Go Back   Cyber Tech Help Support Forums > Software > Malware Removal

Notices

Malware Removal Discussion about Trojans, viruses, hoaxes, firewalls, spyware, and general Security issues. If you suspect your PC is infected with a virus, trojan or spyware app please include any supporting documentation or logs

Reply
 
Topic Tools
  #1  
Old January 27th, 2010, 08:21 PM
monka56's Avatar
monka56 monka56 is offline
Member
 
Join Date: Sep 2007
O/S: Windows Vista
Location: Wichita, Kansas
Posts: 44
monka56 - moved by schrauber

I am having the same problem. Have Vista OS, and use verizon USB mobile internet . This problem was present early when I used a wireless DSL connect too. Can or should I follow the same directions?
Reply With Quote
  #2  
Old January 27th, 2010, 08:26 PM
monka56's Avatar
monka56 monka56 is offline
Member
 
Join Date: Sep 2007
O/S: Windows Vista
Location: Wichita, Kansas
Posts: 44
My computer will also "load" the page, say it's done, but the screen will have the header bars but the page itself is blank, or the page will load up and within 10 seconds go blank as described before. Is this connected to the slow loading too?
Reply With Quote
  #3  
Old January 27th, 2010, 09:51 PM
schrauber's Avatar
schrauber schrauber is offline
CTH Subscriber
 
Join Date: Apr 2009
O/S: Windows 7 64-bit
Location: Germany
Age: 42
Posts: 5,017
Hello, monka56
Welcome to the CyberTechHelp Forums. My name is Thomas (Tom is fine), and I will be helping you fixing your problems.



Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools. Doing so could cause changes to the directions I have to give you and prolong the time required. Further more, you should not be taking any advice relating to this computer from any other source throughout the course of this fix.
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken.
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean". We do not want to clean you part-way, only to have the system re-infect itself.
  • Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.
  • Please set your system to show all files.
    Click Start, open My Computer, select the Tools menu and click Folder Options.
    Select the View Tab. Under the Hidden files and folders heading, select Show hidden files and folders.
    Uncheck: Hide file extensions for known file types
    Uncheck the Hide protected operating system files (recommended) option.
    Click Yes to confirm.




  1. Please download OTL from one of the following mirrors:
  2. Save it to your desktop.
  3. Double click on the icon on your desktop.
  4. Under the Custom Scan box paste this in
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    /md5stop
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
  5. Push the Quick Scan button.
  6. Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized
Reply With Quote
  #4  
Old January 28th, 2010, 01:06 AM
monka56's Avatar
monka56 monka56 is offline
Member
 
Join Date: Sep 2007
O/S: Windows Vista
Location: Wichita, Kansas
Posts: 44
Like I posted. slow at buffering videos, drops the page or rather page will go blank after loading, etc. It had "crashed last summer. Took it to the Geek squad. No virus found and was reloaded. Other than my backed-up photos can't be read I think everything seems the same
Reply With Quote
  #5  
Old January 28th, 2010, 09:23 PM
schrauber's Avatar
schrauber schrauber is offline
CTH Subscriber
 
Join Date: Apr 2009
O/S: Windows 7 64-bit
Location: Germany
Age: 42
Posts: 5,017
HI,

please follow the above instructions.
Reply With Quote
  #6  
Old January 29th, 2010, 09:10 PM
monka56's Avatar
monka56 monka56 is offline
Member
 
Join Date: Sep 2007
O/S: Windows Vista
Location: Wichita, Kansas
Posts: 44
have done the restore point and cleanmgr thing. No difference in how computer runs. what else can I do.
Reply With Quote
  #7  
Old January 30th, 2010, 01:17 PM
schrauber's Avatar
schrauber schrauber is offline
CTH Subscriber
 
Join Date: Apr 2009
O/S: Windows 7 64-bit
Location: Germany
Age: 42
Posts: 5,017
Please read my above instructions carefully, you should get 2 logfiles, please post back with the content of those logfiles.
Reply With Quote
  #8  
Old January 30th, 2010, 07:02 PM
monka56's Avatar
monka56 monka56 is offline
Member
 
Join Date: Sep 2007
O/S: Windows Vista
Location: Wichita, Kansas
Posts: 44
can't post, reply allows 20,000 characters and the first log is 47,800 long.
Reply With Quote
  #9  
Old January 30th, 2010, 07:04 PM
monka56's Avatar
monka56 monka56 is offline
Member
 
Join Date: Sep 2007
O/S: Windows Vista
Location: Wichita, Kansas
Posts: 44
the text log is 23600 long, so can't post that one either.
Reply With Quote
  #10  
Old January 30th, 2010, 07:30 PM
schrauber's Avatar
schrauber schrauber is offline
CTH Subscriber
 
Join Date: Apr 2009
O/S: Windows 7 64-bit
Location: Germany
Age: 42
Posts: 5,017
You can use several posts, if needed
Reply With Quote
  #11  
Old January 30th, 2010, 08:16 PM
monka56's Avatar
monka56 monka56 is offline
Member
 
