Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

OS Frequently Crashes, Not Recognizing Driver Updates

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

OS Frequently Crashes, Not Recognizing Driver Updates

Unread postby briolette » March 16th, 2010, 12:14 pm

Hello, we're having all sorts of problems with Vista constantly crashing then recovering itself on this laptop. Initially, we received an error message concerning the MS 6to4 Adapter, so I disabled it. Now, the error message states that the Video Driver is crashing & recovering, and indeed it has while we're online. I've gone through, checked & updated all the drivers, but at least some aren't being recognized, such as ActiveX. This machine is really acting as if it has a virus; however, I've run both Malwarebytes' and Kaspersky's scans, in addition to my own AntiVir, and it comes up clean in all of them.

HJT log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:53:48 AM, on 3/16/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\ltmoh\ltmoh.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\Toshiba\Utilities\KeNotify.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Dell 968 AIO Printer\dldomon.exe
C:\Program Files\Dell 968 AIO Printer\memcard.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10e.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\trend micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/index.php?lh=ad ... f9020becd&
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [PINGER] C:\TOSHIBA\IVP\ISM\pinger.exe /run
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [dldomon.exe] "C:\Program Files\Dell 968 AIO Printer\dldomon.exe"
O4 - HKLM\..\Run: [MemoryCardManager] "C:\Program Files\Dell 968 AIO Printer\memcard.exe"
O4 - HKLM\..\Run: [Dell 968 AIO Printer Fax Server] "C:\Program Files\Dell 968 AIO Printer\fm3032.exe" /s
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.co ... 1.66.0.cab
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: dldoCATSCustConnectService - Unknown owner - C:\Windows\system32\spool\DRIVERS\W32X86\3\\dldoserv.exe
O23 - Service: dldo_device - - C:\Windows\system32\dldocoms.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Pantech Utility Service - Sprint Spectrum, L.L.C - C:\Program Files\Sprint\Pantech\Sprint Mobile Broadband (Pantech)\PWIUtilityService.exe
O23 - Service: pinger - Unknown owner - C:\Toshiba\IVP\ISM\pinger.exe
O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\IVP\swupdate\swupdtmr.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 7457 bytes
briolette
Regular Member
 
Posts: 81
Joined: January 8th, 2009, 11:18 am
Advertisement
Register to Remove

Re: OS Frequently Crashes, Not Recognizing Driver Updates

Unread postby MWR 3 day Mod » March 19th, 2010, 11:22 pm

Hi,

We are sorry to see your topic is over three days old and no one has yet been able to respond and offer help.

If you still require assistance, please post a link to your topic in our Waiting for help with malware removal? forum, and our staff will make an effort to assist you as promptly as possible. Only post a LINK to this topic, DO NOT post your DDS log!

Please do not reply to this topic.

If you haven't posted within two days in the "Waiting for help with malware removal?" forum, we will assume you have been able to get assistance in other ways and this topic will be closed.
MWR 3 day Mod
MRU Undergrad
MRU Undergrad
 
Posts: 2534
Joined: April 4th, 2008, 8:40 am

Re: OS Frequently Crashes, Not Recognizing Driver Updates

Unread postby deltalima » March 24th, 2010, 4:55 am

Hi briolette,

Welcome to the forum.

My nickname is deltalima and I will be helping you with your computer problems.

The logs can take some time to research, so please be patient with me.

Please note the following:
  • I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for this issue on this machine.
  • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
  • If after 3 days you have not responded to this topic, it will be closed, and you will need to start a new one.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.

Uninstall List
  • Open HijackThis.
  • Look under System tools.
  • Click on the Open Uninstall Manager... button.
  • Click on the Save list... button.
  • It will prompt you to save. Save this log in a convenient location. By default it's named uninstall_list.txt.
  • Notepad will open. Please copy and paste the contents of this log in your next reply.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: OS Frequently Crashes, Not Recognizing Driver Updates

Unread postby briolette » March 24th, 2010, 3:09 pm

Hi, deltalima...here's the Uninstall List that you requested:

Adobe Flash Player 10 ActiveX
Atheros Driver Installation Program
Avira AntiVir Personal - Free Antivirus
Bluetooth Stack for Windows by Toshiba
CD/DVD Drive Acoustic Silencer
Dell 968 AIO Printer
Desktop Dialer
Download Updater (AOL LLC)
DVD MovieFactory for TOSHIBA
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HouseCall 6.6
Intel(R) Graphics Media Accelerator Driver
Java(TM) 6 Update 18
LG USB Modem Drivers
Malwarebytes' Anti-Malware
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Works
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
OGA Notifier 2.0.0048.0
PANTECH PC Card Software
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
Realtek High Definition Audio Driver
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB978380)
Security Update for Microsoft Office Excel 2007 (KB978382)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Sprint Mobile Broadband (Pantech)
Sprint music manager
Synaptics Pointing Device Driver
System Requirements Lab for Intel
Texas Instruments PCIxx21/x515/xx12 drivers.
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA Disc Creator
TOSHIBA Extended Tiles for Windows Mobility Center
TOSHIBA Flash Cards Support Utility
TOSHIBA Hardware Setup
TOSHIBA Recovery Disc Creator
Toshiba Registration
TOSHIBA SD Memory Utilities
TOSHIBA Software Modem
TOSHIBA Software Upgrades
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
Update for 2007 Microsoft Office System (KB967642)
Update for 2007 Microsoft Office System (KB977724)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office InfoPath 2007 (KB976416)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 (KB974561)
Update for Microsoft Office Word 2007 Help (KB963665)
Viewpoint Media Player
Windows Live ID Sign-in Assistant
WinDVD for TOSHIBA
briolette
Regular Member
 
Posts: 81
Joined: January 8th, 2009, 11:18 am

Re: OS Frequently Crashes, Not Recognizing Driver Updates

Unread postby deltalima » March 24th, 2010, 3:59 pm

Hi briolette,

Your description of the problems with the computer does not necessarily indicate a virus. We will give the system a thorough examination to see if there is any form of malware present.

Please Note:
The programs I ask you to run need to be run in Administrator Mode by... Right clicking the program file & selecting: Run as Administrator.
Additionally, the built-in User Account Control (UAC) utility, if enabled, may prompt you for permission to run the program.
When prompted, please select: Allow. Reference: User Account Control (UAC) and Running as Administrator

Download and run OTL
Download OTL by Old Timer and save it to your Desktop.
  • Right click on OTL.exe & select Run as Administrator
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened
    • Extras.txt <-- Will be minimized
  • Please post the contents of these 2 Notepad files in your next reply.

Please download GMER Rootkit Scanner from here.
  • Right click the .exe file & select Run as Administrator. If asked to allow gmer.sys driver to load, please consent
  • If it gives you a warning at program start about rootkit activity and asks if you want to run a scan...click NO.
  • Run Gmer again and click on the Rootkit tab.
  • Look at the right hand side (under Files) and uncheck all drives with the exception of your C drive.
  • Make sure all other boxes on the right of the screen are checked, EXCEPT for "Show All".
  • Click on the "Scan" and wait for the scan to finish.
    Note: Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan.
  • When completed, click on the Copy button and right-click on your Desktop, choose "New" > Text document. Once the file is created, open it and right-click again and choose Paste or Ctrl+V. Save the file as gmer.txt and copy the information in your next reply.
  • Note: If you have any problems, try running GMER in SAFE MODE
Important! Please do not select the "Show all" checkbox during the scan..

Please post the GMER log along with OTL.txt and Extras.txt from the OTL scan into your next reply.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: OS Frequently Crashes, Not Recognizing Driver Updates

Unread postby briolette » March 24th, 2010, 6:54 pm

Hello, again deltalima. I have successfully run the OTL scan, but GMER will not run, even in Safe Mode. I've attempted to run it a half a dozen times, and an error message interrupts stating that there is an unknown problem running the program. In the meantime, both OTL scans are to follow:

OTL Extras logfile created on: 3/24/2010 5:53:43 PM - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Users\howfrank\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,013.00 Mb Total Physical Memory | 417.00 Mb Available Physical Memory | 41.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 55.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 104.37 Gb Total Space | 66.30 Gb Free Space | 63.52% Space Free | Partition Type: NTFS
Drive D: | 702.31 Mb Total Space | 636.55 Mb Free Space | 90.64% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HOWFRANK-PC
Current User Name: howfrank
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~4\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\TOSHIBA\ivp\NetInt\Netint.exe" = C:\TOSHIBA\ivp\NetInt\Netint.exe:*:Enabled:NIE - Toshiba Software Upgrades Engine -- (TOSHIBA Corporation)
"C:\TOSHIBA\Ivp\ISM\pinger.exe" = C:\TOSHIBA\Ivp\ISM\pinger.exe:*:Enabled:Toshiba Software Upgrades Pinger -- ()


