.dll [2010/08/19 12:06:21 | 000,312,832 | ---- | C] () -- C:\Windows\SysNative\mssphtb.dll [2010/08/19 12:06:21 | 000,258,560 | ---- | C] () -- C:\Windows\SysNative\SearchProtocolHost.exe [2010/08/19 12:06:21 | 000,112,128 | ---- | C] () -- C:\Windows\SysNative\SearchFilterHost.exe [2010/08/19 12:06:21 | 000,078,848 | ---- | C] () -- C:\Windows\SysNative\msstrc.dll [2010/08/19 12:06:21 | 000,073,728 | ---- | C] () -- C:\Windows\SysNative\msscntrs.dll [2010/08/19 12:06:20 | 002,209,792 | ---- | C] () -- C:\Windows\SysNative\tquery.dll [2010/08/19 12:06:20 | 002,176,512 | ---- | C] () -- C:\Windows\SysNative\mssrch.dll [2010/08/19 12:06:20 | 000,598,016 | ---- | C] () -- C:\Windows\SysNative\SearchIndexer.exe [2010/08/19 11:42:26 | 000,032,768 | ---- | C] () -- C:\Windows\SysNative\nshhttp.dll [2010/08/19 11:42:23 | 000,610,304 | ---- | C] () -- C:\Windows\SysNative\drivers\http.sys [2010/08/19 11:42:23 | 000,033,792 | ---- | C] () -- C:\Windows\SysNative\httpapi.dll [2010/08/19 11:30:00 | 000,227,328 | ---- | C] () -- C:\Windows\SysNative\mpg2splt.ax [2010/08/19 11:30:00 | 000,101,376 | ---- | C] () -- C:\Windows\SysNative\MSNP.ax [2010/08/19 11:29:57 | 000,375,808 | ---- | C] () -- C:\Windows\SysNative\psisdecd.dll [2010/08/19 11:29:56 | 000,558,592 | ---- | C] () -- C:\Windows\SysNative\EncDec.dll [2010/08/19 11:29:56 | 000,289,792 | ---- | C] () -- C:\Windows\SysNative\psisrndr.ax [2010/08/19 11:27:35 | 001,942,856 | ---- | C] () -- C:\Windows\SysNative\dfshim.dll [2010/08/19 11:27:35 | 000,444,752 | ---- | C] () -- C:\Windows\SysNative\mscoree.dll [2010/08/19 11:27:35 | 000,320,352 | ---- | C] () -- C:\Windows\SysNative\PresentationHost.exe [2010/08/19 11:27:35 | 000,109,912 | ---- | C] () -- C:\Windows\SysNative\PresentationHostProxy.dll [2010/08/19 11:27:35 | 000,048,960 | ---- | C] () -- C:\Windows\SysNative\netfxperf.dll [2010/08/18 19:29:55 | 000,295,936 | ---- | C] () -- C:\Windows\SysNative\raschap.dll [2010/08/18 19:29:55 | 000,280,576 | ---- | C] () -- C:\Windows\SysNative\rastls.dll [2010/08/18 19:29:36 | 000,372,736 | ---- | C] () -- C:\Windows\SysNative\unregmp2.exe [2010/08/18 19:28:43 | 001,420,176 | ---- | C] () -- C:\Windows\SysNative\drivers\tcpip.sys [2010/08/18 19:28:40 | 001,691,648 | ---- | C] () -- C:\Windows\SysNative\connect.dll [2010/08/18 19:28:32 | 000,054,272 | ---- | C] () -- C:\Windows\SysNative\iyuv_32.dll [2010/08/18 19:28:32 | 000,038,400 | ---- | C] () -- C:\Windows\SysNative\msvidc32.dll [2010/08/18 19:28:32 | 000,025,600 | ---- | C] () -- C:\Windows\SysNative\msyuv.dll [2010/08/18 19:28:31 | 000,108,544 | ---- | C] () -- C:\Windows\SysNative\avifil32.dll [2010/08/18 19:28:31 | 000,093,184 | ---- | C] () -- C:\Windows\SysNative\mciavi32.dll [2010/08/18 19:28:31 | 000,076,800 | ---- | C] () -- C:\Windows\SysNative\avicap32.dll [2010/08/18 19:28:31 | 000,015,872 | ---- | C] () -- C:\Windows\SysNative\msrle32.dll [2010/08/18 19:28:31 | 000,013,824 | ---- | C] () -- C:\Windows\SysNative\tsbyuv.dll [2010/08/18 19:28:30 | 000,143,360 | ---- | C] () -- C:\Windows\SysNative\msvfw32.dll [2010/08/18 19:27:57 | 000,817,664 | ---- | C] () -- C:\Windows\SysNative\jscript.dll [2010/08/18 19:27:44 | 000,032,256 | ---- | C] () -- C:\Windows\SysNative\Apphlpdm.dll [2010/08/18 19:27:42 | 004,240,384 | ---- | C] () -- C:\Windows\SysNative\GameUXLegacyGDFs.dll [2010/08/18 19:27:30 | 000,366,080 | ---- | C] () -- C:\Windows\SysNative\atmfd.dll [2010/08/18 19:27:30 | 000,096,256 | ---- | C] () -- C:\Windows\SysNative\fontsub.dll [2010/08/18 19:27:30 | 000,048,128 | ---- | C] () -- C:\Windows\SysNative\atmlib.dll [2010/08/18 19:27:22 | 000,818,688 | ---- | C] () -- C:\Windows\SysNative\WMSPDMOD.DLL [2010/08/18 19:27:20 | 000,437,248 | ---- | C] () -- C:\Windows\SysNative\WSDApi.dll [2010/08/18 19:27:13 | 000,656,384 | ---- | C] () -- C:\Windows\SysNative\kerberos.dll [2010/08/18 19:26:55 | 000,084,480 | ---- | C] () -- C:\Windows\SysNative\asycfilt.dll [2010/08/18 19:26:52 | 012,898,304 | ---- | C] () -- C:\Windows\SysNative\shell32.dll [2010/08/18 19:26:39 | 000,273,920 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb10.sys [2010/08/18 19:26:39 | 000,135,168 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb.sys [2010/08/18 19:26:39 | 000,105,472 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb20.sys [2010/08/18 19:26:33 | 000,612,864 | ---- | C] () -- C:\Windows\SysNative\vbscript.dll [2010/08/18 19:26:32 | 000,050,688 | ---- | C] () -- C:\Windows\SysNative\rtutils.dll [2010/08/18 19:26:13 | 004,690,832 | ---- | C] () -- C:\Windows\SysNative\ntoskrnl.exe [2010/08/18 19:26:10 | 000,324,608 | ---- | C] () -- C:\Windows\SysNative\PortableDeviceApi.dll [2010/08/18 19:26:01 | 002,423,296 | ---- | C] () -- C:\Windows\SysNative\mstscax.dll [2010/08/18 19:25:57 | 000,880,640 | ---- | C] () -- C:\Windows\SysNative\timedate.cpl [2010/08/18 19:25:52 | 000,594,944 | ---- | C] () -- C:\Windows\SysNative\RMActivate_isv.exe [2010/08/18 19:25:52 | 000,594,432 | ---- | C] () -- C:\Windows\SysNative\RMActivate.exe [2010/08/18 19:25:51 | 000,413,696 | ---- | C] () -- C:\Windows\SysNative\RMActivate_ssp_isv.exe [2010/08/18 19:25:51 | 000,409,600 | ---- | C] () -- C:\Windows\SysNative\RMActivate_ssp.exe [2010/08/18 19:25:50 | 000,535,040 | ---- | C] () -- C:\Windows\SysNative\secproc.dll [2010/08/18 19:25:50 | 000,534,016 | ---- | C] () -- C:\Windows\SysNative\secproc_isv.dll [2010/08/18 19:25:50 | 000,457,216 | ---- | C] () -- C:\Windows\SysNative\msdrm.dll [2010/08/18 19:25:50 | 000,159,232 | ---- | C] () -- C:\Windows\SysNative\secproc_ssp_isv.dll [2010/08/18 19:25:50 | 000,158,720 | ---- | C] () -- C:\Windows\SysNative\secproc_ssp.dll [2010/08/18 19:24:51 | 002,900,480 | ---- | C] () -- C:\Windows\SysNative\WMVCORE.DLL [2010/08/18 19:24:50 | 003,547,136 | ---- | C] () -- C:\Windows\SysNative\mf.dll [2010/08/18 19:24:43 | 001,692,160 | ---- | C] () -- C:\Windows\SysNative\lsasrv.dll [2010/08/18 19:24:43 | 000,268,800 | ---- | C] () -- C:\Windows\SysNative\msv1_0.dll [2010/08/18 19:24:42 | 000,205,312 | ---- | C] () -- C:\Windows\SysNative\wdigest.dll [2010/08/18 19:24:41 | 000,515,656 | ---- | C] () -- C:\Windows\SysNative\drivers\ksecdd.sys [2010/08/18 19:24:40 | 000,094,720 | ---- | C] () -- C:\Windows\SysNative\secur32.dll [2010/08/18 19:24:40 | 000,011,264 | ---- | C] () -- C:\Windows\SysNative\lsass.exe [2010/08/18 19:24:38 | 000,088,576 | ---- | C] () -- C:\Windows\SysNative\atl.dll [2010/08/18 19:24:13 | 000,141,312 | ---- | C] () -- C:\Windows\SysNative\netiohlp.dll [2010/08/18 19:24:13 | 000,032,256 | ---- | C] () -- C:\Windows\SysNative\NETSTAT.EXE [2010/08/18 19:24:13 | 000,023,040 | ---- | C] () -- C:\Windows\SysNative\ARP.EXE [2010/08/18 19:24:13 | 000,012,800 | ---- | C] () -- C:\Windows\SysNative\MRINFO.EXE [2010/08/18 19:24:12 | 000,021,504 | ---- | C] () -- C:\Windows\SysNative\ROUTE.EXE [2010/08/18 19:24:12 | 000,011,264 | ---- | C] () -- C:\Windows\SysNative\finger.exe [2010/08/18 19:24:12 | 000,010,752 | ---- | C] () -- C:\Windows\SysNative\TCPSVCS.EXE [2010/08/18 19:24:12 | 000,010,240 | ---- | C] () -- C:\Windows\SysNative\HOSTNAME.EXE [2010/08/18 19:23:34 | 001,875,456 | ---- | C] () -- C:\Windows\SysNative\msxml3.dll [2010/08/18 19:23:30 | 001,570,816 | ---- | C] () -- C:\Windows\SysNative\quartz.dll [2010/08/18 19:23:26 | 000,082,944 | ---- | C] () -- C:\Windows\SysNative\msasn1.dll [2010/08/18 19:23:23 | 000,202,752 | ---- | C] () -- C:\Windows\SysNative\wkssvc.dll [2010/08/18 19:23:21 | 000,218,112 | ---- | C] () -- C:\Windows\SysNative\wintrust.dll [2010/08/18 19:22:25 | 000,104,960 | ---- | C] () -- C:\Windows\SysNative\cabview.dll [2010/08/18 19:04:10 | 000,072,192 | ---- | C] () -- C:\Windows\SysNative\l3codeca.acm [2010/08/18 19:03:57 | 000,368,128 | ---- | C] () -- C:\Windows\SysNative\wmpdxm.dll [2010/08/18 19:03:55 | 000,009,216 | ---- | C] () -- C:\Windows\SysNative\spwmp.dll [2010/08/18 19:03:55 | 000,005,120 | ---- | C] () -- C:\Windows\SysNative\msdxm.ocx [2010/08/18 19:03:55 | 000,005,120 | ---- | C] () -- C:\Windows\SysNative\dxmasf.dll [2010/08/18 19:03:54 | 000,043,520 | ---- | C] () -- C:\Windows\SysNative\msdxm.tlb [2010/08/18 19:03:53 | 000,018,432 | ---- | C] () -- C:\Windows\SysNative\amcompat.tlb [2010/08/18 19:03:09 | 000,176,640 | ---- | C] () -- C:\Windows\SysNative\Faultrep.dll [2010/08/18 19:03:08 | 000,120,832 | ---- | C] () -- C:\Windows\SysNative\wersvc.dll [2010/08/18 19:02:52 | 000,470,016 | ---- | C] () -- C:\Windows\SysNative\PhotoMetadataHandler.dll [2010/08/18 19:02:48 | 000,386,560 | ---- | C] () -- C:\Windows\SysNative\WindowsCodecsExt.dll [2010/08/18 19:02:47 | 000,841,216 | ---- | C] () -- C:\Windows\SysNative\WindowsCodecs.dll [2010/08/18 19:02:29 | 002,608,803 | ---- | C] () -- C:\Windows\SysNative\wlan.tmf [2010/08/18 19:02:28 | 000,376,832 | ---- | C] () -- C:\Windows\SysNative\wlansec.dll [2010/08/18 19:02:28 | 000,353,280 | ---- | C] () -- C:\Windows\SysNative\wlanmsm.dll [2010/08/18 19:02:28 | 000,157,184 | ---- | C] () -- C:\Windows\SysNative\L2SecHC.dll [2010/08/18 19:02:27 | 000,615,936 | ---- | C] () -- C:\Windows\SysNative\wlansvc.dll [2010/08/18 19:02:27 | 000,097,792 | ---- | C] () -- C:\Windows\SysNative\wlanhlp.dll [2010/08/18 19:02:27 | 000,086,528 | ---- | C] () -- C:\Windows\SysNative\wlanapi.dll [2010/08/17 16:00:59 | 000,235,520 | ---- | C] () -- C:\Windows\SysNative\CNMLM82.DLL [2010/08/03 21:47:00 | 453,231,341 | ---- | C] () -- C:\Windows\MEMORY.DMP [2010/07/27 20:40:54 | 000,001,558 | ---- | C] () -- C:\Users\Deb\Desktop\LastChaos.lnk [2010/07/02 16:08:08 | 000,334,802 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistMSI69E3.txt [2010/07/02 16:08:07 | 000,011,198 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistUI69E3.txt [2010/06/02 15:20:09 | 000,005,120 | ---- | C] () -- C:\Users\Deb\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/05/24 15:39:15 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2010/05/10 16:30:38 | 000,335,192 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistMSI4E12.txt [2010/05/10 16:30:38 | 000,011,214 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistUI4E12.txt [2010/05/01 10:13:38 | 008,892,928 | ---- | C] () -- C:\ProgramData\atscie.msi [2010/04/26 11:43:44 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010/04/23 09:39:09 | 000,334,098 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistMSI62DF.txt [2010/04/23 09:39:09 | 000,011,182 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistUI62DF.txt [2010/04/08 22:44:55 | 000,010,562 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistUI2848.txt [2010/04/08 22:44:54 | 000,424,098 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistMSI2845.txt [2010/04/08 22:44:54 | 000,011,390 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistUI2845.txt [2009/06/01 22:19:36 | 000,709,336 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2009/05/28 13:27:18 | 000,000,013 | RHS- | C] () -- C:\Windows\SysWow64\drivers\fbd.sys [2009/04/23 06:14:31 | 000,128,113 | ---- | C] () -- C:\Windows\SysWow64\csellang.ini [2009/04/23 06:14:31 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\csellang.dll [2009/04/23 06:14:31 | 000,007,671 | ---- | C] () -- C:\Windows\SysWow64\cseltbl.ini [2008/09/15 19:14:24 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll [2008/09/15 19:11:10 | 000,012,288 | ---- | C] () -- C:\Windows\SysWow64\DivXWMPExtType.dll [2008/08/18 13:37:34 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI [2008/08/18 13:23:51 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeW7.dll [2008/08/18 13:23:51 | 000,200,704 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeA6.dll [2008/08/18 13:23:51 | 000,192,512 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeP6.dll [2008/08/18 13:23:51 | 000,192,512 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeM6.dll [2008/08/18 13:23:51 | 000,188,416 | ---- | C] () -- C:\Windows\SysWow64\IVIresizePX.dll [2008/08/18 13:23:51 | 000,020,480 | ---- | C] () -- C:\Windows\SysWow64\IVIresize.dll [2008/01/20 21:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini [2008/01/20 21:49:49 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll ========== LOP Check ========== [2010/02/17 18:32:53 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\Ambient Design [2010/10/16 22:02:19 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\BitTorrent [2010/05/24 15:40:39 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\Bytemobile [2009/06/01 19:39:41 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2010/10/19 12:34:55 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\DNA [2010/07/31 15:18:55 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\GetRightToGo [2010/09/21 18:54:00 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\gtk-2.0 [2009/11/26 19:17:43 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\ijjigame [2010/10/18 23:16:52 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\LimeWire [2010/03/25 21:39:17 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\Opera [2010/03/10 11:29:40 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\PhotoFiltre [2010/10/17 23:25:06 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\Raptr [2010/05/24 15:39:03 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\Sierra Wireless [2009/12/02 10:12:05 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\SiteRanker [2010/08/22 13:27:15 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\Toshiba [2010/09/22 17:35:57 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\Vivox [2010/10/19 12:33:12 | 000,032,614 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2010/10/19 12:38:00 | 000,000,278 | -H-- | M] () -- C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2 @Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:A8ADE5D8 < End of report >