Join Date: Sep 2007
O/S: Windows Vista
Location: Wichita, Kansas
Posts: 44
OTL logfile created on: 1/27/2010 6:17:47 PM - Run 1
OTL by OldTimer - Version 3.1.27.0 Folder = C:\Users\Donna\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 37.00% Memory free
5.00 Gb Paging File | 3.00 Gb Available in Paging File | 67.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 147.58 Gb Total Space | 25.81 Gb Free Space | 17.49% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 32.27 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DONNA-PC
Current User Name: Donna
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/01/27 18:13:49 | 00,548,864 | ---- | M] (OldTimer Tools) -- C:\Users\Donna\Downloads\OTL.exe
PRC - [2010/01/19 20:47:01 | 00,307,672 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/12/10 22:51:41 | 00,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009/12/08 16:25:28 | 00,093,320 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2009/11/09 23:22:00 | 00,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
PRC - [2009/11/09 19:50:34 | 02,676,072 | ---- | M] (Smith Micro, Inc.) -- C:\Program Files\V CAST Media Manager\MEMonitor.exe
PRC - [2009/10/24 22:26:22 | 01,020,248 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
PRC - [2009/10/24 22:26:22 | 00,689,416 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
PRC - [2009/10/24 22:26:21 | 00,497,008 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\TmPfw.exe
PRC - [2009/10/24 22:26:21 | 00,345,352 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe
PRC - [2009/10/24 22:26:20 | 00,715,368 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
PRC - [2009/09/21 17:36:12 | 00,305,440 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/09/21 17:36:02 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/09/10 08:58:25 | 00,168,960 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmplayer.exe
PRC - [2009/07/09 13:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/05/23 02:04:12 | 03,716,376 | ---- | M] (Smith Micro Software, Inc.) -- C:\Program Files\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe
PRC - [2009/04/11 00:28:08 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2009/04/11 00:27:58 | 01,169,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
PRC - [2009/04/11 00:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/04 00:57:50 | 00,292,440 | ---- | M] () -- C:\Program Files\SiteAdvisor\4295\SAService.exe
PRC - [2009/02/20 16:22:34 | 04,363,504 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
PRC - [2008/12/12 12:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/09/22 17:44:28 | 00,150,040 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2008/09/22 17:42:24 | 00,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
PRC - [2008/09/22 17:41:50 | 00,564,496 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
PRC - [2008/02/13 16:13:44 | 00,126,976 | ---- | M] (Capital Intellect Inc) -- C:\Program Files\Common Files\Winferno\WSS\WSS.exe
PRC - [2008/01/19 01:38:40 | 01,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008/01/19 01:33:42 | 00,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
PRC - [2008/01/19 01:33:40 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2007/06/11 21:27:24 | 00,291,760 | ---- | M] () -- C:\Program Files\Lexmark 2500 Series\lxddmon.exe
PRC - [2007/05/25 11:41:54 | 00,099,248 | ---- | M] (Lexmark International, Inc.) -- C:\Windows\System32\spool\drivers\w32x86\3\lxddser v.exe
PRC - [2007/05/25 11:41:38 | 00,537,520 | ---- | M] ( ) -- C:\Windows\System32\lxddcoms.exe
PRC - [2007/04/30 10:19:54 | 00,020,480 | ---- | M] () -- C:\Program Files\Lexmark 2500 Series\lxddamon.exe
PRC - [2006/11/28 22:05:38 | 00,523,952 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
PRC - [2006/11/22 19:45:28 | 00,425,648 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
PRC - [2006/11/22 19:08:12 | 00,409,264 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
PRC - [2006/11/20 14:15:14 | 00,446,128 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\SmoothView\SmoothView.exe
PRC - [2006/11/10 16:22:26 | 00,417,792 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
PRC - [2006/11/09 12:57:52 | 03,784,704 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2006/11/06 19:14:44 | 00,034,352 | ---- | M] () -- C:\Program Files\Toshiba\Utilities\KeNotify.exe
PRC - [2006/11/06 11:05:32 | 00,106,496 | ---- | M] (Intel Corporation) -- C:\Windows\System32\hkcmd.exe
PRC - [2006/11/06 11:02:18 | 00,081,920 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxpers.exe
PRC - [2006/11/02 03:46:00 | 00,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdSync.exe
PRC - [2006/11/01 00:40:16 | 00,077,824 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
PRC - [2006/10/27 15:50:52 | 00,815,104 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2006/10/27 15:11:02 | 00,192,512 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynToshiba.exe
PRC - [2006/09/12 10:03:20 | 00,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2006/08/23 18:39:48 | 00,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2006/07/20 14:54:28 | 00,040,960 | ---- | M] () -- c:\Toshiba\IVP\swupdate\swupdtmr.exe
PRC - [2006/05/25 20:30:16 | 00,114,688 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe


========== Modules (SafeList) ==========

MOD - [2010/01/27 18:13:49 | 00,548,864 | ---- | M] (OldTimer Tools) -- C:\Users\Donna\Downloads\OTL.exe
MOD - [2009/12/08 15:12:24 | 00,014,544 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\sahook.dll
MOD - [2009/04/11 00:21:38 | 01,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb7 2f96088b0de0\comctl32.dll
MOD - [2008/09/22 17:44:18 | 00,109,080 | ---- | M] (Logitech Inc.) -- C:\Windows\Temp\logishrd\LVPrcInj01.dll