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{34BD2B73-A788-43B1-A191-9670522AB46C}" = lport=6331 | protocol=6 | dir=in | name=windows live onecare |
"{FDC3C33F-BD1A-4424-921D-EDB869FA007F}" = lport=63331 | protocol=6 | dir=in | name=windows live onecare |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1A1AE64C-5E23-4E7C-8DB8-4F5344E0140A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{22B83F35-D263-4778-AAD3-10742CFAD27B}" = protocol=17 | dir=in | app=c:\program files\dell 968 aio printer\memcard.exe |
"{265D2595-B232-4FCC-A04A-FE5E4CC10851}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{29ADD3C9-7A22-42F5-A39C-D5D1AFD21E51}" = protocol=6 | dir=in | app=c:\program files\dell 968 aio printer\dldofax.exe |
"{2A483765-7B5D-485E-B0D8-72845DFA6C1E}" = protocol=17 | dir=in | app=c:\windows\system32\dldocoms.exe |
"{372D6C85-2424-4AB4-93F6-EB153F87E299}" = protocol=6 | dir=in | app=c:\program files\aim6\aim6.exe |
"{39B9423E-553C-41CF-85F7-FFC6227C614D}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldopswx.exe |
"{3F367AB5-114A-4C4F-A67F-6F21CEB12889}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldopswx.exe |
"{41901B2B-271A-4FB4-99C7-12B08E6488E3}" = protocol=6 | dir=in | app=c:\program files\dell 968 aio printer\dldomon.exe |
"{42F52DE7-F4B4-4A66-AB5E-FDBEC0862AB7}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{6702D863-CEF3-4865-A61E-023A2D83F42B}" = protocol=17 | dir=in | app=c:\program files\dell 968 aio printer\dldofax.exe |
"{672E86D8-1B51-4F69-AAF3-D70A61971AA2}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldojswx.exe |
"{676FDDDA-C769-4DCA-B87C-CBC4257C037B}" = protocol=6 | dir=in | app=c:\users\howfrank\appdata\local\temp\dldo\wireless\english\dldowpss.exe |
"{70753E82-AD3F-49E3-B1C0-4221D2BBA77A}" = protocol=17 | dir=in | app=c:\program files\dell 968 aio printer\dldomon.exe |
"{70BE1A3A-240A-4BC0-88A4-D445DAAAC982}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldotime.exe |
"{7B12CD9C-7FCB-4C7D-BDFD-024A86816975}" = protocol=17 | dir=in | app=c:\users\howfrank\appdata\local\temp\dldo\wireless\english\dldowpss.exe |
"{8FD63693-11A3-48B0-8A88-681EA5E512A3}" = protocol=6 | dir=in | app=c:\windows\system32\dldocoms.exe |
"{971BB723-1237-4655-BB6E-5B4A436ABB57}" = protocol=17 | dir=in | app=c:\program files\dell 968 aio printer\dldoaiox.exe |
"{B01DD7EE-2C9D-4D8D-9E44-57360C7F24E1}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{C071C503-85A9-42F0-89E4-54CCD6A59C42}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{C2560694-46E1-4DB1-A19F-51A7EE1662FB}" = protocol=6 | dir=in | app=c:\program files\dell 968 aio printer\dldoaiox.exe |
"{CE443515-0C39-44D1-9DD1-DAFF7F1FC569}" = protocol=6 | dir=in | app=c:\program files\dell 968 aio printer\memcard.exe |
"{D1A68E46-6FE4-4EF4-89F6-9AD170274299}" = protocol=17 | dir=in | app=c:\program files\aim6\aim6.exe |
"{D6F2466C-87E5-41C1-B1C2-22AEE6F669A6}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldotime.exe |
"{EF30363C-0955-412A-AFFE-033AB6A2E33B}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldojswx.exe |
"TCP Query User{6C22A355-8580-4D23-8A3B-B616E16678F9}C:\program files\dell 968 aio printer\dldomon.exe" = protocol=6 | dir=in | app=c:\program files\dell 968 aio printer\dldomon.exe |
"UDP Query User{76114866-7E8E-493E-8F36-5330F6060B23}C:\program files\dell 968 aio printer\dldomon.exe" = protocol=17 | dir=in | app=c:\program files\dell 968 aio printer\dldomon.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for TOSHIBA
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{425A2BC2-AA64-4107-9C29-484245BBEA05}" = TOSHIBA Software Upgrades
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Disc Creator
"{B9E8CAF9-B495-4E8B-89F6-588C2CEF9766}" = Sprint Mobile Broadband (Pantech)
"{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree
"{C53D16CC-E56F-47B8-906E-70AAF8EABB4F}" = Toshiba Registration
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{DB6F07FF-A436-453a-B685-F6C1F4F09D22}" = PANTECH PC Card Software
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{F7B05784-334C-4F76-8BAB-30ABEB7FD534}" = TIPCI
"{F7FC9307-374E-4017-8E9D-DE1154780480}" = System Requirements Lab for Intel
"{FA02ACAC-9E14-4878-A257-92A22A647C2C}" = LG USB Modem Drivers
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Agere Systems Soft Modem" = TOSHIBA Software Modem
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Dell 968 AIO Printer" = Dell 968 AIO Printer
"Desktop Dialer" = Desktop Dialer
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for TOSHIBA
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{F7B05784-334C-4F76-8BAB-30ABEB7FD534}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SprintMusicManagerA" = Sprint music manager
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Trend Micro HouseCall 6.6" = HouseCall 6.6
"ViewpointMediaPlayer" = Viewpoint Media Player

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2070189127-2915973664-339440138-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f031ef6ac137efc5" = Dell Driver Download Manager
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 3/11/2010 6:59:32 AM | Computer Name = howfrank-PC | Source = Windows Search Service | ID = 3007
Description =

Error - 3/13/2010 10:44:30 AM | Computer Name = howfrank-PC | Source = ESENT | ID = 623
Description = wuaueng.dll (1184) SUS20ClientDataStore: The version store for this
instance (0) has reached its maximum size of 8Mb. It is likely that a long-running
transaction is preventing cleanup of the version store and causing it to build
up in size. Updates will be rejected until the long-running transaction has been
completely committed or rolled back. Possible long-running transaction: SessionId:
0x01600320 Session-context: 0x00000000 Session-context ThreadId: 0x000017A4 Cleanup:
1

Error - 3/13/2010 10:45:03 AM | Computer Name = howfrank-PC | Source = ESENT | ID = 623
Description = wuaueng.dll (1184) SUS20ClientDataStore: The version store for this
instance (0) has reached its maximum size of 8Mb. It is likely that a long-running
transaction is preventing cleanup of the version store and causing it to build
up in size. Updates will be rejected until the long-running transaction has been
completely committed or rolled back. Possible long-running transaction: SessionId:
0x01600320 Session-context: 0x00000000 Session-context ThreadId: 0x000017A4 Cleanup:
1

Error - 3/13/2010 2:01:13 PM | Computer Name = howfrank-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 3/13/2010 2:13:23 PM | Computer Name = howfrank-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description =

Error - 3/13/2010 2:57:27 PM | Computer Name = howfrank-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 3/13/2010 2:57:27 PM | Computer Name = howfrank-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 3/13/2010 2:57:29 PM | Computer Name = howfrank-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 3/13/2010 2:57:29 PM | Computer Name = howfrank-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 3/13/2010 3:08:56 PM | Computer Name = howfrank-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description =

[ Media Center Events ]
Error - 6/3/2008 9:06:10 PM | Computer Name = howfrank-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 6/9/2009 10:09:28 AM | Computer Name = howfrank-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ System Events ]
Error - 3/24/2010 5:27:15 PM | Computer Name = howfrank-PC | Source = HTTP | ID = 15021
Description =

Error - 3/24/2010 5:27:15 PM | Computer Name = howfrank-PC | Source = HTTP | ID = 15021
Description =

Error - 3/24/2010 5:27:15 PM | Computer Name = howfrank-PC | Source = HTTP | ID = 15021
Description =

Error - 3/24/2010 5:27:15 PM | Computer Name = howfrank-PC | Source = HTTP | ID = 15021
Description =

Error - 3/24/2010 5:27:15 PM | Computer Name = howfrank-PC | Source = HTTP | ID = 15021
Description =

Error - 3/24/2010 5:27:15 PM | Computer Name = howfrank-PC | Source = HTTP | ID = 15021
Description =

Error - 3/24/2010 5:27:15 PM | Computer Name = howfrank-PC | Source = HTTP | ID = 15021
Description =

Error - 3/24/2010 5:27:46 PM | Computer Name = howfrank-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 3/24/2010 5:27:46 PM | Computer Name = howfrank-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 3/24/2010 5:27:46 PM | Computer Name = howfrank-PC | Source = Service Control Manager | ID = 7026
Description =


< End of report >

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~4\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\TOSHIBA\ivp\NetInt\Netint.exe" = C:\TOSHIBA\ivp\NetInt\Netint.exe:*:Enabled:NIE - Toshiba Software Upgrades Engine -- (TOSHIBA Corporation)
"C:\TOSHIBA\Ivp\ISM\pinger.exe" = C:\TOSHIBA\Ivp\ISM\pinger.exe:*:Enabled:Toshiba Software Upgrades Pinger -- ()