  7. OTL logfile created on: 10/19/2010 12:38:56 PM - Run 1 OTL by OldTimer - Version 3.2.15.2 Folder = C:\Users\Deb\Downloads 64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18975) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 73.00% Memory free 8.00 Gb Paging File | 7.00 Gb Available in Paging File | 85.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 139.51 Gb Total Space | 33.80 Gb Free Space | 24.23% Space Free | Partition Type: NTFS Computer Name: DEB-PC | User Name: Deb | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 90 Days ========== Processes (SafeList) ========== PRC - [2010/10/19 12:36:56 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Users\Deb\Downloads\OTH(2).scr PRC - [2010/10/19 12:36:54 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Deb\Downloads\OTL.scr PRC - [2010/01/11 14:10:52 | 000,082,944 | ---- | M] () -- C:\Program Files (x86)\Novatel Wireless\Novacore\Server\NvtlSrvr.exe PRC - [2008/04/15 19:54:42 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe ========== Modules (SafeList) ========== MOD - [2010/10/19 12:36:54 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Deb\Downloads\OTL.scr MOD - [2010/08/31 10:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - File not found [On_Demand | Stopped] -- C:\Windows\SysNative\GameMon.des -- (npggsvc) SRV:64bit: - [2008/04/24 20:57:40 | 000,084,992 | ---- | M] (Toshiba) [On_Demand | Running] -- C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe -- (SmartFaceVWatchSrv) SRV:64bit: - [2008/02/06 15:50:18 | 000,434,016 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv) SRV:64bit: - [2008/01/20 21:50:24 | 000,027,648 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (usprserv) SRV:64bit: - [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:64bit: - [2007/12/11 13:11:30 | 000,015,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\agr64svc.exe -- (AgereModemAudio) SRV:64bit: - [2007/12/03 19:04:48 | 000,175,104 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service) SRV:64bit: - [2007/11/21 18:53:16 | 000,135,168 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv) SRV - [2010/09/22 21:08:00 | 002,950,744 | ---- | M] () [Auto | Running] -- c:\Program Files (x86)\Common Files\Akamai\netsession_win_062a651.dll -- (Akamai) SRV - [2010/06/08 16:48:26 | 000,120,128 | ---- | M] (SmithMicro Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Sprint\Sprint SmartView\RcAppSvc.exe -- (SprintRcAppSvc) SRV - [2010/06/08 16:45:24 | 000,124,224 | ---- | M] (SmithMicro Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Sprint\Sprint SmartView\ConAppsSvc.exe -- (CASprint) SRV - [2010/04/26 16:15:00 | 003,826,032 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/01/11 14:10:52 | 000,082,944 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Novatel Wireless\Novacore\Server\NvtlSrvr.exe -- (NvtlService) SRV - [2009/03/06 12:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) [Auto | Stopped] -- C:\Windows\SysWOW64\atashost.exe -- (atashost) SRV - [2008/08/04 16:46:22 | 000,046,392 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo) SRV - [2008/07/27 13:03:13 | 000,069,632 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008/07/18 22:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv) SRV - [2008/04/17 02:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service) SRV - [2008/04/16 17:53:00 | 000,954,368 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Jumpstart\jswpsapi.exe -- (jswpsapi) SRV - [2008/04/15 19:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel® SRV - [2008/04/03 23:01:28 | 000,036,864 | ---- | M] (TOSHIBA Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe -- (ConfigFree Gadget Service) SRV - [2006/08/23 18:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper) SRV - [2005/11/14 03:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT) ========== Driver Services (SafeList) ========== DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WPRO_40_1340.sys -- (WPRO_40_1340) WinPcap Packet Driver (WPRO_40_1340) DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\npptNT2.sys -- (NPPTNT2) DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipinip.sys -- (IpInIp) DRV:64bit: - [2010/06/08 16:35:46 | 000,255,488 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NWADIenum.sys -- (NWADI) DRV:64bit: - [2010/06/08 16:30:34 | 000,043,032 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\PCTINDIS5X64.SYS -- (PCTINDIS5X64) DRV:64bit: - [2010/02/11 21:04:38 | 000,359,040 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\drxvi314_64.sys -- (bcm) DRV:64bit: - [2010/02/11 21:02:54 | 000,062,976 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\BcmBusCtr_64.sys -- (bcmbusctr) DRV:64bit: - [2009/03/31 11:57:22 | 000,041,280 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\PCASp50a64.sys -- (PCASp50a64) DRV:64bit: - [2008/07/28 17:55:28 | 001,146,368 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\athrx.sys -- (athr) DRV:64bit: - [2008/07/18 20:52:16 | 000,504,912 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\tos_sps64.sys -- (tos_sps64) DRV:64bit: - [2008/06/12 20:51:36 | 007,911,840 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx) DRV:64bit: - [2008/05/29 14:53:26 | 000,133,120 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\cm_net.sys -- (cm_net) DRV:64bit: - [2008/05/29 14:53:26 | 000,118,272 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\cm_ser.sys -- (cm_ser) DRV:64bit: - [2008/04/28 18:59:26 | 000,026,624 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\jswpslwfx.sys -- (JSWPSLWF) DRV:64bit: - [2008/04/15 19:54:16 | 000,388,120 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\iaStor.sys -- (iaStor) DRV:64bit: - [2008/04/15 12:05:42 | 000,161,792 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169) DRV:64bit: - [2008/04/02 19:27:18 | 000,065,024 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTSTOR64.SYS -- (RTSTOR) DRV:64bit: - [2008/02/29 16:59:32 | 001,252,352 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\agrsm64.sys -- (AgereSoftModem) DRV:64bit: - [2007/12/20 18:10:50 | 000,028,200 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UVCFTR_S.SYS -- (UVCFTR) DRV:64bit: - [2007/12/11 16:03:36 | 000,027,272 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\tdcmdpst.sys -- (tdcmdpst) DRV:64bit: - [2007/12/06 20:12:56 | 000,320,048 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP) DRV:64bit: - [2007/11/09 16:00:30 | 000,026,968 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\TVALZ_O.SYS -- (TVALZ) DRV:64bit: - [2006/11/20 00:11:06 | 000,008,704 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\FwLnk.sys -- (FwLnk) DRV:64bit: - [2006/11/09 01:34:00 | 000,237,568 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\kr10n64.sys -- (KR10N64) DRV:64bit: - [2006/11/09 01:33:00 | 000,248,320 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\kr10i64.sys -- (KR10I64) DRV:64bit: - [2006/09/18 16:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs) DRV - [2010/10/19 10:14:14 | 000,034,560 