========== Win32 Services (SafeList) ==========

SRV - [2009/12/17 16:37:52 | 00,067,360 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
SRV - [2009/12/08 16:25:28 | 00,093,320 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2009/11/09 23:22:00 | 00,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-093009-130223)
SRV - [2009/10/24 22:26:22 | 00,689,416 | ---- | M] (Trend Micro Inc.) [On_Demand | Running] -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe -- (TmProxy)
SRV - [2009/10/24 22:26:21 | 00,497,008 | ---- | M] (Trend Micro Inc.) [On_Demand | Running] -- C:\Program Files\Trend Micro\Internet Security\TmPfw.exe -- (TmPfw)
SRV - [2009/10/24 22:26:21 | 00,345,352 | ---- | M] (Trend Micro Inc.) [On_Demand | Running] -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe -- (TMBMServer)
SRV - [2009/10/24 22:26:20 | 00,715,368 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe -- (SfCtlCom)
SRV - [2009/09/24 19:27:04 | 00,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/09/21 17:36:02 | 00,545,568 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/09/08 21:21:44 | 00,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2009/07/09 13:22:18 | 00,144,712 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/04/07 01:43:17 | 00,133,104 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c9b75488a8f5c0) Google Update Service (gupdate1c9b75488a8f5c0)
SRV - [2009/04/07 01:42:56 | 00,183,280 | ---- | M] (Google) [Auto | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009/03/04 00:57:50 | 00,292,440 | ---- | M] () [Auto | Running] -- C:\Program Files\SiteAdvisor\4295\SAService.exe -- (SiteAdvisor Service)
SRV - [2008/12/12 12:17:38 | 00,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/09/22 17:44:28 | 00,150,040 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008/09/22 17:42:24 | 00,186,904 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)
SRV - [2008/02/13 16:13:44 | 00,126,976 | ---- | M] (Capital Intellect Inc) [Auto | Running] -- C:\Program Files\Common Files\Winferno\WSS\WSS.exe -- (Winferno Subscription Service)
SRV - [2008/01/19 01:38:26 | 00,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/19 01:36:50 | 00,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008/01/19 01:36:16 | 00,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007/05/25 11:41:54 | 00,099,248 | ---- | M] () [Auto | Running] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxddse rv.exe -- (lxddCATSCustConnectService)
SRV - [2007/05/25 11:41:38 | 00,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxddcoms.exe -- (lxdd_device)
SRV - [2006/11/22 19:45:28 | 00,425,648 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2006/11/02 06:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\ehome\ehstart.dll -- (ehstart)
SRV - [2006/11/01 00:40:16 | 00,077,824 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2006/09/12 10:03:20 | 00,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006/08/23 18:39:48 | 00,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2006/07/20 14:54:28 | 00,040,960 | ---- | M] () [Auto | Running] -- c:\Toshiba\IVP\swupdate\swupdtmr.exe -- (Swupdtmr)
SRV - [2006/05/25 20:30:16 | 00,114,688 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/...ch/search.html

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Fast Browser Search"
FF - prefs.js..browser.search.defaulturl: "http://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=18&q="
FF - prefs.js..browser.search.order.1: "Fast Browser Search"
FF - prefs.js..browser.search.param.yahoo-fr: "moz2-ytff-msgr"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-msgr"
FF - prefs.js..browser.search.selectedEngine: "Fast Browser Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.60
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.0
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - prefs.js..extensions.enabledItems: {C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}:2.2.3
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.2.20080910
FF - prefs.js..keyword.URL: "http://www.fastbrowsersearch.com/results/results.aspx?s=NAUS&v=18&tid={BB0B8D5A-9DA8-9290-4A54-5A5DF898B8A9}&q="
Reply With Quote
  #12  
Old January 30th, 2010, 08:19 PM
monka56's Avatar
monka56 monka56 is offline
Member
 
Join Date: Sep 2007
O/S: Windows Vista
Location: Wichita, Kansas
Posts: 44
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FA A-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/01/27 11:01:09 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/19 20:47:06 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/27 17:59:41 | 00,000,000 | ---D | M]

[2009/02/28 03:14:00 | 00,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\Mozilla\Extensions
[2010/01/27 18:06:50 | 00,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\Mozilla\Firefox\Pro files\9qgvkg5s.default\extensions
[2009/03/01 03:13:06 | 00,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Donna\AppData\Roaming\Mozilla\Firefox\Pro files\9qgvkg5s.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/09/26 17:09:51 | 00,000,000 | ---D | M] (My Tattoons (Fast Browser Search)) -- C:\Users\Donna\AppData\Roaming\Mozilla\Firefox\Pro files\9qgvkg5s.default\extensions\{C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}
[2010/01/25 15:00:43 | 00,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Donna\AppData\Roaming\Mozilla\Firefox\Pro files\9qgvkg5s.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2009/09/26 17:09:57 | 00,005,407 | ---- | M] () -- C:\Users\Donna\AppData\Roaming\Mozilla\Firefox\Pro files\9qgvkg5s.default\searchplugins\fast-browser-search.xml
[2010/01/22 20:44:56 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2006/09/18 15:41:30 | 00,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\s wg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstan ce.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [HSON] C:\Program Files\Toshiba\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [KeNotify] C:\Program Files\Toshiba\Utilities\KeNotify.exe ()
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()
O4 - HKLM..\Run: [lxddamon] C:\Program Files\Lexmark 2500 Series\lxddamon.exe ()
O4 - HKLM..\Run: [lxddmon.exe] C:\Program Files\Lexmark 2500 Series\lxddmon.exe ()
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [UfSeAgnt.exe] C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Donna\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup\V CAST Media Monitor.lnk = C:\Program Files\V CAST Media Manager\MEMonitor.exe (Smith Micro, Inc.)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDesktopCleanupWizard = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_18)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Donna\Pictures\GoogleDesktopPhotosPluginW allpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Donna\Pictures\GoogleDesktopPhotosPluginW allpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 15:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008/08/21 02:39:48 | 00,000,074 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{9ec2910f-0536-11df-b3a7-0016d48b42c5}\Shell - "" = AutoRun
O33 - MountPoints2\{9ec2910f-0536-11df-b3a7-0016d48b42c5}\Shell\AutoRun\command - "" = E:\VZAccess_Manager.exe -- File not found
O33 - MountPoints2\{9ec29134-0536-11df-b3a7-0016d48b42c5}\Shell - "" = AutoRun
O33 - MountPoints2\{9ec29134-0536-11df-b3a7-0016d48b42c5}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe -- [2009/05/25 23:25:52 | 02,320,432 | R--- | M] (Macrovision Corporation)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2009/02/26 22:55:04 | 00,000,000 | ---D | M]
NetSvcs: Irmon - C:\Windows\System32\irmon.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
OTL cannot create restorepoints on Vista OSs!
Reply With Quote
  #13  
Old January 30th, 2010, 08:20 PM
monka56's Avatar
monka56 monka56 is offline
Member
 