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{34BD2B73-A788-43B1-A191-9670522AB46C}" = lport=6331 | protocol=6 | dir=in | name=windows live onecare |
"{FDC3C33F-BD1A-4424-921D-EDB869FA007F}" = lport=63331 | protocol=6 | dir=in | name=windows live onecare |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1A1AE64C-5E23-4E7C-8DB8-4F5344E0140A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{22B83F35-D263-4778-AAD3-10742CFAD27B}" = protocol=17 | dir=in | app=c:\program files\dell 968 aio printer\memcard.exe |
"{265D2595-B232-4FCC-A04A-FE5E4CC10851}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{29ADD3C9-7A22-42F5-A39C-D5D1AFD21E51}" = protocol=6 | dir=in | app=c:\program files\dell 968 aio printer\dldofax.exe |
"{2A483765-7B5D-485E-B0D8-72845DFA6C1E}" = protocol=17 | dir=in | app=c:\windows\system32\dldocoms.exe |
"{372D6C85-2424-4AB4-93F6-EB153F87E299}" = protocol=6 | dir=in | app=c:\program files\aim6\aim6.exe |
"{39B9423E-553C-41CF-85F7-FFC6227C614D}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldopswx.exe |
"{3F367AB5-114A-4C4F-A67F-6F21CEB12889}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldopswx.exe |
"{41901B2B-271A-4FB4-99C7-12B08E6488E3}" = protocol=6 | dir=in | app=c:\program files\dell 968 aio printer\dldomon.exe |
"{42F52DE7-F4B4-4A66-AB5E-FDBEC0862AB7}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{6702D863-CEF3-4865-A61E-023A2D83F42B}" = protocol=17 | dir=in | app=c:\program files\dell 968 aio printer\dldofax.exe |
"{672E86D8-1B51-4F69-AAF3-D70A61971AA2}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldojswx.exe |
"{676FDDDA-C769-4DCA-B87C-CBC4257C037B}" = protocol=6 | dir=in | app=c:\users\howfrank\appdata\local\temp\dldo\wireless\english\dldowpss.exe |
"{70753E82-AD3F-49E3-B1C0-4221D2BBA77A}" = protocol=17 | dir=in | app=c:\program files\dell 968 aio printer\dldomon.exe |
"{70BE1A3A-240A-4BC0-88A4-D445DAAAC982}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldotime.exe |
"{7B12CD9C-7FCB-4C7D-BDFD-024A86816975}" = protocol=17 | dir=in | app=c:\users\howfrank\appdata\local\temp\dldo\wireless\english\dldowpss.exe |
"{8FD63693-11A3-48B0-8A88-681EA5E512A3}" = protocol=6 | dir=in | app=c:\windows\system32\dldocoms.exe |
"{971BB723-1237-4655-BB6E-5B4A436ABB57}" = protocol=17 | dir=in | app=c:\program files\dell 968 aio printer\dldoaiox.exe |
"{B01DD7EE-2C9D-4D8D-9E44-57360C7F24E1}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{C071C503-85A9-42F0-89E4-54CCD6A59C42}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{C2560694-46E1-4DB1-A19F-51A7EE1662FB}" = protocol=6 | dir=in | app=c:\program files\dell 968 aio printer\dldoaiox.exe |
"{CE443515-0C39-44D1-9DD1-DAFF7F1FC569}" = protocol=6 | dir=in | app=c:\program files\dell 968 aio printer\memcard.exe |
"{D1A68E46-6FE4-4EF4-89F6-9AD170274299}" = protocol=17 | dir=in | app=c:\program files\aim6\aim6.exe |
"{D6F2466C-87E5-41C1-B1C2-22AEE6F669A6}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldotime.exe |
"{EF30363C-0955-412A-AFFE-033AB6A2E33B}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldojswx.exe |
"TCP Query User{6C22A355-8580-4D23-8A3B-B616E16678F9}C:\program files\dell 968 aio printer\dldomon.exe" = protocol=6 | dir=in | app=c:\program files\dell 968 aio printer\dldomon.exe |
"UDP Query User{76114866-7E8E-493E-8F36-5330F6060B23}C:\program files\dell 968 aio printer\dldomon.exe" = protocol=17 | dir=in | app=c:\program files\dell 968 aio printer\dldomon.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for TOSHIBA
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{425A2BC2-AA64-4107-9C29-484245BBEA05}" = TOSHIBA Software Upgrades
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Disc Creator
"{B9E8CAF9-B495-4E8B-89F6-588C2CEF9766}" = Sprint Mobile Broadband (Pantech)
"{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree
"{C53D16CC-E56F-47B8-906E-70AAF8EABB4F}" = Toshiba Registration
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{DB6F07FF-A436-453a-B685-F6C1F4F09D22}" = PANTECH PC Card Software
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{F7B05784-334C-4F76-8BAB-30ABEB7FD534}" = TIPCI
"{F7FC9307-374E-4017-8E9D-DE1154780480}" = System Requirements Lab for Intel
"{FA02ACAC-9E14-4878-A257-92A22A647C2C}" = LG USB Modem Drivers
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Agere Systems Soft Modem" = TOSHIBA Software Modem
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Dell 968 AIO Printer" = Dell 968 AIO Printer
"Desktop Dialer" = Desktop Dialer
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for TOSHIBA
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{F7B05784-334C-4F76-8BAB-30ABEB7FD534}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SprintMusicManagerA" = Sprint music manager
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Trend Micro HouseCall 6.6" = HouseCall 6.6
"ViewpointMediaPlayer" = Viewpoint Media Player

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2070189127-2915973664-339440138-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f031ef6ac137efc5" = Dell Driver Download Manager
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 3/11/2010 6:59:32 AM | Computer Name = howfrank-PC | Source = Windows Search Service | ID = 3007
Description =

Error - 3/13/2010 10:44:30 AM | Computer Name = howfrank-PC | Source = ESENT | ID = 623
Description = wuaueng.dll (1184) SUS20ClientDataStore: The version store for this
instance (0) has reached its maximum size of 8Mb. It is likely that a long-running
transaction is preventing cleanup of the version store and causing it to build
up in size. Updates will be rejected until the long-running transaction has been
completely committed or rolled back. Possible long-running transaction: SessionId:
0x01600320 Session-context: 0x00000000 Session-context ThreadId: 0x000017A4 Cleanup:
1

Error - 3/13/2010 10:45:03 AM | Computer Name = howfrank-PC | Source = ESENT | ID = 623
Description = wuaueng.dll (1184) SUS20ClientDataStore: The version store for this
instance (0) has reached its maximum size of 8Mb. It is likely that a long-running
transaction is preventing cleanup of the version store and causing it to build
up in size. Updates will be rejected until the long-running transaction has been
completely committed or rolled back. Possible long-running transaction: SessionId:
0x01600320 Session-context: 0x00000000 Session-context ThreadId: 0x000017A4 Cleanup:
1

Error - 3/13/2010 2:01:13 PM | Computer Name = howfrank-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 3/13/2010 2:13:23 PM | Computer Name = howfrank-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description =

Error - 3/13/2010 2:57:27 PM | Computer Name = howfrank-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 3/13/2010 2:57:27 PM | Computer Name = howfrank-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 3/13/2010 2:57:29 PM | Computer Name = howfrank-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 3/13/2010 2:57:29 PM | Computer Name = howfrank-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 3/13/2010 3:08:56 PM | Computer Name = howfrank-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description =

[ Media Center Events ]
Error - 6/3/2008 9:06:10 PM | Computer Name = howfrank-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 6/9/2009 10:09:28 AM | Computer Name = howfrank-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ System Events ]
Error - 3/24/2010 5:27:15 PM | Computer Name = howfrank-PC | Source = HTTP | ID = 15021
Description =

Error - 3/24/2010 5:27:15 PM | Computer Name = howfrank-PC | Source = HTTP | ID = 15021
Description =

Error - 3/24/2010 5:27:15 PM | Computer Name = howfrank-PC | Source = HTTP | ID = 15021
Description =

Error - 3/24/2010 5:27:15 PM | Computer Name = howfrank-PC | Source = HTTP | ID = 15021
Description =

Error - 3/24/2010 5:27:15 PM | Computer Name = howfrank-PC | Source = HTTP | ID = 15021
Description =

Error - 3/24/2010 5:27:15 PM | Computer Name = howfrank-PC | Source = HTTP | ID = 15021
Description =

Error - 3/24/2010 5:27:15 PM | Computer Name = howfrank-PC | Source = HTTP | ID = 15021
Description =

Error - 3/24/2010 5:27:46 PM | Computer Name = howfrank-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 3/24/2010 5:27:46 PM | Computer Name = howfrank-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 3/24/2010 5:27:46 PM | Computer Name = howfrank-PC | Source = Service Control Manager | ID = 7026
Description =


< End of report >
briolette
Regular Member
 
Posts: 81
Joined: January 8th, 2009, 11:18 am

Re: OS Frequently Crashes, Not Recognizing Driver Updates

Unread postby briolette » March 24th, 2010, 6:55 pm

OTL logfile created on: 3/24/2010 5:53:43 PM - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Users\howfrank\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,013.00 Mb Total Physical Memory | 417.00 Mb Available Physical Memory | 41.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 55.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 104.37 Gb Total Space | 66.30 Gb Free Space | 63.52% Space Free | Partition Type: NTFS
Drive D: | 702.31 Mb Total Space | 636.55 Mb Free Space | 90.64% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HOWFRANK-PC
Current User Name: howfrank
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\howfrank\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil10e.exe (Adobe Systems, Inc.)
PRC - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Dell 968 AIO Printer\dldomon.exe ()
PRC - C:\Program Files\Dell 968 AIO Printer\memcard.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Synaptics\SynTP\SynToshiba.exe (Synaptics, Inc.)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Windows\System32\dldocoms.exe ( )
PRC - C:\Program Files\Sprint\Pantech\Sprint Mobile Broadband (Pantech)\PWIUtilityService.exe (Sprint Spectrum, L.L.C)
PRC - c:\Toshiba\IVP\swupdate\swupdtmr.exe ()
PRC - C:\Toshiba\IVP\ISM\pinger.exe ()
PRC - C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
PRC - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
PRC - C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
PRC - C:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
PRC - C:\Program Files\Toshiba\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Toshiba\Utilities\KeNotify.exe ()
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
PRC - C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
PRC - C:\Program Files\ltmoh\ltmoh.exe (Agere Systems)