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWow64\drivers\Normandy.sys -- (Normandy) DRV - [2010/01/11 14:11:46 | 000,041,280 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\PCASp50a64.sys -- (PCASp50a64) DRV - [2007/10/15 16:36:07 | 000,019,712 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys -- (MREMP50) DRV - [2007/10/15 16:36:07 | 000,018,304 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys -- (MRESP50) DRV - [2005/01/03 01:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?br...B&bmod=TSHB IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?br...B&bmod=TSHB IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?br...B&bmod=TSHB IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = www.bing.com [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Bing" FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=VE3D01&q=" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.bing.com/" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.3 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files (x86)\MyWebSearch\bar\1.bin File not found FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/10/10 19:29:11 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/10/13 09:47:11 | 000,000,000 | ---D | M] [2010/09/22 17:18:19 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\Mozilla\Extensions [2010/09/22 17:18:19 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\Mozilla\Extensions\IMVUClientXUL@imvu.com [2010/02/16 11:31:35 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org [2010/10/18 23:34:33 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\Mozilla\Firefox\Profiles\mgr9egbp.default\extensions [2010/08/28 16:55:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Deb\AppData\Roaming\Mozilla\Firefox\Profiles\mgr9egbp.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2010/09/14 12:03:34 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Deb\AppData\Roaming\Mozilla\Firefox\Profiles\mgr9egbp.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2010/08/28 16:55:47 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Deb\AppData\Roaming\Mozilla\Firefox\Profiles\mgr9egbp.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010/09/01 21:35:35 | 000,001,820 | ---- | M] () -- C:\Users\Deb\AppData\Roaming\Mozilla\Firefox\Profiles\mgr9egbp.default\searchplugins\bing.xml [2010/10/17 23:07:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions [2010/06/16 21:16:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010/08/20 19:42:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010/10/17 23:07:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010/09/15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll [2010/01/13 17:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll O1 HOSTS File: ([2006/09/18 16:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe () O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [iAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe () O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe () O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.) O4:64bit: - HKLM..\Run: [smoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony) O4 - HKLM..\Run: [cfFncEnabler.exe] File not found O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [jswtrayutil] C:\Program Files (x86)\Jumpstart\jswtrayutil.exe File not found O4 - HKLM..\Run: [NDSTray.exe] File not found O4 - HKLM..\Run: [RDVCHG] C:\Program Files (x86)\Sprint\Sprint SmartView\RDVCHG.exe (C-motech Co.,Ltd) O4 - HKLM..\Run: [sprint SmartView] C:\Program Files (x86)\Sprint\Sprint SmartView\SprintSV.exe (Sprint) O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe File not found O4 - HKCU..\Run: [bitTorrent DNA] C:\Program Files (x86)\DNA\btdna.exe (BitTorrent, Inc.) O4 - HKCU..\Run: [DW6] C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe File not found O4 - HKCU..\Run: [KOO9RV9K4Z] C:\Users\Deb\AppData\Local\Temp\Gt1.exe (Trend Micro Inc.) O4 - HKCU..\Run: [sMH2B46TDP] C:\Users\Deb\AppData\Local\Temp\Gt0.exe (Trend Micro Inc.) O4 - HKCU..\Run: [TOSCDSPD] File not found O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found O4 - HKCU..\RunOnce: [10727299] C:\Users\Deb\AppData\Local\10727299.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAEAFE12-7726-4C39-B620-2601216CFBB5} http://phughescw.hughes.motive.com/wizlet/.../Mcci_6-1-0.cab (McciContext Class) O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_06) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://www.popcap.com/webgames/popcaploader_v10.cab (PopCapLoader Object) O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll () O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{40507e3e-aa37-11df-92dd-8ef50315eb1f}\Shell - "" = AutoRun O33 - MountPoints2\{40507e3e-aa37-11df-92dd-8ef50315eb1f}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 90 Days ========== [2010/10/19 12:34:51 | 000,196,608 | ---- | C] (Trend Micro Inc.) -- C:\Windows\Gmupoc.exe [2010/10/19 11:10:52 | 000,196,608 | ---- | C] (Trend Micro Inc.) -- C:\Windows\Gmupob.exe [2010/10/19 10:03:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DNA [2010/10/19 10:03:10 | 000,196,608 | ---- | C] (Trend Micro Inc.) -- C:\Windows\Gmupoa.exe [2010/10/16 20:55:00 | 000,000,000 | ---D | C] -- C:\Users\Deb\Desktop\Deb [2010/10/15 17:24:35 | 000,000,000 | ---D | C] -- C:\Users\Deb\Desktop\2010-10-15 [2010/10/15 16:23:13 | 000,000,000 | ---D | C] -- C:\Users\Deb\Desktop\Moi [2010/10/09 21:15:07 | 000,000,000 | ---D | C] -- C:\Users\Deb\Desktop\embalming [2010/10/09 20:35:03 | 000,000,000 | ---D | C] -- C:\Users\Deb\Desktop\Abandoned [2010/10/09 18:47:35 | 000,000,000 | ---D | C] -- C:\Users\Deb\Desktop\Devices [2010/10/07 17:47:24 | 000,000,000 | ---D | C] -- C:\Users\Deb\Desktop\miscfb [2010/10/07 16:21:56 | 000,000,000 | ---D | C] -- C:\Users\Deb\Desktop\Specimens [2010/10/07 16:02:07 | 000,000,000 | ---D | C] -- C:\Users\Deb\Desktop\taxidermy [2010/10/06 21:43:05 | 000,000,000 | ---D | C] -- C:\Users\Deb\AppData\Roaming\Raptr [2010/10/06 21:43:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Raptr [2010/09/22 17:35:57 | 000,000,000 | ---D | C] -- C:\Users\Deb\AppData\Roaming\Vivox [2010/09/08 11:25:40 | 000,000,000 | ---D | C] -- C:\Users\Deb\AppData\Local\vSide [2010/09/03 22:52:59 | 000,000,000 | ---D | C] -- C:\Users\Deb\Desktop\DivX [2010/09/02 19:19:20 | 000,000,000 | ---D | C] -- C:\Program Files\DivX [2010/09/01 11:29:28 | 000,000,000 | ---D | C] -- C:\Users\Deb\AppData\Local\IsolatedStorage [2010/09/01 11:28:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Virtual Earth 3D [2010/08/22 13:27:15 | 000,000,000 | ---D | C] -- C:\Users\Deb\AppData\Roaming\Toshiba [2010/08/22 12:27:54 | 000,000,000 | ---D | C] -- C:\Users\Deb\Desktop\tempmovie [2010/08/20 19:37:04 | 000,000,000 | ---D | C] -- C:\Users\Deb\AppData\Roaming\LimeWire [2010/08/19 19:04:48 | 000,000,000 | ---D | C] -- C:\Users\Deb\Desktop\limewiremusic [2010/08/18 11:54:05 | 000,000,000 | ---D | C] -- C:\Users\Deb\Desktop\Temporary