Join Date: Sep 2007
O/S: Windows Vista
Location: Wichita, Kansas
Posts: 44
========== Files/Folders - Created Within 14 Days ==========

[2010/01/27 17:58:55 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2010/01/22 20:46:03 | 00,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/01/22 13:05:19 | 00,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\com.adobe.mauby.487 5E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/01/19 14:48:41 | 00,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\Verizon Wireless
[2010/01/19 14:39:52 | 00,000,000 | ---D | C] -- C:\ProgramData\Verizon Wireless
[2010/01/19 14:39:51 | 00,000,000 | ---D | C] -- C:\Program Files\Verizon Wireless
[2010/01/19 14:29:16 | 00,000,000 | ---D | C] -- C:\Program Files\Novatel Wireless
[2010/01/19 14:28:32 | 00,000,000 | ---D | C] -- C:\Users\Donna\AppData\Roaming\InstallShield
[2009/03/01 03:38:28 | 01,232,896 | ---- | C] ( ) -- C:\Windows\System32\lxddserv.dll
[2009/03/01 03:38:28 | 00,999,424 | ---- | C] ( ) -- C:\Windows\System32\lxddusb1.dll
[2009/03/01 03:38:28 | 00,700,416 | ---- | C] ( ) -- C:\Windows\System32\lxddhbn3.dll
[2009/03/01 03:38:28 | 00,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxddpmui.dll
[2009/03/01 03:38:28 | 00,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxddlmpm.dll
[2009/03/01 03:38:28 | 00,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxddinpa.dll
[2009/03/01 03:38:28 | 00,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxddiesc.dll
[2009/03/01 03:38:28 | 00,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXDDhcp.dll
[2009/03/01 03:38:28 | 00,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxddprox.dll
[2009/03/01 03:38:28 | 00,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxddpplc.dll
[2009/03/01 03:38:27 | 00,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxddcomc.dll
[2009/03/01 03:38:27 | 00,425,984 | ---- | C] ( ) -- C:\Windows\System32\lxddcomm.dll

========== Files - Modified Within 14 Days ==========

[2010/01/27 18:27:28 | 02,621,440 | -HS- | M] () -- C:\Users\Donna\NTUSER.DAT
[2010/01/27 18:07:01 | 00,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/01/27 17:59:41 | 00,001,898 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/01/27 17:57:33 | 00,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010/01/27 17:56:51 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/01/27 08:07:23 | 00,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/01/27 08:07:23 | 00,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/01/27 08:05:53 | 00,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/01/27 07:59:50 | 00,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/01/27 07:59:50 | 00,595,684 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/01/27 07:59:50 | 00,101,350 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/01/25 17:06:34 | 00,051,062 | ---- | M] () -- C:\Users\Donna\Documents\misc documents.pdf
[2010/01/25 13:58:20 | 00,000,434 | ---- | M] () -- C:\Windows\tasks\RegPowerClean.job
[2010/01/25 13:58:05 | 00,000,400 | ---- | M] () -- C:\Windows\tasks\WSSHelper.job
[2010/01/22 05:20:17 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/01/22 05:19:19 | 26,739,91680 | -HS- | M] () -- C:\hiberfil.sys
[2010/01/22 05:17:32 | 00,524,288 | -HS- | M] () -- C:\Users\Donna\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regt rans-ms
[2010/01/22 05:17:32 | 00,065,536 | -HS- | M] () -- C:\Users\Donna\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/01/22 05:17:30 | 02,402,255 | -H-- | M] () -- C:\Users\Donna\AppData\Local\IconCache.db
[2010/01/19 14:40:03 | 00,001,164 | ---- | M] () -- C:\Users\Public\Desktop\VZAccess Manager.lnk