========== Modules (SafeList) ==========

MOD - C:\Users\howfrank\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\GdiPlus.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (WAS) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (W3SVC) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AppHostSvc) -- C:\Windows\System32\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (dldoCATSCustConnectService) -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\dldoserv.exe ()
SRV - (dldo_device) -- C:\Windows\System32\dldocoms.exe ( )
SRV - (Pantech Utility Service) -- C:\Program Files\Sprint\Pantech\Sprint Mobile Broadband (Pantech)\PWIUtilityService.exe (Sprint Spectrum, L.L.C)
SRV - (Swupdtmr) -- c:\Toshiba\IVP\swupdate\swupdtmr.exe ()
SRV - (pinger) -- C:\Toshiba\IVP\ISM\pinger.exe ()
SRV - (Viewpoint Manager Service) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
SRV - (TosCoSrv) -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
SRV - (CFSvcs) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
SRV - (TOSHIBA Bluetooth Service) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (UleadBurningHelper) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
SRV - (TODDSrv) -- C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)


========== Driver Services (SafeList) ==========

DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (ialm) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (tmcomm) -- C:\Windows\System32\drivers\tmcomm.sys (Trend Micro Inc.)
DRV - (TVALZ) -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS (TOSHIBA Corporation)
DRV - (PTDCVsp) PANTECH PC Card Diagnostic Serial Port (UDP) -- C:\Windows\System32\drivers\PTDCVsp.sys (DEVGURU Co,LTD.)
DRV - (PTDCMdm) PANTECH PC Card Drivers (UDP) -- C:\Windows\System32\drivers\PTDCMdm.sys (DEVGURU Co,LTD.)
DRV - (PTDCBus) PANTECH PC Card Composite Device Driver (UDP) -- C:\Windows\System32\drivers\PTDCBus.sys (DEVGURU Co,LTD.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (NETw3v32) Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel® Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (tosrfec) -- C:\Windows\System32\drivers\tosrfec.sys (TOSHIBA Corporation)
DRV - (tdcmdpst) -- C:\Windows\System32\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV - (KR3NPXP) -- C:\Windows\system32\drivers\kr3npxp.sys (TOSHIBA CORPORATION)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (LPCFilter) -- C:\Windows\system32\DRIVERS\LPCFilter.sys (COMPAL ELECTRONIC INC.)
DRV - (tifm21) -- C:\Windows\System32\drivers\tifm21.sys (Texas Instruments)
DRV - (KR10I) -- C:\Windows\system32\drivers\kr10i.sys (TOSHIBA CORPORATION)
DRV - (KR10N) -- C:\Windows\system32\drivers\kr10n.sys (TOSHIBA CORPORATION)
DRV - (Tosrfcom) -- C:\Windows\System32\drivers\tosrfcom.sys (TOSHIBA Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2070189127-2915973664-339440138-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2070189127-2915973664-339440138-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2070189127-2915973664-339440138-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/index.php?lh=ad ... f9020becd&
IE - HKU\S-1-5-21-2070189127-2915973664-339440138-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2070189127-2915973664-339440138-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Dell 968 AIO Printer Fax Server] C:\Program Files\Dell 968 AIO Printer\fm3032.exe ()
O4 - HKLM..\Run: [dldomon.exe] C:\Program Files\Dell 968 AIO Printer\dldomon.exe ()
O4 - HKLM..\Run: [HSON] C:\Program Files\Toshiba\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [KeNotify] C:\Program Files\Toshiba\Utilities\KeNotify.exe ()
O4 - HKLM..\Run: [LtMoh] C:\Program Files\ltmoh\ltmoh.exe (Agere Systems)
O4 - HKLM..\Run: [MemoryCardManager] C:\Program Files\Dell 968 AIO Printer\memcard.exe ()
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [PINGER] C:\TOSHIBA\IVP\ISM\pinger.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2070189127-2915973664-339440138-1000..\Run: [TOSCDSPD] File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.co ... 1.66.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/03/24 17:48:16 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Users\howfrank\Desktop\OTL.exe
[2010/03/14 10:57:18 | 000,059,392 | ---- | C] (Realtek Corporation) -- C:\Windows\System32\drivers\Rtlh86.sys
[2010/03/14 10:39:53 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2010/03/13 21:58:39 | 000,000,000 | ---D | C] -- C:\inetpub
[2010/03/13 13:46:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010/03/13 13:43:00 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010/03/13 13:43:00 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010/03/13 13:43:00 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010/03/13 13:41:50 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/03/13 13:17:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/03/13 13:16:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/03/13 13:12:18 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deploytk.dll
[2010/03/13 11:17:24 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/03/13 11:17:19 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/03/11 14:34:38 | 000,000,000 | ---D | C] -- C:\Users\howfrank\AppData\Roaming\Malwarebytes
[2010/03/11 14:34:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/03/11 14:34:29 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/03/11 11:55:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2010/03/11 11:27:51 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Users\howfrank\Desktop\ATF-Cleaner.exe
[2010/03/11 06:55:31 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2010/03/11 06:55:19 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2010/03/04 17:01:01 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2010/03/04 17:01:00 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010/03/04 17:01:00 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010/02/26 11:29:29 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010/02/26 11:26:11 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010/02/26 11:20:06 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010/02/26 11:20:06 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010/02/26 11:20:04 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010/02/26 11:20:04 | 000,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010/02/26 11:20:04 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010/02/26 11:20:04 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010/02/26 11:20:03 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2010/02/26 11:20:03 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010/02/26 11:20:03 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010/01/06 14:18:00 | 001,069,056 | ---- | C] ( ) -- C:\Windows\System32\dldoserv.dll
[2010/01/06 14:18:00 | 000,954,368 | ---- | C] ( ) -- C:\Windows\System32\dldousb1.dll
[2010/01/06 14:18:00 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dldopmui.dll
[2010/01/06 14:18:00 | 000,569,344 | ---- | C] ( ) -- C:\Windows\System32\dldolmpm.dll
[2010/01/06 14:18:00 | 000,438,272 | ---- | C] ( ) -- C:\Windows\System32\dldohcp.dll
[2010/01/06 14:18:00 | 000,360,448 | ---- | C] ( ) -- C:\Windows\System32\dldoinpa.dll
[2010/01/06 14:18:00 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\dldoiesc.dll
[2010/01/06 14:18:00 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\dldoprox.dll
[2010/01/06 14:17:59 | 000,851,968 | ---- | C] ( ) -- C:\Windows\System32\dldocomc.dll
[2010/01/06 14:17:59 | 000,663,552 | ---- | C] ( ) -- C:\Windows\System32\dldohbn3.dll
[2010/01/06 14:17:59 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\dldocomm.dll
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/03/24 17:49:07 | 001,572,864 | -HS- | M] () -- C:\Users\howfrank\ntuser.dat
[2010/03/24 17:48:25 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Users\howfrank\Desktop\OTL.exe
[2010/03/24 17:27:27 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/03/24 17:27:27 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/03/24 17:27:14 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/03/24 17:27:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/03/24 15:46:08 | 000,524,288 | -HS- | M] () -- C:\Users\howfrank\ntuser.dat{77c4447f-6621-11dd-9558-a12f6f622c63}.TMContainer00000000000000000001.regtrans-ms
[2010/03/24 15:46:08 | 000,065,536 | -HS- | M] () -- C:\Users\howfrank\ntuser.dat{77c4447f-6621-11dd-9558-a12f6f622c63}.TM.blf
[2010/03/24 00:28:21 | 000,014,848 | ---- | M] () -- C:\Users\howfrank\Desktop\2010 Salvation Army Donations.wps
[2010/03/24 00:28:21 | 000,000,434 | ---- | M] () -- C:\Users\howfrank\AppData\Roaming\wklnhst.dat
[2010/03/22 14:54:28 | 003,501,936 | -H-- | M] () -- C:\Users\howfrank\AppData\Local\IconCache.db
[2010/03/22 09:02:00 | 000,000,206 | ---- | M] () -- C:\Users\howfrank\Desktop\Kennedy Krieger Institute Nursing Department.url
[2010/03/18 18:10:04 | 000,769,778 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/03/18 18:10:04 | 000,653,380 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/03/18 18:10:04 | 000,120,580 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/03/16 09:47:43 | 000,001,845 | ---- | M] () -- C:\Users\howfrank\Desktop\HijackThis.lnk