Downloaded Files [2010/08/18 10:21:27 | 000,000,000 | ---D | C] -- C:\Windows\SQLTools9_KB970892_ENU [2010/08/18 10:19:19 | 000,000,000 | ---D | C] -- C:\Windows\SQL9_KB970892_ENU [2010/08/17 16:02:05 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ [2010/08/17 15:53:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache [2010/08/03 21:48:17 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2010/07/24 21:48:24 | 000,000,000 | ---D | C] -- C:\Users\Deb\Desktop\subha [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 90 Days ========== [2010/10/19 12:38:00 | 000,000,278 | -H-- | M] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2010/10/19 12:34:26 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010/10/19 12:34:26 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010/10/19 12:34:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010/10/19 12:34:14 | 4156,551,168 | -HS- | M] () -- C:\hiberfil.sys [2010/10/19 12:30:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-389025536-2933004900-1149884802-1000UA.job [2010/10/19 10:30:00 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-389025536-2933004900-1149884802-1000Core.job [2010/10/19 10:14:14 | 000,034,560 | ---- | M] () -- C:\Windows\SysWow64\drivers\Normandy.sys [2010/10/18 23:08:40 | 000,196,608 | ---- | M] (Trend Micro Inc.) -- C:\Windows\Gmupoc.exe [2010/10/18 23:08:40 | 000,196,608 | ---- | M] (Trend Micro Inc.) -- C:\Windows\Gmupob.exe [2010/10/18 23:08:40 | 000,196,608 | ---- | M] (Trend Micro Inc.) -- C:\Windows\Gmupoa.exe [2010/10/18 23:07:51 | 001,193,472 | ---- | M] () -- C:\Users\Deb\AppData\Local\10727299.exe [2010/10/15 17:29:47 | 000,005,120 | ---- | M] () -- C:\Users\Deb\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/10/15 17:26:02 | 000,769,072 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010/10/15 17:26:02 | 000,651,210 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010/10/15 17:26:02 | 000,121,692 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010/10/15 09:54:59 | 000,406,760 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2010/10/13 09:47:11 | 000,001,888 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010/10/09 23:23:50 | 000,001,558 | ---- | M] () -- C:\Users\Deb\Desktop\LastChaos.lnk [2010/10/03 15:25:49 | 000,001,727 | ---- | M] () -- C:\Users\Deb\Desktop\LimeWire 5.5.16.lnk [2010/09/23 19:25:36 | 000,002,043 | ---- | M] () -- C:\Users\Deb\Desktop\Google Chrome.lnk [2010/09/23 19:25:36 | 000,002,005 | ---- | M] () -- C:\Users\Deb\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2010/09/21 18:54:00 | 000,005,245 | ---- | M] () -- C:\Users\Deb\.recently-used.xbel [2010/09/20 12:16:09 | 000,010,816 | ---- | M] () -- C:\Users\Deb\Desktop\psychchart2.xlsx [2010/09/20 07:14:32 | 000,316,416 | ---- | M] () -- C:\Windows\SysNative\msshsq.dll [2010/09/17 13:30:24 | 000,020,958 | ---- | M] () -- C:\Users\Deb\Desktop\Shampoochart3.xlsx [2010/09/16 19:54:01 | 000,010,495 | ---- | M] () -- C:\Users\Deb\Desktop\Piechart1.xlsx [2010/09/10 12:30:57 | 013,425,152 | ---- | M] () -- C:\Windows\SysNative\wmp.dll [2010/09/10 10:52:05 | 008,147,968 | ---- | M] () -- C:\Windows\SysNative\wmploc.DLL [2010/09/08 01:39:23 | 000,243,712 | ---- | M] () -- C:\Windows\SysNative\occache.dll [2010/09/08 01:37:26 | 000,096,768 | ---- | M] () -- C:\Windows\SysNative\mshtmled.dll [2010/09/08 01:37:23 | 000,710,656 | ---- | M] () -- C:\Windows\SysNative\msfeeds.dll [2010/09/08 01:36:53 | 000,056,832 | ---- | M] () -- C:\Windows\SysNative\licmgr10.dll [2010/09/08 01:36:38 | 001,538,560 | ---- | M] () -- C:\Windows\SysNative\inetcpl.cpl [2010/09/08 01:36:24 | 000,219,136 | ---- | M] () -- C:\Windows\SysNative\ieui.dll [2010/09/08 01:36:24 | 000,132,096 | ---- | M] () -- C:\Windows\SysNative\iesysprep.dll [2010/09/08 01:36:23 | 000,252,416 | ---- | M] () -- C:\Windows\SysNative\iepeers.dll [2010/09/08 01:36:23 | 000,077,312 | ---- | M] () -- C:\Windows\SysNative\iesetup.dll [2010/09/08 01:36:23 | 000,072,192 | ---- | M] () -- C:\Windows\SysNative\iernonce.dll [2010/09/08 00:36:07 | 000,479,232 | ---- | M] () -- C:\Windows\SysNative\html.iec [2010/09/07 23:51:18 | 000,162,816 | ---- | M] () -- C:\Windows\SysNative\ieUnatt.exe [2010/09/07 23:51:01 | 000,070,656 | ---- | M] () -- C:\Windows\SysNative\ie4uinit.exe [2010/09/07 23:50:15 | 000,012,288 | ---- | M] () -- C:\Windows\SysNative\msfeedssync.exe [2010/09/06 10:59:19 | 000,012,288 | ---- | M] () -- C:\Windows\SysNative\sscore.dll [2010/09/06 10:57:48 | 000,017,920 | ---- | M] () -- C:\Windows\SysNative\netevent.dll [2010/09/02 19:42:09 | 000,001,727 | ---- | M] () -- C:\Users\Deb\Application Data\Microsoft\Internet Explorer\Quick Launch\LimeWire 5.5.14.lnk [2010/09/01 11:29:02 | 000,001,921 | ---- | M] () -- C:\Users\Public\Desktop\Bing Maps 3D.lnk [2010/08/31 10:21:34 | 000,633,856 | ---- | M] () -- C:\Windows\SysNative\comctl32.dll [2010/08/26 11:27:46 | 000,189,952 | ---- | M] () -- C:\Windows\SysNative\t2embed.dll [2010/08/20 10:56:01 | 001,090,048 | ---- | M] () -- C:\Windows\SysNative\wmpmde.dll [2010/08/19 11:19:39 | 000,709,336 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010/08/03 21:48:17 | 453,231,341 | ---- | M] () -- C:\Windows\MEMORY.DMP [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2010/10/19 10:10:15 | 000,034,560 | ---- | C] () -- C:\Windows\SysWow64\drivers\Normandy.sys [2010/10/18 23:08:43 | 000,000,278 | -H-- | C] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2010/10/18 23:07:51 | 001,193,472 | ---- | C] () -- C:\Users\Deb\AppData\Local\10727299.exe [2010/10/14 09:51:56 | 000,316,416 | ---- | C] () -- C:\Windows\SysNative\msshsq.dll [2010/10/13 14:08:08 | 001,923,584 | ---- | C] () -- C:\Windows\SysNative\ole32.dll [2010/10/13 14:08:02 | 000,189,952 | ---- | C] () -- C:\Windows\SysNative\t2embed.dll [2010/10/13 14:08:00 | 000,633,856 | ---- | C] () -- C:\Windows\SysNative\comctl32.dll [2010/10/13 14:07:57 | 002,751,488 | ---- | C] () -- C:\Windows\SysNative\win32k.sys [2010/10/13 14:07:47 | 013,425,152 | ---- | C] () -- C:\Windows\SysNative\wmp.dll [2010/10/13 14:07:33 | 008,147,968 | ---- | C] () -- C:\Windows\SysNative\wmploc.DLL [2010/10/13 14:07:22 | 009,257,472 | ---- | C] () -- C:\Windows\SysNative\mshtml.dll [2010/10/13 14:07:20 | 012,474,368 | ---- | C] () -- C:\Windows\SysNative\ieframe.dll [2010/10/13 14:07:16 | 001,486,848 | ---- | C] () -- C:\Windows\SysNative\urlmon.dll [2010/10/13 14:07:16 | 000,710,656 | ---- | C] () -- C:\Windows\SysNative\msfeeds.dll [2010/10/13 14:07:16 | 000,479,232 | ---- | C] () -- C:\Windows\SysNative\html.iec [2010/10/13 14:07:15 | 001,147,904 | ---- | C] () -- C:\Windows\SysNative\wininet.dll [2010/10/13 14:07:14 | 000,096,768 | ---- | C] () -- C:\Windows\SysNative\mshtmled.dll [2010/10/13 14:07:14 | 000,056,832 | ---- | C] () -- C:\Windows\SysNative\licmgr10.dll [2010/10/13 14:07:12 | 002,335,744 | ---- | C] () -- C:\Windows\SysNative\iertutil.dll [2010/10/13 14:07:12 | 001,538,560 | ---- | C] () -- C:\Windows\SysNative\inetcpl.cpl [2010/10/13 14:07:12 | 001,062,912 | ---- | C] () -- C:\Windows\SysNative\mstime.dll [2010/10/13 14:07:12 | 000,459,776 | ---- | C] () -- C:\Windows\SysNative\iedkcs32.dll [2010/10/13 14:07:12 | 000,252,416 | ---- | C] () -- C:\Windows\SysNative\iepeers.dll [2010/10/13 14:07:12 | 000,243,712 | ---- | C] () -- C:\Windows\SysNative\occache.dll [2010/10/13 14:07:12 | 000,219,136 | ---- | C] () -- C:\Windows\SysNative\ieui.dll [2010/10/13 14:07:12 | 000,077,312 | ---- | C] () -- C:\Windows\SysNative\iesetup.dll [2010/10/13 14:07:12 | 000,072,192 | ---- | C] () -- C:\Windows\SysNative\iernonce.dll [2010/10/13 14:07:12 | 000,071,680 | ---- | C] () -- C:\Windows\SysNative\msfeedsbs.dll [2010/10/13 14:07:12 | 000,031,744 | ---- | C] () -- C:\Windows\SysNative\jsproxy.dll [2010/10/13 14:07:11 | 000,162,816 | ---- | C] () -- C:\Windows\SysNative\ieUnatt.exe [2010/10/13 14:07:11 | 000,132,096 | ---- | C] () -- C:\Windows\SysNative\iesysprep.dll [2010/10/13 14:07:10 | 001,638,912 | ---- | C] () -- C:\Windows\SysNative\mshtml.tlb [2010/10/13 14:07:10 | 000,070,656 | ---- | C] () -- C:\Windows\SysNative\ie4uinit.exe [2010/10/13 14:07:10 | 000,012,288 | ---- | C] () -- C:\Windows\SysNative\msfeedssync.exe [2010/10/13 14:07:04 | 000,461,824 | ---- | C] () -- C:\Windows\SysNative\drivers\srv.sys [2010/10/13 14:07:04 | 000,179,712 | ---- | C] () -- C:\Windows\SysNative\srvsvc.dll [2010/10/13 14:07:04 | 000,175,104 | ---- | C] () -- C:\Windows\SysNative\drivers\srv2.sys [2010/10/13 14:07:04 | 000,144,896 | ---- | C] () -- C:\Windows\SysNative\drivers\srvnet.sys [2010/10/13 14:07:04 | 000,017,920 | ---- | C] () -- C:\Windows\SysNative\netevent.dll [2010/10/13 14:07:04 | 000,012,288 | ---- | C] () -- C:\Windows\SysNative\sscore.dll [2010/10/13 14:07:00 | 000,343,040 | ---- | C] () -- C:\Windows\SysNative\schannel.dll [2010/10/13 14:06:59 | 001,090,048 | ---- | C] () -- C:\Windows\SysNative\wmpmde.dll [2010/10/13 09:47:11 | 000,001,888 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010/10/03 15:25:49 | 000,001,727 | ---- | C] () -- C:\Users\Deb\Desktop\LimeWire 5.5.16.lnk [2010/09/28 13:43:04 | 000,002,048 | ---- | C] () -- C:\Windows\SysNative\tzres.dll [2010/09/22 21:10:10 | 000,334,432 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistMSI57F9.txt [2010/09/22 21:10:10 | 000,011,182 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistUI57F9.txt [2010/09/21 18:54:00 | 000,005,245 | ---- | C] () -- C:\Users\Deb\.recently-used.xbel [2010/09/17 13:30:23 | 000,020,958 | ---- | C] () -- C:\Users\Deb\Desktop\Shampoochart3.xlsx [2010/09/16 20:21:19 | 000,010,816 | ---- | C] () -- C:\Users\Deb\Desktop\psychchart2.xlsx [2010/09/16 19:49:16 | 000,010,495 | ---- | C] () -- C:\Users\Deb\Desktop\Piechart1.xlsx [2010/09/15 15:51:05 | 000,295,424 | ---- | C] () -- C:\Windows\SysNative\MP4SDECD.DLL [2010/09/15 15:51:04 | 000,975,360 | ---- | C] () -- C:\Windows\SysNative\inetcomm.dll [2010/09/15 15:50:59 | 000,267,776 | ---- | C] () -- C:\Windows\SysNative\spoolsv.exe [2010/09/15 15:50:57 | 000,622,080 | ---- | C] () -- C:\Windows\SysNative\usp10.dll [2010/09/09 16:29:14 | 000,332,902 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistMSI0939.txt [2010/09/09 16:29:14 | 000,011,118 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistUI0939.txt [2010/09/02 19:42:09 | 000,001,727 | ---- | C] () -- C:\Users\Deb\Application Data\Microsoft\Internet Explorer\Quick Launch\LimeWire 5.5.14.lnk [2010/09/01 11:29:02 | 000,001,921 | ---- | C] () -- C:\Users\Public\Desktop\Bing Maps 3D.lnk [2010/08/23 15:18:10 | 000,335,566 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistMSI228F.txt [2010/08/23 15:18:09 | 000,011,230 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistUI228F.txt [2010/08/19 12:41:13 | 000,442,368 | ---- | C] () -- C:\Windows\SysNative\winhttp.dll [2010/08/19 12:06:26 | 000,024,064 | ---- | C] () -- C:\Windows\SysNative\wsepno.dll [2010/08/19 12:06:26 | 000,012,288 | ---- | C] () -- C:\Windows\SysNative\msshooks.dll [2010/08/19 12:06:25 | 000,106,605 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin [2010/08/19 12:06:25 | 000,106,605 | ---- | C] () -- C:\Windows\SysNative\StructuredQuerySchema.bin [2010/08/19 12:06:25 | 000,080,896 | ---- | C] () -- C:\Windows\SysNative\propdefs.dll [2010/08/19 12:06:25 | 000,067,072 | ---- | C] () -- C:\Windows\SysNative\xmlfilter.dll [2010/08/19 12:06:25 | 000,044,544 | ---- | C] () -- C:\Windows\SysNative\msscb.dll [2010/08/19 12:06:25 | 000,043,008 | ---- | C] () -- C:\Windows\SysNative\rtffilt.dll [2010/08/19 12:06:25 | 000,037,376 | ---- | C] () -- C:\Windows\SysNative\mimefilt.dll [2010/08/19 12:06:25 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin [2010/08/19 12:06:25 | 000,018,904 | ---- | C] () -- C:\Windows\SysNative\StructuredQuerySchemaTrivial.bin [2010/08/19 12:06:23 | 001,676,800 | ---- | C] () -- C:\Windows\SysNative\chsbrkr.dll [2010/08/19 12:06:23 | 000,087,552 | ---- | C] () -- C:\Windows\SysNative\mssitlb.dll [2010/08/19 12:06:23 | 000,040,448 | ---- | C] () -- C:\Windows\SysNative\mssprxy.dll [2010/08/19 12:06:22 | 000,921,088 | ---- | C] () -- C:\Windows\SysNative\propsys.dll [2010/08/19 12:06:22 | 000,347,648 | ---- | C] () -- C:\Windows\SysNative\srchadmin.dll [2010/08/19 12:06:22 | 000,317,440 | ---- | C] () -- C:\Windows\SysNative\thawbrkr.dll [2010/08/19 12:06:22 | 000,280,064 | ---- | C] () -- C:\Windows\SysNative\offfilt.dll [2010/08/19 12:06:22 | 000,181,248 | ---- | C] () -- C:\Windows\SysNative\nlhtml.dll [2010/08/19 12:06:22 | 000,180,736 | ---- | C] () -- C:\Windows\SysNative\korwbrkr.dll [2010/08/19 12:06:21 | 011,967,524 | ---- | C] () -- C:\Windows\SysWow64\korwbrkr.lex [2010/08/19 12:06:21 | 011,967,524 | ---- | C] () -- C:\Windows\SysNative\korwbrkr.lex [2010/08/19 12:06:21 | 006,100,480 | ---- | C] () -- C:\Windows\SysNative\chtbrkr.dll [2010/08/19 12:06:21 | 000,796,672 | ---- | C] () -- C:\Windows\SysNative\mssvp.dll [2010/08/19 12:06:21 | 000,498,176 | ---- | C] () -- C:\Windows\SysNative\mssph.dll [2010/08/19 12:06:21 | 000,312,832 | ---- | C] () -- C:\Windows\SysNative\mssphtb.dll [2010/08/19 12:06:21 | 000,258,560 | ---- | C] () -- C:\Windows\SysNative\SearchProtocolHost.exe [2010/08/19 12:06:21 | 000,112,128 | ---- | C] () -- C:\Windows\SysNative\SearchFilterHost.exe [2010/08/19 12:06:21 | 000,078,848 | ---- | C] () -- C:\Windows\SysNative\msstrc.dll [2010/08/19 12:06:21 | 000,073,728 | ---- | C] () -- C:\Windows\SysNative\msscntrs.dll [2010/08/19 12:06:20 | 002,209,792 | ---- | C] () -- C:\Windows\SysNative\tquery.dll [2010/08/19 12:06:20 | 002,176,512 | ---- | C] () -- C:\Windows\SysNative\mssrch.dll [2010/08/19 12:06:20 | 000,598,016 | ---- | C] () -- C:\Windows\SysNative\SearchIndexer.exe [2010/08/19 11:42:26 | 000,032,768 | ---- | C] () -- C:\Windows\SysNative\nshhttp.dll [2010/08/19 11:42:23 | 000,610,304 | ---- | C] () -- C:\Windows\SysNative\drivers\http.sys [2010/08/19 11:42:23 | 000,033,792 | ---- | C] () -- C:\Windows\SysNative\httpapi.dll [2010/08/19 11:30:00 | 000,227,328 | ---- | C] () -- C:\Windows\SysNative\mpg2splt.ax [2010/08/19 11:30:00 | 000,101,376 | ---- | C] () -- C:\Windows\SysNative\MSNP.ax [2010/08/19 11:29:57 | 000,375,808 | ---- | C] () -- C:\Windows\SysNative\psisdecd.dll [2010/08/19 11:29:56 | 000,558,592 | ---- | C] () -- C:\Windows\SysNative\EncDec.dll [2010/08/19 11:29:56 | 000,289,792 | ---- | C] () -- C:\Windows\SysNative\psisrndr.ax [2010/08/19 11:27:35 | 001,942,856 | ---- | C] () -- C:\Windows\SysNative\dfshim.dll [2010/08/19 11:27:35 | 000,444,752 | ---- | C] () -- C:\Windows\SysNative\mscoree.dll [2010/08/19 11:27:35 | 000,320,352 | ---- | C] () -- C:\Windows\SysNative\PresentationHost.exe [2010/08/19 11:27:35 | 000,109,912 | ---- | C] () -- C:\Windows\SysNative\PresentationHostProxy.dll [2010/08/19 11:27:35 | 000,048,960 | ---- | C] () -- C:\Windows\SysNative\netfxperf.dll [2010/08/18 19:29:55 | 000,295,936 | ---- | C] () -- C:\Windows\SysNative\raschap.dll [2010/08/18 19:29:55 | 000,280,576 | ---- | C] () -- C:\Windows\SysNative\rastls.dll [2010/08/18 19:29:36 | 000,372,736 | ---- | C] () -- C:\Windows\SysNative\unregmp2.exe [2010/08/18 19:28:43 | 001,420,176 | ---- | C] () -- C:\Windows\SysNative\drivers\tcpip.sys [2010/08/18 19:28:40 | 001,691,648 | ---- | C] () -- C:\Windows\SysNative\connect.dll [2010/08/18 19:28:32 | 000,054,272 | ---- | C] () -- C:\Windows\SysNative\iyuv_32.dll [2010/08/18 19:28:32 | 000,038,400 | ---- | C] () -- C:\Windows\SysNative\msvidc32.dll [2010/08/18 19:28:32 | 000,025,600 | ---- | C] () -- C:\Windows\SysNative\msyuv.dll [2010/08/18 19:28:31 | 000,108,544 | ---- | C] () -- C:\Windows\SysNative\avifil32.dll [2010/08/18 19:28:31 | 000,093,184 | ---- | C] () -- C:\Windows\SysNative\mciavi32.dll [2010/08/18 19:28:31 | 000,076,800 | ---- | C] () -- C:\Windows\SysNative\avicap32.dll [2010/08/18 19:28:31 | 000,015,872 | ---- | C] () -- C:\Windows\SysNative\msrle32.dll [2010/08/18 19:28:31 | 000,013,824 | ---- | C] () -- C:\Windows\SysNative\tsbyuv.dll [2010/08/18 19:28:30 | 000,143,360 | ---- | C] () -- C:\Windows\SysNative\msvfw32.dll [2010/08/18 19:27:57 | 000,817,664 | ---- | C] () -- C:\Windows\SysNative\jscript.dll [2010/08/18 19:27:44 | 000,032,256 | ---- | C] () -- C:\Windows\SysNative\Apphlpdm.dll [2010/08/18 19:27:42 | 004,240,384 | ---- | C] () -- C:\Windows\SysNative\GameUXLegacyGDFs.dll [2010/08/18 19:27:30 | 000,366,080 | ---- | C] () -- C:\Windows\SysNative\atmfd.dll [2010/08/18 19:27:30 | 000,096,256 | ---- | C] () -- C:\Windows\SysNative\fontsub.dll [2010/08/18 19:27:30 | 000,048,128 | ---- | C] () -- C:\Windows\SysNative\atmlib.dll [2010/08/18 19:27:22 | 000,818,688 | ---- | C] () -- C:\Windows\SysNative\WMSPDMOD.DLL [2010/08/18 19:27:20 | 000,437,248 | ---- | C] () -- C:\Windows\SysNative\WSDApi.dll [2010/08/18 19:27:13 | 000,656,384 | ---- | C] () -- C:\Windows\SysNative\kerberos.dll [2010/08/18 19:26:55 | 000,084,480 | ---- | C] () -- C:\Windows\SysNative\asycfilt.dll [2010/08/18 19:26:52 | 012,898,304 | ---- | C] () -- C:\Windows\SysNative\shell32.dll [2010/08/18 19:26:39 | 000,273,920 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb10.sys [2010/08/18 19:26:39 | 000,135,168 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb.sys [2010/08/18 19:26:39 | 000,105,472 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb20.sys [2010/08/18 19:26:33 | 000,612,864 | ---- | C] () -- C:\Windows\SysNative\vbscript.dll [2010/08/18 19:26:32 | 000,050,688 | ---- | C] () -- C:\Windows\SysNative\rtutils.dll [2010/08/18 19:26:13 | 004,690,832 | ---- | C] () -- C:\Windows\SysNative\ntoskrnl.exe [2010/08/18 19:26:10 | 000,324,608 | ---- | C] () -- C:\Windows\SysNative\PortableDeviceApi.dll [2010/08/18 19:26:01 | 002,423,296 | ---- | C] () -- C:\Windows\SysNative\mstscax.dll [2010/08/18 19:25:57 | 000,880,640 | ---- | C] () -- C:\Windows\SysNative\timedate.cpl [2010/08/18 19:25:52 | 000,594,944 | ---- | C] () -- C:\Windows\SysNative\RMActivate_isv.exe [2010/08/18 19:25:52 | 000,594,432 | ---- | C] () -- C:\Windows\SysNative\RMActivate.exe [2010/08/18 19:25:51 | 000,413,696 | ---- | C] () -- C:\Windows\SysNative\RMActivate_ssp_isv.exe [2010/08/18 19:25:51 | 000,409,600 | ---- | C] () -- C:\Windows\SysNative\RMActivate_ssp.exe [2010/08/18 19:25:50 | 000,535,040 | ---- | C] () -- C:\Windows\SysNative\secproc.dll [2010/08/18 19:25:50 | 000,534,016 | ---- | C] () -- C:\Windows\SysNative\secproc_isv.dll [2010/08/18 19:25:50 | 000,457,216 | ---- | C] () -- C:\Windows\SysNative\msdrm.dll [2010/08/18 19:25:50 | 000,159,232 | ---- | C] () -- C:\Windows\SysNative\secproc_ssp_isv.dll [2010/08/18 19:25:50 | 000,158,720 | ---- | C] () -- C:\Windows\SysNative\secproc_ssp.dll [2010/08/18 19:24:51 | 002,900,480 | ---- | C] () -- C:\Windows\SysNative\WMVCORE.DLL [2010/08/18 19:24:50 | 003,547,136 | ---- | C] () -- C:\Windows\SysNative\mf.dll [2010/08/18 19:24:43 | 001,692,160 | ---- | C] () -- C:\Windows\SysNative\lsasrv.dll [2010/08/18 19:24:43 | 000,268,800 | ---- | C] () -- C:\Windows\SysNative\msv1_0.dll [2010/08/18 19:24:42 | 000,205,312 | ---- | C] () -- C:\Windows\SysNative\wdigest.dll [2010/08/18 19:24:41 | 000,515,656 | ---- | C] () -- C:\Windows\SysNative\drivers\ksecdd.sys [2010/08/18 19:24:40 | 000,094,720 | ---- | C] () -- C:\Windows\SysNative\secur32.dll [2010/08/18 19:24:40 | 000,011,264 | ---- | C] () -- C:\Windows\SysNative\lsass.exe [2010/08/18 19:24:38 | 000,088,576 | ---- | C] () -- C:\Windows\SysNative\atl.dll [2010/08/18 19:24:13 | 000,141,312 | ---- | C] () -- C:\Windows\SysNative\netiohlp.dll [2010/08/18 19:24:13 | 000,032,256 | ---- | C] () -- C:\Windows\SysNative\NETSTAT.EXE [2010/08/18 19:24:13 | 000,023,040 | ---- | C] () -- C:\Windows\SysNative\ARP.EXE [2010/08/18 19:24:13 | 000,012,800 | ---- | C] () -- C:\Windows\SysNative\MRINFO.EXE [2010/08/18 19:24:12 | 000,021,504 | ---- | C] () -- C:\Windows\SysNative\ROUTE.EXE [2010/08/18 19:24:12 | 000,011,264 | ---- | C] () -- C:\Windows\SysNative\finger.exe [2010/08/18 19:24:12 | 000,010,752 | ---- | C] () -- C:\Windows\SysNative\TCPSVCS.EXE [2010/08/18 19:24:12 | 000,010,240 | ---- | C] () -- C:\Windows\SysNative\HOSTNAME.EXE [2010/08/18 19:23:34 | 001,875,456 | ---- | C] () -- C:\Windows\SysNative\msxml3.dll [2010/08/18 19:23:30 | 001,570,816 | ---- | C] () -- C:\Windows\SysNative\quartz.dll [2010/08/18 19:23:26 | 000,082,944 | ---- | C] () -- C:\Windows\SysNative\msasn1.dll [2010/08/18 19:23:23 | 000,202,752 | ---- | C] () -- C:\Windows\SysNative\wkssvc.dll [2010/08/18 19:23:21 | 000,218,112 | ---- | C] () -- C:\Windows\SysNative\wintrust.dll [2010/08/18 19:22:25 | 000,104,960 | ---- | C] () -- C:\Windows\SysNative\cabview.dll [2010/08/18 19:04:10 | 000,072,192 | ---- | C] () -- C:\Windows\SysNative\l3codeca.acm [2010/08/18 19:03:57 | 000,368,128 | ---- | C] () -- C:\Windows\SysNative\wmpdxm.dll [2010/08/18 19:03:55 | 000,009,216 | ---- | C] () -- C:\Windows\SysNative\spwmp.dll [2010/08/18 19:03:55 | 