========== Files Created - No Company Name ==========

[2010/01/27 17:59:41 | 00,001,898 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/01/25 17:06:34 | 00,051,062 | ---- | C] () -- C:\Users\Donna\Documents\misc documents.pdf
[2010/01/19 14:40:03 | 00,001,164 | ---- | C] () -- C:\Users\Public\Desktop\VZAccess Manager.lnk
[2009/08/05 20:53:30 | 00,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/03/13 11:38:41 | 00,000,336 | ---- | C] () -- C:\Users\Donna\AppData\Roaming\wklnhst.dat
[2009/03/11 16:32:41 | 00,000,159 | ---- | C] () -- C:\ProgramData\lxdd
[2009/03/01 03:39:02 | 00,000,044 | ---- | C] () -- C:\Windows\System32\lxddrwrd.ini
[2009/03/01 03:38:28 | 00,286,720 | ---- | C] () -- C:\Windows\System32\LXDDinst.dll
[2009/03/01 03:38:28 | 00,208,896 | ---- | C] () -- C:\Windows\System32\lxddgrd.dll
[2009/03/01 03:02:50 | 00,068,960 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2009/02/27 22:50:49 | 00,000,680 | ---- | C] () -- C:\Users\Donna\AppData\Local\d3d9caps.dat
[2009/02/26 21:04:01 | 00,070,656 | ---- | C] () -- C:\Users\Donna\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/09/22 17:43:54 | 00,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2007/03/28 16:16:44 | 00,344,064 | ---- | C] () -- C:\Windows\System32\lxddcoin.dll
[2007/01/23 21:40:04 | 00,065,536 | ---- | C] () -- C:\Windows\System32\lxddcaps.dll
[2007/01/09 19:13:08 | 00,692,224 | ---- | C] () -- C:\Windows\System32\lxdddrs.dll
[2006/11/30 19:36:51 | 00,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2006/11/30 19:07:04 | 00,524,288 | -HS- | C] () -- C:\ProgramData\ntuser.dat{5dd96ef9-80d7-11db-a907-0016d42ca96e}.TMContainer00000000000000000002.regt rans-ms
[2006/11/30 19:07:04 | 00,524,288 | -HS- | C] () -- C:\ProgramData\ntuser.dat{5dd96ef9-80d7-11db-a907-0016d42ca96e}.TMContainer00000000000000000001.regt rans-ms
[2006/11/30 19:07:04 | 00,065,536 | -HS- | C] () -- C:\ProgramData\ntuser.dat{5dd96ef9-80d7-11db-a907-0016d42ca96e}.TM.blf
[2006/11/30 19:07:03 | 00,524,288 | -HS- | C] () -- C:\ProgramData\ntuser.dat{5dd96ee9-80d7-11db-a907-0016d42ca96e}.TMContainer00000000000000000002.regt rans-ms
[2006/11/30 19:07:03 | 00,524,288 | -HS- | C] () -- C:\ProgramData\ntuser.dat{5dd96ee9-80d7-11db-a907-0016d42ca96e}.TMContainer00000000000000000001.regt rans-ms
[2006/11/30 19:07:03 | 00,262,144 | ---- | C] () -- C:\ProgramData\ntuser.dat
[2006/11/30 19:07:03 | 00,065,536 | -HS- | C] () -- C:\ProgramData\ntuser.dat{5dd96ee9-80d7-11db-a907-0016d42ca96e}.TM.blf
[2006/11/30 19:07:03 | 00,005,120 | -H-- | C] () -- C:\ProgramData\ntuser.dat.LOG1
[2006/11/30 19:07:03 | 00,000,000 | -H-- | C] () -- C:\ProgramData\ntuser.dat.LOG2
[2006/11/30 18:52:32 | 00,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2006/11/30 18:52:32 | 00,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2006/11/30 18:52:32 | 00,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2006/11/30 18:52:32 | 00,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2006/11/30 18:52:32 | 00,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2006/11/30 18:52:32 | 00,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2006/11/30 18:26:12 | 00,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2006/11/30 18:26:12 | 00,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2006/11/30 18:26:12 | 00,010,150 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2006/11/30 18:26:12 | 00,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2006/11/24 09:48:44 | 00,036,864 | ---- | C] () -- C:\Windows\System32\HWS_Ctrl.dll
[2006/11/06 13:02:10 | 00,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1114.dll
[2006/11/06 11:03:16 | 00,053,248 | ---- | C] () -- C:\Windows\System32\oemdspif.dll
[2006/11/06 11:00:56 | 00,077,824 | ---- | C] () -- C:\Windows\System32\hccutils.dll
[2006/11/02 06:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 04:25:21 | 00,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/11/02 01:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/10/31 19:37:00 | 00,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2006/10/06 19:08:04 | 00,069,632 | ---- | C] () -- C:\Windows\System32\lxddcnv4.dll
[2006/08/10 17:00:52 | 00,094,208 | ---- | C] () -- C:\Windows\System32\TosBtHcrpAPI.dll
[2006/05/18 04:47:12 | 00,040,960 | ---- | C] () -- C:\Windows\System32\lxddvs.dll
[2006/03/09 12:58:00 | 01,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005/11/23 16:55:42 | 00,024,576 | ---- | C] () -- C:\Windows\System32\SPCtl.dll
[2005/07/22 23:30:20 | 00,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll

========== LOP Check ==========

[2010/01/22 13:05:19 | 00,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\com.adobe.mauby.487 5E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/02/28 04:04:42 | 00,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\GARMIN
[2009/04/27 03:37:13 | 00,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\GoodSync
[2009/06/15 21:27:32 | 00,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\InterVideo
[2009/03/01 03:50:31 | 00,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\Lexmark Productivity Studio
[2009/03/25 21:57:05 | 00,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\licenses
[2009/03/25 21:57:02 | 00,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\PCMM2009
[2009/11/22 14:25:01 | 00,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\Smith Micro
[2009/03/13 11:38:42 | 00,000,000 | ---D | M] -- C:\Users\Donna\AppData\Roaming\Template
[2010/01/25 13:58:20 | 00,000,434 | ---- | M] () -- C:\Windows\Tasks\RegPowerClean.job
[2010/01/22 05:17:51 | 00,032,654 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/01/25 13:58:05 | 00,000,400 | ---- | M] () -- C:\Windows\Tasks\WSSHelper.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2008/01/19 01:42:26 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\mac hine.inf_51b95d75\AGP440.sys
[2008/01/19 01:42:26 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\mac hine.inf_f750e484\AGP440.sys
[2008/01/19 01:42:26 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35 _6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/19 01:42:26 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35 _6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 03:49:52 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006/11/02 03:49:52 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\mac hine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/04/11 00:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009/04/11 00:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\msh dc.inf_b12d8e84\atapi.sys
[2009/04/11 00:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6 .0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/19 01:41:32 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\msh dc.inf_cc18792d\atapi.sys
[2008/01/19 01:41:32 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6 .0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 03:49:36 | 00,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\msh dc.inf_c6c2e699\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 03:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 03:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d29293 2a96ce6\cngaudit.dll

< MD5 for: IASTORV.SYS >
[2008/01/19 01:42:52 | 00,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\ias torv.inf_c9df7691\iaStorV.sys
[2008/01/19 01:42:52 | 00,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35 _6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 03:51:25 | 00,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006/11/02 03:51:25 | 00,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\ias torv.inf_37cdafa4\iaStorV.sys

< MD5 for: KR10N.SYS >
[2005/09/27 17:57:38 | 00,207,104 | ---- | M] (TOSHIBA CORPORATION) MD5=A1963360E74931222A67356C8AD48378 -- C:\Windows\System32\drivers\KR10N.sys
[2005/09/27 17:57:38 | 00,207,104 | ---- | M] (TOSHIBA CORPORATION) MD5=A1963360E74931222A67356C8AD48378 -- C:\Windows\System32\DriverStore\FileRepository\kr1 0n.inf_f8c77270\KR10N.sys