[2010/03/15 05:05:05 | 000,002,838 | ---- | M] () -- C:\Windows\machine.ver
[2010/03/15 05:04:26 | 000,000,067 | ---- | M] () -- C:\Windows\swupdate.INI
[2010/03/14 10:50:24 | 000,016,066 | ---- | M] () -- C:\Windows\System32\results.xml
[2010/03/13 14:33:43 | 000,000,201 | ---- | M] () -- C:\Users\howfrank\Desktop\F-Secure Health Check.url
[2010/03/13 13:42:17 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010/03/13 13:42:16 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010/03/13 13:42:16 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010/03/13 13:11:33 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deploytk.dll
[2010/03/13 12:59:52 | 000,001,615 | ---- | M] () -- C:\Users\howfrank\Desktop\mvps.bat
[2010/03/13 11:17:26 | 000,000,789 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/11 11:27:54 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Users\howfrank\Desktop\ATF-Cleaner.exe
[2010/02/26 11:41:00 | 000,083,288 | ---- | M] () -- C:\Users\howfrank\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/02/26 11:39:48 | 000,326,088 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/02/24 10:16:06 | 000,181,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/03/22 13:26:12 | 000,014,848 | ---- | C] () -- C:\Users\howfrank\Desktop\2010 Salvation Army Donations.wps
[2010/03/16 09:47:43 | 000,001,845 | ---- | C] () -- C:\Users\howfrank\Desktop\HijackThis.lnk
[2010/03/15 05:04:22 | 000,000,067 | ---- | C] () -- C:\Windows\swupdate.INI
[2010/03/13 14:33:43 | 000,000,201 | ---- | C] () -- C:\Users\howfrank\Desktop\F-Secure Health Check.url
[2010/03/13 11:17:26 | 000,000,789 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/06 14:25:53 | 000,045,056 | ---- | C] () -- C:\Windows\System32\DLDOPMON.DLL
[2010/01/06 14:25:53 | 000,032,768 | ---- | C] () -- C:\Windows\System32\DLDOFXPU.DLL
[2010/01/06 14:25:33 | 000,049,152 | ---- | C] () -- C:\Windows\System32\dldooem.dll
[2010/01/06 14:25:33 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DLDOPMRC.DLL
[2010/01/06 14:18:00 | 000,503,808 | ---- | C] () -- C:\Windows\System32\dldoutil.dll
[2010/01/06 14:18:00 | 000,348,160 | ---- | C] () -- C:\Windows\System32\dldoinst.dll
[2010/01/06 14:18:00 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dldoinsb.dll
[2010/01/06 14:18:00 | 000,143,360 | ---- | C] () -- C:\Windows\System32\dldojswr.dll
[2010/01/06 14:17:59 | 000,208,896 | ---- | C] () -- C:\Windows\System32\dldogrd.dll
[2010/01/06 14:17:59 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dldoins.dll
[2010/01/06 14:17:59 | 000,106,496 | ---- | C] () -- C:\Windows\System32\dldoinsr.dll
[2010/01/06 14:17:59 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dldocub.dll
[2010/01/06 14:17:59 | 000,077,824 | ---- | C] () -- C:\Windows\System32\dldocu.dll
[2010/01/06 14:17:59 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dldocur.dll
[2010/01/06 14:17:58 | 000,077,906 | ---- | C] () -- C:\Windows\System32\dldocfg.dll
[2009/09/26 09:21:57 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/03/13 18:05:39 | 000,000,434 | ---- | C] () -- C:\Users\howfrank\AppData\Roaming\wklnhst.dat
[2008/06/18 13:51:06 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1504.dll
[2008/02/16 21:23:41 | 000,000,262 | ---- | C] () -- C:\Users\howfrank\AppData\Roaming\WinssCookie.txt
[2008/02/11 19:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2007/09/06 17:40:36 | 000,692,224 | ---- | C] () -- C:\Windows\System32\dldodrs.dll
[2007/08/31 15:51:12 | 000,065,536 | ---- | C] () -- C:\Windows\System32\dldocaps.dll
[2007/08/03 14:08:52 | 000,348,160 | ---- | C] () -- C:\Windows\System32\dldocoin.dll
[2007/07/09 18:57:17 | 000,024,576 | ---- | C] () -- C:\Users\howfrank\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/06/14 17:45:06 | 000,069,632 | ---- | C] () -- C:\Windows\System32\dldocnv4.dll
[2007/01/05 19:35:18 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2007/01/05 19:16:26 | 000,524,288 | -HS- | C] () -- C:\ProgramData\ntuser.dat{0dd9af65-9d0b-11db-8678-0016d42a45f8}.TMContainer00000000000000000002.regtrans-ms
[2007/01/05 19:16:26 | 000,524,288 | -HS- | C] () -- C:\ProgramData\ntuser.dat{0dd9af65-9d0b-11db-8678-0016d42a45f8}.TMContainer00000000000000000001.regtrans-ms
[2007/01/05 19:16:26 | 000,065,536 | -HS- | C] () -- C:\ProgramData\ntuser.dat{0dd9af65-9d0b-11db-8678-0016d42a45f8}.TM.blf
[2007/01/05 19:16:25 | 000,524,288 | -HS- | C] () -- C:\ProgramData\ntuser.dat{0dd9af55-9d0b-11db-8678-0016d42a45f8}.TMContainer00000000000000000002.regtrans-ms
[2007/01/05 19:16:25 | 000,524,288 | -HS- | C] () -- C:\ProgramData\ntuser.dat{0dd9af55-9d0b-11db-8678-0016d42a45f8}.TMContainer00000000000000000001.regtrans-ms
[2007/01/05 19:16:25 | 000,262,144 | ---- | C] () -- C:\ProgramData\ntuser.dat
[2007/01/05 19:16:25 | 000,065,536 | -HS- | C] () -- C:\ProgramData\ntuser.dat{0dd9af55-9d0b-11db-8678-0016d42a45f8}.TM.blf
[2007/01/05 19:16:25 | 000,005,120 | -H-- | C] () -- C:\ProgramData\ntuser.dat.LOG1
[2007/01/05 19:16:25 | 000,000,000 | -H-- | C] () -- C:\ProgramData\ntuser.dat.LOG2
[2007/01/05 18:59:02 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2007/01/05 18:59:02 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2007/01/05 18:59:02 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2007/01/05 18:59:02 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2007/01/05 18:59:02 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2007/01/05 18:59:02 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2007/01/05 18:35:11 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2007/01/05 18:35:11 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2007/01/05 18:35:11 | 000,010,150 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2007/01/05 18:35:11 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2006/11/29 01:12:18 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1132.dll
[2006/11/24 11:48:44 | 000,036,864 | ---- | C] () -- C:\Windows\System32\HWS_Ctrl.dll
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/10/31 21:37:00 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2006/08/10 19:00:52 | 000,094,208 | ---- | C] () -- C:\Windows\System32\TosBtHcrpAPI.dll
[2006/08/01 02:53:18 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dldovs.dll
[2006/03/09 13:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005/11/23 18:55:42 | 000,024,576 | ---- | C] () -- C:\Windows\System32\SPCtl.dll
[2005/07/23 01:30:20 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
< End of report >
[2010/03/24 17:57:02 | 001,572,864 | -HS- | M] () -- C:\Users\howfrank\ntuser.dat
[2010/03/24 17:48:25 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Users\howfrank\Desktop\OTL.exe
[2010/03/24 17:27:14 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/03/24 17:27:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/03/24 15:46:08 | 000,524,288 | -HS- | M] () -- C:\Users\howfrank\ntuser.dat{77c4447f-6621-11dd-9558-a12f6f622c63}.TMContainer00000000000000000001.regtrans-ms
[2010/03/24 15:46:08 | 000,065,536 | -HS- | M] () -- C:\Users\howfrank\ntuser.dat{77c4447f-6621-11dd-9558-a12f6f622c63}.TM.blf
[2010/03/24 00:28:21 | 000,014,848 | ---- | M] () -- C:\Users\howfrank\Desktop\2010 Salvation Army Donations.wps
[2010/03/24 00:28:21 | 000,000,434 | ---- | M] () -- C:\Users\howfrank\AppData\Roaming\wklnhst.dat
[2010/03/22 14:54:28 | 003,501,936 | -H-- | M] () -- C:\Users\howfrank\AppData\Local\IconCache.db
[2010/03/22 09:02:00 | 000,000,206 | ---- | M] () -- C:\Users\howfrank\Desktop\Kennedy Krieger Institute Nursing Department.url
[2010/03/18 18:10:04 | 000,769,778 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/03/18 18:10:04 | 000,653,380 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/03/18 18:10:04 | 000,120,580 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/03/16 09:47:43 | 000,001,845 | ---- | M] () -- C:\Users\howfrank\Desktop\HijackThis.lnk
[2010/03/15 05:05:05 | 000,002,838 | ---- | M] () -- C:\Windows\machine.ver
[2010/03/15 05:04:26 | 000,000,067 | ---- | M] () -- C:\Windows\swupdate.INI
[2010/03/14 10:50:24 | 000,016,066 | ---- | M] () -- C:\Windows\System32\results.xml
[2010/03/13 14:33:43 | 000,000,201 | ---- | M] () -- C:\Users\howfrank\Desktop\F-Secure Health Check.url
[2010/03/13 13:42:17 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010/03/13 13:42:16 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010/03/13 13:42:16 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010/03/13 12:59:52 | 000,001,615 | ---- | M] () -- C:\Users\howfrank\Desktop\mvps.bat
[2010/03/13 11:17:26 | 000,000,789 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/11 11:27:54 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Users\howfrank\Desktop\ATF-Cleaner.exe
[2010/02/26 11:41:00 | 000,083,288 | ---- | M] () -- C:\Users\howfrank\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/02/26 11:39:48 | 000,326,088 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/02/24 10:16:06 | 000,181,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