000,005,120 | ---- | C] () -- C:\Windows\SysNative\msdxm.ocx [2010/08/18 19:03:55 | 000,005,120 | ---- | C] () -- C:\Windows\SysNative\dxmasf.dll [2010/08/18 19:03:54 | 000,043,520 | ---- | C] () -- C:\Windows\SysNative\msdxm.tlb [2010/08/18 19:03:53 | 000,018,432 | ---- | C] () -- C:\Windows\SysNative\amcompat.tlb [2010/08/18 19:03:09 | 000,176,640 | ---- | C] () -- C:\Windows\SysNative\Faultrep.dll [2010/08/18 19:03:08 | 000,120,832 | ---- | C] () -- C:\Windows\SysNative\wersvc.dll [2010/08/18 19:02:52 | 000,470,016 | ---- | C] () -- C:\Windows\SysNative\PhotoMetadataHandler.dll [2010/08/18 19:02:48 | 000,386,560 | ---- | C] () -- C:\Windows\SysNative\WindowsCodecsExt.dll [2010/08/18 19:02:47 | 000,841,216 | ---- | C] () -- C:\Windows\SysNative\WindowsCodecs.dll [2010/08/18 19:02:29 | 002,608,803 | ---- | C] () -- C:\Windows\SysNative\wlan.tmf [2010/08/18 19:02:28 | 000,376,832 | ---- | C] () -- C:\Windows\SysNative\wlansec.dll [2010/08/18 19:02:28 | 000,353,280 | ---- | C] () -- C:\Windows\SysNative\wlanmsm.dll [2010/08/18 19:02:28 | 000,157,184 | ---- | C] () -- C:\Windows\SysNative\L2SecHC.dll [2010/08/18 19:02:27 | 000,615,936 | ---- | C] () -- C:\Windows\SysNative\wlansvc.dll [2010/08/18 19:02:27 | 000,097,792 | ---- | C] () -- C:\Windows\SysNative\wlanhlp.dll [2010/08/18 19:02:27 | 000,086,528 | ---- | C] () -- C:\Windows\SysNative\wlanapi.dll [2010/08/17 16:00:59 | 000,235,520 | ---- | C] () -- C:\Windows\SysNative\CNMLM82.DLL [2010/08/03 21:47:00 | 453,231,341 | ---- | C] () -- C:\Windows\MEMORY.DMP [2010/07/27 20:40:54 | 000,001,558 | ---- | C] () -- C:\Users\Deb\Desktop\LastChaos.lnk [2010/07/02 16:08:08 | 000,334,802 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistMSI69E3.txt [2010/07/02 16:08:07 | 000,011,198 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistUI69E3.txt [2010/06/02 15:20:09 | 000,005,120 | ---- | C] () -- C:\Users\Deb\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/05/24 15:39:15 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2010/05/10 16:30:38 | 000,335,192 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistMSI4E12.txt [2010/05/10 16:30:38 | 000,011,214 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistUI4E12.txt [2010/05/01 10:13:38 | 008,892,928 | ---- | C] () -- C:\ProgramData\atscie.msi [2010/04/26 11:43:44 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010/04/23 09:39:09 | 000,334,098 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistMSI62DF.txt [2010/04/23 09:39:09 | 000,011,182 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistUI62DF.txt [2010/04/08 22:44:55 | 000,010,562 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistUI2848.txt [2010/04/08 22:44:54 | 000,424,098 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistMSI2845.txt [2010/04/08 22:44:54 | 000,011,390 | ---- | C] () -- C:\Users\Deb\AppData\Local\dd_vcredistUI2845.txt [2009/06/01 22:19:36 | 000,709,336 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2009/05/28 13:27:18 | 000,000,013 | RHS- | C] () -- C:\Windows\SysWow64\drivers\fbd.sys [2009/04/23 06:14:31 | 000,128,113 | ---- | C] () -- C:\Windows\SysWow64\csellang.ini [2009/04/23 06:14:31 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\csellang.dll [2009/04/23 06:14:31 | 000,007,671 | ---- | C] () -- C:\Windows\SysWow64\cseltbl.ini [2008/09/15 19:14:24 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll [2008/09/15 19:11:10 | 000,012,288 | ---- | C] () -- C:\Windows\SysWow64\DivXWMPExtType.dll [2008/08/18 13:37:34 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI [2008/08/18 13:23:51 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeW7.dll [2008/08/18 13:23:51 | 000,200,704 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeA6.dll [2008/08/18 13:23:51 | 000,192,512 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeP6.dll [2008/08/18 13:23:51 | 000,192,512 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeM6.dll [2008/08/18 13:23:51 | 000,188,416 | ---- | C] () -- C:\Windows\SysWow64\IVIresizePX.dll [2008/08/18 13:23:51 | 000,020,480 | ---- | C] () -- C:\Windows\SysWow64\IVIresize.dll [2008/01/20 21:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini [2008/01/20 21:49:49 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll ========== LOP Check ========== [2010/02/17 18:32:53 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\Ambient Design [2010/10/16 22:02:19 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\BitTorrent [2010/05/24 15:40:39 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\Bytemobile [2009/06/01 19:39:41 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2010/10/19 12:34:55 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\DNA [2010/07/31 15:18:55 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\GetRightToGo [2010/09/21 18:54:00 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\gtk-2.0 [2009/11/26 19:17:43 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\ijjigame [2010/10/18 23:16:52 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\LimeWire [2010/03/25 21:39:17 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\Opera [2010/03/10 11:29:40 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\PhotoFiltre [2010/10/17 23:25:06 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\Raptr [2010/05/24 15:39:03 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\Sierra Wireless [2009/12/02 10:12:05 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\SiteRanker [2010/08/22 13:27:15 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\Toshiba [2010/09/22 17:35:57 | 000,000,000 | ---D | M] -- C:\Users\Deb\AppData\Roaming\Vivox [2010/10/19 12:33:12 | 000,032,614 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2010/10/19 12:38:00 | 000,000,278 | -H-- | M] () -- C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2 @Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:A8ADE5D8 < End of report >
  8. 64bit. Windows Vista home premium Intel® Pentium® Dual CPU T3400 @2.16GHz Mobile intel® 4 series express chipset family
  9. I got another 'security failure' message... won't let me change or fix anything.
  10. I keep getting an 'error loading driver, NSTATUS code 0xc000036B
  11. Thank you so much for your help. The problem I am having is that this virus is preventing me from opening any program! I can not download OTl.. It is starting to send me to this blue screen telling me the computer must restart to protect it from further damage. how can I get around this so that I can load these programs?
  12. Thank you. I am not able to download programs or open anything. I'm afraid it's to late.
  13. I am effected with security tool.. scanned with malwarebytes, but did not work. it is now taking over. will not let me open any program and has sent me to this blue screen telling me it had to shut down in order to protect the computer.. how can i stop this? it is taking over. all help appreciated
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.