< MD5 for: NETLOGON.DLL >
[2006/11/02 03:46:11 | 00,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80 f5473b0ed783\netlogon.dll
[2009/04/11 00:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009/04/11 00:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3 304f351bb3a3\netlogon.dll
[2008/01/19 01:35:38 | 00,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7 b74337f9e857\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006/11/02 03:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006/11/02 03:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvr aid.inf_733654ff\nvstor.sys
[2008/01/19 01:42:10 | 00,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvr aid.inf_31c3d71d\nvstor.sys
[2008/01/19 01:42:10 | 00,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_ 6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008/01/19 01:36:20 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.1 8000_none_380de25bd91b6f12\scecli.dll
[2006/11/02 03:46:12 | 00,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.1 6386_none_35d7205fdc305e3e\scecli.dll
[2009/04/11 00:28:24 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009/04/11 00:28:24 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.1 8005_none_39f95b67d63d3a5e\scecli.dll

< %systemroot%\*. /mp /s >
< End of report >
Reply With Quote
  #14  
Old January 30th, 2010, 08:22 PM
monka56's Avatar
monka56 monka56 is offline
Member
 
Join Date: Sep 2007
O/S: Windows Vista
Location: Wichita, Kansas
Posts: 44
OTL Extras logfile created on: 1/27/2010 6:17:47 PM - Run 1
OTL by OldTimer - Version 3.1.27.0 Folder = C:\Users\Donna\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 37.00% Memory free
5.00 Gb Paging File | 3.00 Gb Available in Paging File | 67.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 147.58 Gb Total Space | 25.81 Gb Free Space | 17.49% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 32.27 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DONNA-PC
Current User Name: Donna
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\PublicPr ofile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile\AuthorizedApplications\List]
"C:\TOSHIBA\ivp\NetInt\Netint.exe" = C:\TOSHIBA\ivp\NetInt\Netint.exe:*:Enabled:NIE - Toshiba Software Upgrades Engine -- (TOSHIBA Corporation)
"C:\TOSHIBA\Ivp\ISM\pinger.exe" = C:\TOSHIBA\Ivp\ISM\pinger.exe:*:Enabled:Toshiba Software Upgrades Pinger -- (TOSHIBA Corporation)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Firewall Rules]
"{227C7931-6F3F-48D9-A301-966CA2EB249B}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{253EF455-CDDC-4397-AD8F-32664EC85331}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{288D9099-94F7-4BDE-BB3D-98720850B37C}" = lport=445 | protocol=6 | dir=in | app=system |
"{40C87D04-BB2E-46DB-A6C7-01BE42ED904C}" = lport=137 | protocol=17 | dir=in | app=system |
"{579E012B-5392-4380-B38D-3461E62FE044}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5F9A343D-F676-4AB9-A2E5-CCDCBFF94745}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{706C7D2A-A749-40C7-9A9B-84FE80D4349A}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{72FB9A8E-2BF2-4B67-921C-283C20E5E645}" = rport=445 | protocol=6 | dir=out | app=system |
"{86EE31FA-674A-4028-BAA3-91324BDB9261}" = rport=139 | protocol=6 | dir=out | app=system |
"{87D31518-586C-4612-9F42-64F19465032B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8EEC1717-FF7B-425A-86CA-0F24CA71BC56}" = rport=138 | protocol=17 | dir=out | app=system |
"{8F2BE2C8-259B-4547-990A-B6B39E52069D}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{9BC052EA-AEB7-4453-9975-2EC29264C179}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{A21CD2F0-0C08-4A8F-870B-678D605E7DDA}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{AB44FC08-2733-4CF9-BBED-3E690A7D4BB2}" = rport=137 | protocol=17 | dir=out | app=system |
"{AB659C95-8F29-4BFF-A15D-28E28C9453E7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B1BA5D28-6FAC-4133-8DEB-697E1C441AF4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B4569E83-03C4-41D6-9592-84E2C1679723}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{BB7E2151-7461-4620-9BAD-FA09083CEF4C}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{CC890D83-31F8-4E1D-B8DA-C09BEE2F7326}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DFF74E87-ED19-4F42-AE5C-0B9B7706701E}" = lport=139 | protocol=6 | dir=in | app=system |
"{E784C80D-B3DE-42FA-9F49-F9105053EF9E}" = lport=138 | protocol=17 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Firewall Rules]
"{050977D3-6A41-49BC-A608-2541FDF959B6}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{065CD993-7916-4834-A550-B3E2164E7CF9}" = protocol=17 | dir=in | app=c:\windows\system32\lxddcoms.exe |
"{105EEBDB-EBB5-43EB-A2F7-882AE49B25B6}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{2B40B933-7B8C-44C1-AC69-B7BF34EB64D0}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{2D244469-8C81-4408-9C7F-CCD10CC4EA1C}" = protocol=6 | dir=in | app=c:\program files\lexmark 2500 series\lxddamon.exe |
"{30D920C6-21A1-4ECB-B293-821193334962}" = protocol=6 | dir=in | app=c:\windows\system32\lxddcoms.exe |
"{3402E4FF-9A83-406B-918C-9F4DFA520643}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{368D9566-8B1C-4F30-AC4C-599708818712}" = protocol=6 | dir=in | app=c:\program files\lexmark 2500 series\lxddmon.exe |
"{3E8FE0EB-5276-4E68-A128-106FF232CAD9}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{509439EF-1760-43DF-ABD0-E1681F8071B8}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{65A96596-E8AA-46FA-942C-37D302B18726}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{83319A0E-A525-4716-AAC9-7BEA785C04A7}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{857733AA-B286-4A8D-89AE-FCEFBD98D4E1}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{864E3FB0-0C8E-4621-A79B-856D5112B726}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{896A73A0-CE3F-40B9-8133-F9952359AE03}" = protocol=17 | dir=in | app=c:\program files\lexmark 2500 series\lxddamon.exe |
"{AF881341-8F49-4F63-8732-354BF2507103}" = protocol=17 | dir=in | app=c:\program files\lexmark 2500 series\app4r.exe |
"{B284C2FC-49DB-41FC-B0C6-003612E56CFC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B4503B1F-0014-454C-A194-264088530E4C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{BC4B88FC-2BA9-4248-8BBE-B91E146D5F90}" = protocol=17 | dir=in | app=c:\program files\lexmark 2500 series\lxddmon.exe |
"{C0E0A7E4-4303-49FA-A8F6-36A1BC0AB852}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C2372A2B-013B-4D57-9A95-BD50AEDC3E57}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxd dpswx.exe |
"{CB1B9CD1-B611-464A-B3B2-3FF0DF00A866}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxd dpswx.exe |
"{CBF2FFEE-2C3C-4782-AE6A-9718932077DC}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{D7845016-DB0C-4CBD-96F0-14733C9EB173}" = protocol=6 | dir=in | app=c:\program files\lexmark 2500 series\app4r.exe |
"{DA2CCF12-F6D0-40A1-9D62-E5A4391660D1}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxd dtime.exe |
"{EB807D0A-A43F-4988-BCF9-2727F7724F71}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxd dtime.exe |
"TCP Query User{47553CE3-53EB-47CB-8645-528D22FA72D3}C:\program files\lexmark 2500 series\lxddamon.exe" = protocol=6 | dir=in | app=c:\program files\lexmark 2500 series\lxddamon.exe |
"TCP Query User{6AF139C7-B204-4300-879D-0AE637EE8E86}C:\windows\temp\occ.exe" = protocol=6 | dir=in | app=c:\windows\temp\occ.exe |
"TCP Query User{7BA1322B-969E-4692-BFF4-418D82F57754}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{D462E55B-E0D3-4A2D-B4F3-FC959751EB05}C:\program files\lexmark 2500 series\app4r.exe" = protocol=6 | dir=in | app=c:\program files\lexmark 2500 series\app4r.exe |
"TCP Query User{D6044A04-27EA-465A-B45B-C89F68B3F865}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{2DD7FBEE-01AC-444E-8BA2-776706CBAAFA}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{36F3C924-6C62-43FC-A6C5-9F2B8BBE0292}C:\program files\lexmark 2500 series\app4r.exe" = protocol=17 | dir=in | app=c:\program files\lexmark 2500 series\app4r.exe |
"UDP Query User{6A1DC3AF-B95C-4A3B-A6AB-4F7AE70BF387}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{7D7FC493-5A97-4670-A909-D862F0FD44CF}C:\windows\temp\occ.exe" = protocol=17 | dir=in | app=c:\windows\temp\occ.exe |
"UDP Query User{B6BDB741-6901-4AE6-9B92-76A58EE0A7FB}C:\program files\lexmark 2500 series\lxddamon.exe" = protocol=17 | dir=in | app=c:\program files\lexmark 2500 series\lxddamon.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========
Reply With Quote
  #15  
Old January 30th, 2010, 08:28 PM
monka56's Avatar
monka56 monka56 is offline
Member
 