< End of report >
SRV - (WAS) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (W3SVC) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AppHostSvc) -- C:\Windows\System32\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (dldoCATSCustConnectService) -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\dldoserv.exe ()
SRV - (dldo_device) -- C:\Windows\System32\dldocoms.exe ( )
SRV - (Pantech Utility Service) -- C:\Program Files\Sprint\Pantech\Sprint Mobile Broadband (Pantech)\PWIUtilityService.exe (Sprint Spectrum, L.L.C)
SRV - (Swupdtmr) -- c:\Toshiba\IVP\swupdate\swupdtmr.exe ()
SRV - (pinger) -- C:\Toshiba\IVP\ISM\pinger.exe ()
SRV - (Viewpoint Manager Service) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
SRV - (TosCoSrv) -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
SRV - (CFSvcs) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
SRV - (TOSHIBA Bluetooth Service) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (UleadBurningHelper) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
SRV - (TODDSrv) -- C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)


========== Driver Services (SafeList) ==========

DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (ialm) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (tmcomm) -- C:\Windows\System32\drivers\tmcomm.sys (Trend Micro Inc.)
DRV - (TVALZ) -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS (TOSHIBA Corporation)
DRV - (PTDCVsp) PANTECH PC Card Diagnostic Serial Port (UDP) -- C:\Windows\System32\drivers\PTDCVsp.sys (DEVGURU Co,LTD.)
DRV - (PTDCMdm) PANTECH PC Card Drivers (UDP) -- C:\Windows\System32\drivers\PTDCMdm.sys (DEVGURU Co,LTD.)
DRV - (PTDCBus) PANTECH PC Card Composite Device Driver (UDP) -- C:\Windows\System32\drivers\PTDCBus.sys (DEVGURU Co,LTD.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (NETw3v32) Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel® Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (tosrfec) -- C:\Windows\System32\drivers\tosrfec.sys (TOSHIBA Corporation)
DRV - (tdcmdpst) -- C:\Windows\System32\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV - (KR3NPXP) -- C:\Windows\system32\drivers\kr3npxp.sys (TOSHIBA CORPORATION)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (LPCFilter) -- C:\Windows\system32\DRIVERS\LPCFilter.sys (COMPAL ELECTRONIC INC.)
DRV - (tifm21) -- C:\Windows\System32\drivers\tifm21.sys (Texas Instruments)
DRV - (KR10I) -- C:\Windows\system32\drivers\kr10i.sys (TOSHIBA CORPORATION)
DRV - (KR10N) -- C:\Windows\system32\drivers\kr10n.sys (TOSHIBA CORPORATION)
DRV - (Tosrfcom) -- C:\Windows\System32\drivers\tosrfcom.sys (TOSHIBA Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2070189127-2915973664-339440138-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2070189127-2915973664-339440138-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2070189127-2915973664-339440138-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/index.php?lh=ad ... f9020becd&
IE - HKU\S-1-5-21-2070189127-2915973664-339440138-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2070189127-2915973664-339440138-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Dell 968 AIO Printer Fax Server] C:\Program Files\Dell 968 AIO Printer\fm3032.exe ()
O4 - HKLM..\Run: [dldomon.exe] C:\Program Files\Dell 968 AIO Printer\dldomon.exe ()
O4 - HKLM..\Run: [HSON] C:\Program Files\Toshiba\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [KeNotify] C:\Program Files\Toshiba\Utilities\KeNotify.exe ()
O4 - HKLM..\Run: [LtMoh] C:\Program Files\ltmoh\ltmoh.exe (Agere Systems)
O4 - HKLM..\Run: [MemoryCardManager] C:\Program Files\Dell 968 AIO Printer\memcard.exe ()
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [PINGER] C:\TOSHIBA\IVP\ISM\pinger.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2070189127-2915973664-339440138-1000..\Run: [TOSCDSPD] File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.co ... 1.66.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/03/24 17:48:16 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Users\howfrank\Desktop\OTL.exe
[2010/03/14 10:57:18 | 000,059,392 | ---- | C] (Realtek Corporation) -- C:\Windows\System32\drivers\Rtlh86.sys
[2010/03/14 10:39:53 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2010/03/13 21:58:39 | 000,000,000 | ---D | C] -- C:\inetpub
[2010/03/13 13:46:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010/03/13 13:43:00 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010/03/13 13:43:00 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010/03/13 13:43:00 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010/03/13 13:41:50 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/03/13 13:17:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/03/13 13:16:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/03/13 13:12:18 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deploytk.dll
[2010/03/13 11:17:24 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/03/13 11:17:19 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/03/11 14:34:38 | 000,000,000 | ---D | C] -- C:\Users\howfrank\AppData\Roaming\Malwarebytes
[2010/03/11 14:34:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/03/11 14:34:29 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/03/11 11:55:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2010/03/11 11:27:51 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Users\howfrank\Desktop\ATF-Cleaner.exe
[2010/03/11 06:55:31 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2010/03/11 06:55:19 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2010/03/04 17:01:01 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2010/03/04 17:01:00 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010/03/04 17:01:00 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010/02/26 11:29:29 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010/02/26 11:26:11 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010/02/26 11:20:06 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010/02/26 11:20:06 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010/02/26 11:20:04 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010/02/26 11:20:04 | 000,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010/02/26 11:20:04 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010/02/26 11:20:04 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010/02/26 11:20:03 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2010/02/26 11:20:03 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010/02/26 11:20:03 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010/01/06 14:18:00 | 001,069,056 | ---- | C] ( ) -- C:\Windows\System32\dldoserv.dll
[2010/01/06 14:18:00 | 000,954,368 | ---- | C] ( ) -- C:\Windows\System32\dldousb1.dll
[2010/01/06 14:18:00 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dldopmui.dll
[2010/01/06 14:18:00 | 000,569,344 | ---- | C] ( ) -- C:\Windows\System32\dldolmpm.dll
[2010/01/06 14:18:00 | 000,438,272 | ---- | C] ( ) -- C:\Windows\System32\dldohcp.dll
[2010/01/06 14:18:00 | 000,360,448 | ---- | C] ( ) -- C:\Windows\System32\dldoinpa.dll
[2010/01/06 14:18:00 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\dldoiesc.dll
[2010/01/06 14:18:00 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\dldoprox.dll
[2010/01/06 14:17:59 | 000,851,968 | ---- | C] ( ) -- C:\Windows\System32\dldocomc.dll
[2010/01/06 14:17:59 | 000,663,552 | ---- | C] ( ) -- C:\Windows\System32\dldohbn3.dll
[2010/01/06 14:17:59 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\dldocomm.dll
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/03/24 17:59:04 | 001,572,864 | -HS- | M] () -- C:\Users\howfrank\ntuser.dat
[2010/03/24 17:48:25 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Users\howfrank\Desktop\OTL.exe
[2010/03/24 17:27:27 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/03/24 17:27:27 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/03/24 17:27:14 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/03/24 17:27:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/03/24 15:46:08 | 000,524,288 | -HS- | M] () -- C:\Users\howfrank\ntuser.dat{77c4447f-6621-11dd-9558-a12f6f622c63}.TMContainer00000000000000000001.regtrans-ms
[2010/03/24 15:46:08 | 000,065,536 | -HS- | M] () -- C:\Users\howfrank\ntuser.dat{77c4447f-6621-11dd-9558-a12f6f622c63}.TM.blf
[2010/03/24 00:28:21 | 000,014,848 | ---- | M] () -- C:\Users\howfrank\Desktop\2010 Salvation Army Donations.wps
[2010/03/24 00:28:21 | 000,000,434 | ---- | M] () -- C:\Users\howfrank\AppData\Roaming\wklnhst.dat
[2010/03/22 14:54:28 | 003,501,936 | -H-- | M] () -- C:\Users\howfrank\AppData\Local\IconCache.db
[2010/03/22 09:02:00 | 000,000,206 | ---- | M] () -- C:\Users\howfrank\Desktop\Kennedy Krieger Institute Nursing Department.url
[2010/03/18 18:10:04 | 000,769,778 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/03/18 18:10:04 | 000,653,380 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/03/18 18:10:04 | 000,120,580 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/03/16 09:47:43 | 000,001,845 | ---- | M] () -- C:\Users\howfrank\Desktop\HijackThis.lnk
[2010/03/15 05:05:05 | 000,002,838 | ---- | M] () -- C:\Windows\machine.ver
[2010/03/15 05:04:26 | 000,000,067 | ---- | M] () -- C:\Windows\swupdate.INI
[2010/03/14 10:50:24 | 000,016,066 | ---- | M] () -- C:\Windows\System32\results.xml
[2010/03/13 14:33:43 | 000,000,201 | ---- | M] () -- C:\Users\howfrank\Desktop\F-Secure Health Check.url
[2010/03/13 13:42:17 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010/03/13 13:42:16 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010/03/13 13:42:16 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010/03/13 13:11:33 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deploytk.dll
[2010/03/13 12:59:52 | 000,001,615 | ---- | M] () -- C:\Users\howfrank\Desktop\mvps.bat
[2010/03/13 11:17:26 | 000,000,789 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/11 11:27:54 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Users\howfrank\Desktop\ATF-Cleaner.exe
[2010/02/26 11:41:00 | 000,083,288 | ---- | M] () -- C:\Users\howfrank\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/02/26 11:39:48 | 000,326,088 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/02/24 10:16:06 | 000,181,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/03/22 13:26:12 | 000,014,848 | ---- | C] () -- C:\Users\howfrank\Desktop\2010 Salvation Army Donations.wps
[2010/03/16 09:47:43 | 000,001,845 | ---- | C] () -- C:\Users\howfrank\Desktop\HijackThis.lnk
[2010/03/15 05:04:22 | 000,000,067 | ---- | C] () -- C:\Windows\swupdate.INI
[2010/03/13 14:33:43 | 000,000,201 | ---- | C] () -- C:\Users\howfrank\Desktop\F-Secure Health Check.url
[2010/03/13 11:17:26 | 000,000,789 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/06 14:25:53 | 000,045,056 | ---- | C] () -- C:\Windows\System32\DLDOPMON.DLL
[2010/01/06 14:25:53 | 000,032,768 | ---- | C] () -- C:\Windows\System32\DLDOFXPU.DLL
[2010/01/06 14:25:33 | 000,049,152 | ---- | C] () -- C:\Windows\System32\dldooem.dll
[2010/01/06 14:25:33 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DLDOPMRC.DLL
[2010/01/06 14:18:00 | 000,503,808 | ---- | C] () -- C:\Windows\System32\dldoutil.dll
[2010/01/06 14:18:00 | 000,348,160 | ---- | C] () -- C:\Windows\System32\dldoinst.dll
[2010/01/06 14:18:00 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dldoinsb.dll
[2010/01/06 14:18:00 | 000,143,360 | ---- | C] () -- C:\Windows\System32\dldojswr.dll
[2010/01/06 14:17:59 | 000,208,896 | ---- | C] () -- C:\Windows\System32\dldogrd.dll
[2010/01/06 14:17:59 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dldoins.dll
[2010/01/06 14:17:59 | 000,106,496 | ---- | C] () -- C:\Windows\System32\dldoinsr.dll
[2010/01/06 14:17:59 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dldocub.dll
[2010/01/06 14:17:59 | 000,077,824 | ---- | C] () -- C:\Windows\System32\dldocu.dll
[2010/01/06 14:17:59 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dldocur.dll
[2010/01/06 14:17:58 | 000,077,906 | ---- | C] () -- C:\Windows\System32\dldocfg.dll
[2009/09/26 09:21:57 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/03/13 18:05:39 | 000,000,434 | ---- | C] () -- C:\Users\howfrank\AppData\Roaming\wklnhst.dat
[2008/06/18 13:51:06 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1504.dll
[2008/02/16 21:23:41 | 000,000,262 | ---- | C] () -- C:\Users\howfrank\AppData\Roaming\WinssCookie.txt
[2008/02/11 19:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2007/09/06 17:40:36 | 000,692,224 | ---- | C] () -- C:\Windows\System32\dldodrs.dll
[2007/08/31 15:51:12 | 000,065,536 | ---- | C] () -- C:\Windows\System32\dldocaps.dll
[2007/08/03 14:08:52 | 000,348,160 | ---- | C] () -- C:\Windows\System32\dldocoin.dll
[2007/07/09 18:57:17 | 000,024,576 | ---- | C] () -- C:\Users\howfrank\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/06/14 17:45:06 | 000,069,632 | ---- | C] () -- C:\Windows\System32\dldocnv4.dll
[2007/01/05 19:35:18 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2007/01/05 19:16:26 | 000,524,288 | -HS- | C] () -- C:\ProgramData\ntuser.dat{0dd9af65-9d0b-11db-8678-0016d42a45f8}.TMContainer00000000000000000002.regtrans-ms
[2007/01/05 19:16:26 | 000,524,288 | -HS- | C] () -- C:\ProgramData\ntuser.dat{0dd9af65-9d0b-11db-8678-0016d42a45f8}.TMContainer00000000000000000001.regtrans-ms
[2007/01/05 19:16:26 | 000,065,536 | -HS- | C] () -- C:\ProgramData\ntuser.dat{0dd9af65-9d0b-11db-8678-0016d42a45f8}.TM.blf
[2007/01/05 19:16:25 | 000,524,288 | -HS- | C] () -- C:\ProgramData\ntuser.dat{0dd9af55-9d0b-11db-8678-0016d42a45f8}.TMContainer00000000000000000002.regtrans-ms
[2007/01/05 19:16:25 | 000,524,288 | -HS- | C] () -- C:\ProgramData\ntuser.dat{0dd9af55-9d0b-11db-8678-0016d42a45f8}.TMContainer00000000000000000001.regtrans-ms
[2007/01/05 19:16:25 | 000,262,144 | ---- | C] () -- C:\ProgramData\ntuser.dat
[2007/01/05 19:16:25 | 000,065,536 | -HS- | C] () -- C:\ProgramData\ntuser.dat{0dd9af55-9d0b-11db-8678-0016d42a45f8}.TM.blf
[2007/01/05 19:16:25 | 000,005,120 | -H-- | C] () -- C:\ProgramData\ntuser.dat.LOG1
[2007/01/05 19:16:25 | 000,000,000 | -H-- | C] () -- C:\ProgramData\ntuser.dat.LOG2
[2007/01/05 18:59:02 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2007/01/05 18:59:02 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2007/01/05 18:59:02 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2007/01/05 18:59:02 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2007/01/05 18:59:02 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2007/01/05 18:59:02 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2007/01/05 18:35:11 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2007/01/05 18:35:11 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2007/01/05 18:35:11 | 000,010,150 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2007/01/05 18:35:11 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2006/11/29 01:12:18 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1132.dll
[2006/11/24 11:48:44 | 000,036,864 | ---- | C] () -- C:\Windows\System32\HWS_Ctrl.dll
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/10/31 21:37:00 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2006/08/10 19:00:52 | 000,094,208 | ---- | C] () -- C:\Windows\System32\TosBtHcrpAPI.dll
[2006/08/01 02:53:18 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dldovs.dll
[2006/03/09 13:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005/11/23 18:55:42 | 000,024,576 | ---- | C] () -- C:\Windows\System32\SPCtl.dll
[2005/07/23 01:30:20 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll

< End of report >
briolette
Regular Member
 
Posts: 81
Joined: January 8th, 2009, 11:18 am

Re: OS Frequently Crashes, Not Recognizing Driver Updates

Unread postby deltalima » March 24th, 2010, 7:12 pm

Hi briolette,

I have successfully run the OTL scan, but GMER will not run


Please run this alternative antirootkit scan.

Rootkit Revealer

Please download Rootkit Revealer from Sysinternals and save it to your desktop.

  • Right click on RootkitRevealer.zip and select Extract All....
  • Click Next on seeing the Welcome screen.
  • You will see a screen asking you to select where you want the files to be extracted to. By default, this will be desktop.
  • Click Next again.
  • Check (tick) Show extracted files box and click Finish.
  • Double click on RootkitRevealer.exe to run it.
  • A license agreement will be shown to you. Read through it and click on Agree.
  • Click on Scan at the bottom right hand corner.
  • When the scan is done, Rootkit Revealer will say Scan complete: X discrepancies found (X are numbers; message at the bottom left hand corner).
  • Click on File > Save.
  • By default, it would save to C:\Windows\System32 folder.
  • Click on Desktop on the left, then click on the Save button.
  • A RootkitRevealer.txt will be on your desktop.
  • Open it, select all the contents, copy and paste the contents in your next reply.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: OS Frequently Crashes, Not Recognizing Driver Updates

Unread postby briolette » March 24th, 2010, 8:38 pm

I'm sorry, deltalima...RootkitRevealer won't run either. Error message reads:

Unable to install RootkitRevealer service: the service did not respond to the start or control request in a timely fashion.
briolette
Regular Member
 
Posts: 81
Joined: January 8th, 2009, 11:18 am

Re: OS Frequently Crashes, Not Recognizing Driver Updates

Unread postby deltalima » March 25th, 2010, 6:42 am

Hi briolette,

RootkitRevealer won't run either


No problem, let's use this one.

Rooter

Please download Rooter.exe... Copyrighted © by... Eric_71. Save it to your desktop.

  • Right click on Rooter.exe icon on your desktop & select Run as Administrator
    If you recieve the "Open File" security warning, press Run. The Rooter interface will appear, with a variety of options displayed.
  • To run the Scan... press the Scan...button.
  • Notepad will open with a file created called "Rooter#.txt" ... located at %systemdrive%\Rooter$\Rooter#.txt. (# is the number assigned to the report)
    The location of the report file is shown in the bottom display window.
  • Press the Close button, to close the Rooter window.
Please copy and paste the contents of Rooter#.txt in you next reply.