Join Date: Sep 2007
O/S: Windows Vista
Location: Wichita, Kansas
Posts: 44
========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for TOSHIBA
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 18
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{425A2BC2-AA64-4107-9C29-484245BBEA05}" = TOSHIBA Software Upgrades
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5F00DF7E-418B-4CD9-8EC5-781156BCC49E}" = Microsoft Money Shared Libraries
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{70BA588C-DA92-4DA9-8F8F-E7124B26F8F5}" = Logitech QuickCam for Enterprise
"{718D791F-F4E8-4aa7-98A6-15FDED17BDD0}" = Trend Micro Internet Security
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7641FD7D-E94E-424E-A95C-0593C84DC0C0}" = VZAccess Manager
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7B2ADCB5-3F3D-478A-90A9-A8C04EF82BF6}" = Mobile Broadband Generic Drivers
"{86B32074-0F48-4CF9-BA4B-529B470FB47F}" = BlackBerry Desktop Software 5.0
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{9D2B0322-44AE-460E-9283-4D2D7A9205AE}" = Trend Micro Internet Security
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A93762E6-8EA6-4E7F-9557-64E51AA3AB84}" = CASIO USB Driver V1.0.8003.1229
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B1102A25-3AA3-446B-AA0F-A699B07A02FD}" = Garmin USB Drivers
"{B57A7B53-0662-4AC0-9352-2AE2D8212A9F}" = Garmin Communicator Plugin
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{C084BC61-E537-11DE-8616-005056806466}" = Google Earth
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C53D16CC-E56F-47B8-906E-70AAF8EABB4F}" = Toshiba Registration
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{DA34FE93-5DC5-48E0-ACC8-A5389E05BB51}" = iTunes
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E7269FD6-34EA-4617-8752-6739AA384080}" = V CAST Media Manager
"{E9ED0801-253D-4FE9-AB20-F63DEFE72547}" = SAMSUNG Mobile USB DRIVER(4.40.7.0) v1.6
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{F7B05784-334C-4F76-8BAB-30ABEB7FD534}" = TIPCI
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"45A7283175C62FAC673F913C1F532C5361F97841" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Agere Systems Soft Modem" = TOSHIBA Software Modem
"BlackBerry_{86B32074-0F48-4CF9-BA4B-529B470FB47F}" = BlackBerry Desktop Software 5.0
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B3204 85DF8CE.1" = Acrobat.com
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for TOSHIBA
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{E9ED0801-253D-4FE9-AB20-F63DEFE72547}" = SAMSUNG Mobile USB DRIVER(4.40.7.0) v1.6
"InstallShield_{F7B05784-334C-4F76-8BAB-30ABEB7FD534}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"Lexmark 2500 Series" = Lexmark 2500 Series
"lvdrivers_11.72" = Logitech QuickCam for Enterprise Driver Package
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mobile Broadband Generic Drivers" = Mobile Broadband Generic Drivers
"Money2007b" = Microsoft Money Essentials
"Mozilla Firefox (3.0.17)" = Mozilla Firefox (3.0.17)
"RegPowerClean_is1" = Winferno Registry Power Cleaner
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VideoLAN VLC media player 0.8.6d
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Uninstall]
"HuluDesktop" = Hulu Desktop
"Move Media Player" = Move Media Player
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/23/2009 12:11:10 AM | Computer Name = Donna-PC | Source = Windows Backup | ID = 4103
Description =

Error - 11/23/2009 12:20:49 AM | Computer Name = Donna-PC | Source = Windows Backup | ID = 4103
Description =

Error - 11/25/2009 12:37:06 AM | Computer Name = Donna-PC | Source = Application Error | ID = 1000
Description = Faulting application YahooMessenger.exe, version 9.0.0.2136, time
stamp 0x499f2c7f, faulting module ntdll.dll, version 6.0.6002.18005, time stamp
0x49e03821, exception code 0xc0000005, fault offset 0x00066739, process id 0x1138,
application start time 0x01ca6841fbf28396.

Error - 11/25/2009 2:07:00 AM | Computer Name = Donna-PC | Source = EventSystem | ID = 4622
Description =

Error - 11/25/2009 4:18:49 AM | Computer Name = Donna-PC | Source = Application Error | ID = 1000
Description = Faulting application YahooMessenger.exe, version 9.0.0.2136, time
stamp 0x499f2c7f, faulting module ntdll.dll, version 6.0.6002.18005, time stamp
0x49e03821, exception code 0xc0000005, fault offset 0x00049e05, process id 0xb7ac,
application start time 0x01ca6da7dc4a8e00.

Error - 11/25/2009 12:57:47 PM | Computer Name = Donna-PC | Source = Application Error | ID = 1000
Description = Faulting application RegPowerClean.exe, version 2008.1.0.7, time stamp
0x47d823c1, faulting module CapiCom.dll, version 2.1.0.1, time stamp 0x4182a95c,
exception code 0xc0000005, fault offset 0x0000966c, process id 0xe48, application
start time 0x01ca6dc2147a959d.

Error - 11/25/2009 1:28:56 PM | Computer Name = Donna-PC | Source = Application Error | ID = 1000
Description = Faulting application RegPowerClean.exe, version 2008.1.0.7, time stamp
0x47d823c1, faulting module MSVBVM60.DLL, version 6.0.98.2, time stamp 0x4791a724,
exception code 0xc0000005, fault offset 0x000c9a01, process id 0xe48, application
start time 0x01ca6dc2147a959d.

Error - 11/29/2009 11:04:27 PM | Computer Name = Donna-PC | Source = Windows Backup | ID = 4103
Description =

Error - 12/2/2009 1:14:42 AM | Computer Name = Donna-PC | Source = Application Error | ID = 1000
Description = Faulting application YahooMessenger.exe, version 9.0.0.2136, time
stamp 0x499f2c7f, faulting module ntdll.dll, version 6.0.6002.18005, time stamp
0x49e03821, exception code 0xc0000005, fault offset 0x00066739, process id 0x151c,
application start time 0x01ca6dc229df8b2d.

Error - 12/6/2009 11:02:39 PM | Computer Name = Donna-PC | Source = Windows Backup | ID = 4103
Description =

[ Media Center Events ]
Error - 8/25/2009 11:35:52 PM | Computer Name = Donna-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 10/11/2009 10:24:38 PM | Computer Name = Donna-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ System Events ]
Error - 9/6/2009 1:33:30 AM | Computer Name = Donna-PC | Source = DCOM | ID = 10005
Description =

Error - 9/6/2009 1:33:37 AM | Computer Name = Donna-PC | Source = DCOM | ID = 10005
Description =

Error - 9/6/2009 1:33:39 AM | Computer Name = Donna-PC | Source = DCOM | ID = 10005
Description =

Error - 9/6/2009 1:33:41 AM | Computer Name = Donna-PC | Source = DCOM | ID = 10005
Description =

Error - 9/6/2009 1:33:50 AM | Computer Name = Donna-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 9/6/2009 1:33:50 AM | Computer Name = Donna-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 9/6/2009 1:33:51 AM | Computer Name = Donna-PC | Source = DCOM | ID = 10005
Description =

Error - 9/6/2009 1:37:34 AM | Computer Name = Donna-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 9/6/2009 7:55:37 PM | Computer Name = Donna-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 9/6/2009 7:55:45 PM | Computer Name = Donna-PC | Source = DCOM | ID = 10010
Description =


< End of report >
Reply With Quote
Reply

Bookmarks

Topic Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Topics
Topic Topic Starter Forum Replies Last Post
psf: my computer is doing a very similar thing - moved by schrauber psf Malware Removal 1 January 19th, 2010 11:30 PM
Vrodrigu13 C.exe - moved by schrauber Vrodrigu13 Malware Removal 32 January 11th, 2010 07:17 PM
punkydiamond - moved by schrauber punkydiamond Malware Removal 1 January 8th, 2010 06:43 PM
janardhanan.j C.exe - moved by schrauber janardhanan.j Malware Removal 6 January 5th, 2010 10:02 PM
-=BULLETPROOF=- C.EXE - moved by schrauber -=BULLETPROOF=- Malware Removal 23 January 5th, 2010 09:49 PM


All times are GMT +1. The time now is 10:39 AM.