Optional Fix

I see that Viewpoint is installed. Viewpoint, Viewpoint Manager, Viewpoint Media Player are Viewpoint components which are installed as a side effect of installing other software, most notably AOL and AOL Instant Messenger (AIM). Viewpoint Manager is responsible for managing and updating Viewpoint Media Player’s components. You can disable this using the Viewpoint Manager Control Panel found in the Windows Control Panel menu. By selecting Disable auto-updating for the Viewpoint Manager -- the player will no longer attempt to check for updates. Anything that is installed without your consent is suspect. Read what Viewpoint says and make your own decision.
To provide a satisfying consumer experience and to operate effectively, the Viewpoint Media Player periodically sends information to servers at Viewpoint. Each installation of the Viewpoint Media Player is identifiable to Viewpoint via a Customer Unique Identifier (CUID), an alphanumeric identifier embedded in the Viewpoint Media Player. The Viewpoint Media Player randomly generates the CUID during installation and uses it to indicate a unique installation of the product. A CUID is never connected to a user's name, email address, or other personal contact information. CUIDs are used for the sole purpose of filtering redundant information. Each of these information exchanges occurs anonymously.

Viewpoint Manager is considered as foistware instead of malware since it is installed without user's approval but doesn't spy or do anything bad. This may change,read Viewpoint to Plunge Into Adware.

I recommend that you remove the Viewpoint products; however, decide for yourself.

To uninstall the the Viewpoint components :
  1. Click Start, point to Settings, and then click Control Panel.
  2. In Control Panel, double-click Add or Remove Programs.
  3. In Add or Remove Programs, highlight >>Viewpoint component<< , click Remove.

Run OTL Script

  • Right click OTL.exe & select Run as Administrator to start the program.
  • Copy and Paste the following code into the Image textbox. Do not include the word Code
    Code: Select all
    :otl
    O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
    :commands
    [EMPTYTEMP]
    
  • Then click the Run Fix button at the top.
  • Click Image.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply along with the log from Rooter.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: OS Frequently Crashes, Not Recognizing Driver Updates

Unread postby briolette » March 25th, 2010, 12:19 pm

deltalima...I am having a dickens of a time with some of these programs - I do apologize. Thus far, I have uninstalled Viewpoint through Add/Remove Programs; however, the code that you've supplied for OTL to fix simply will not run. My first half a dozen tries or so, the program would indicate, Not Responding, and the computer would completely freeze. Consequently, operating with very little know-how on how to approach this, I added OTL to Windows firewall listing, with no success. Then, I completely disabled Windows firewall, again with no success. It just seems to refuse to allow any changes to the registry. I am at a complete loss.

All I have managed thus far is the following log from Rooter.exe. Again, my apologies:

Rooter.exe (v1.0.2) by Eric_71
.
SeDebugPrivilege granted successfully ...
.
Windows Vista Home Edition (6.0.6002) Service Pack 2
[32_bits] - x86 Family 6 Model 14 Stepping 12, GenuineIntel
.
[wscsvc] (Security Center) RUNNING (state:4)
[MpsSvc] RUNNING (state:4)
Windows Firewall -> Enabled
Windows Defender -> Enabled
User Account Control (UAC) -> Enabled
.
Internet Explorer 8.0.6001.18882
.
C:\ [Fixed-NTFS] .. ( Total:104 Go - Free:66 Go )
D:\ [CD_Rom]
.
Scan : 10:45.52
Path : C:\Users\howfrank\Desktop\Rooter.exe
User : howfrank ( Administrator -> YES )
.
----------------------\\ Processes
.
Locked [System Process] (0)
Locked System (4)
______ \SystemRoot\System32\smss.exe (488)
______ C:\Windows\system32\csrss.exe (624)
______ C:\Windows\system32\csrss.exe (668)
______ C:\Windows\system32\wininit.exe (676)
______ C:\Windows\system32\services.exe (712)
______ C:\Windows\system32\lsass.exe (728)
______ C:\Windows\system32\lsm.exe (736)
______ C:\Windows\system32\winlogon.exe (812)
______ C:\Windows\system32\svchost.exe (924)
______ C:\Windows\system32\svchost.exe (1004)
______ C:\Windows\System32\svchost.exe (1044)
______ C:\Windows\System32\svchost.exe (1132)
______ C:\Windows\System32\svchost.exe (1164)
______ C:\Windows\system32\svchost.exe (1196)
Locked audiodg.exe (1304)
______ C:\Windows\system32\svchost.exe (1324)
______ C:\Windows\system32\SLsvc.exe (1344)
______ C:\Windows\system32\svchost.exe (1396)
______ C:\Windows\system32\svchost.exe (1512)
______ C:\Windows\System32\spoolsv.exe (1728)
______ C:\Program Files\Avira\AntiVir Desktop\sched.exe (1752)
______ C:\Windows\system32\svchost.exe (1764)
______ C:\Windows\system32\agrsmsvc.exe (1992)
______ C:\Program Files\Avira\AntiVir Desktop\avguard.exe (2004)
______ C:\Windows\system32\svchost.exe (2024)
______ C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (2036)
______ C:\Windows\system32\dldocoms.exe (508)
______ C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (628)
______ C:\Program Files\Sprint\Pantech\Sprint Mobile Broadband (Pantech)\PWIUtilityService.exe (1500)
______ C:\Toshiba\IVP\ISM\pinger.exe (1628)
______ C:\Windows\system32\svchost.exe (1824)
______ C:\Windows\system32\svchost.exe (188)
______ c:\Toshiba\IVP\swupdate\swupdtmr.exe (496)
______ C:\Windows\system32\TODDSrv.exe (2092)
______ C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe (2120)
______ C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (2148)
______ C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (2236)
______ C:\Program Files\Viewpoint\Common\ViewpointService.exe (2252)
______ C:\Windows\system32\svchost.exe (2288)
______ C:\Windows\System32\svchost.exe (2300)
______ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (2328)
______ C:\Windows\system32\SearchIndexer.exe (2420)
______ C:\Windows\system32\taskeng.exe (2684)
______ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (2708)
______ C:\Windows\system32\taskeng.exe (3188)
______ C:\Windows\system32\Dwm.exe (3208)
______ C:\Windows\Explorer.EXE (3260)
______ C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (3388)
______ C:\Program Files\Windows Defender\MSASCui.exe (3396)
______ C:\Windows\RtHDVCpl.exe (3404)
______ C:\Program Files\ltmoh\ltmoh.exe (3416)
______ C:\Program Files\Toshiba\Power Saver\TPwrMain.exe (3432)
______ C:\Program Files\Toshiba\SmoothView\SmoothView.exe (3452)
______ C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (3464)
______ C:\Program Files\Toshiba\ConfigFree\NDSTray.exe (3476)
______ C:\Program Files\Synaptics\SynTP\SynToshiba.exe (3660)
______ C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (3720)
______ C:\Program Files\Dell 968 AIO Printer\dldomon.exe (3728)
______ C:\Program Files\Dell 968 AIO Printer\memcard.exe (3736)
______ C:\Windows\System32\hkcmd.exe (3764)
______ C:\Windows\System32\igfxpers.exe (3772)
______ C:\Program Files\Toshiba\Utilities\KeNotify.exe (3968)
______ C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (3988)
______ C:\Windows\ehome\ehtray.exe (3996)
______ C:\Program Files\Windows Media Player\wmpnscfg.exe (4008)
______ C:\Windows\system32\igfxsrvc.exe (4088)
______ C:\Windows\system32\wbem\unsecapp.exe (2484)
______ C:\Windows\system32\wbem\wmiprvse.exe (1448)
______ C:\Program Files\Windows Media Player\wmpnetwk.exe (3572)
______ C:\Windows\ehome\ehmsas.exe (1088)
______ C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe (1104)
______ C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (4260)
______ C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (4476)
______ C:\Windows\system32\SearchProtocolHost.exe (5136)
______ C:\Windows\system32\SearchFilterHost.exe (3784)
______ C:\Users\howfrank\Desktop\Rooter.exe (5788)
.
----------------------\\ Device\Harddisk0\
.
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
.
\Device\Harddisk0\Partition1 (Start_Offset:1048576 | Length:1572864000)
\Device\Harddisk0\Partition2 --[ MBR ]-- (Start_Offset:1573912576 | Length:112068657152)
\Device\Harddisk0\Partition3 (Start_Offset:113642569728 | Length:6391070720)
.
----------------------\\ Scheduled Tasks
.
C:\Windows\Tasks\SA.DAT
C:\Windows\Tasks\SCHEDLGU.TXT
.
----------------------\\ Registry
.
.
----------------------\\ Files & Folders
.
----------------------\\ Scan completed at 10:45.59
.
C:\Rooter$\Rooter_1.txt - (25/03/2010 | 10:45.59)
briolette
Regular Member
 
Posts: 81
Joined: January 8th, 2009, 11:18 am

Re: OS Frequently Crashes, Not Recognizing Driver Updates

Unread postby deltalima » March 25th, 2010, 3:25 pm

Hi briolette,

I am having a dickens of a time with some of these programs


Not to worry, there are problems with your computer and we will find ways around them.

I added OTL to Windows firewall listing, with no success. Then, I completely disabled Windows firewall, again with no success.


No need to alter the firewall, please return the settings to how they were.

It just seems to refuse to allow any changes to the registry


The problems do all point to a damaged registry although still not positively a malware issue.

Have you ever run any Registry tweak or optimise or speed up type tools on this computer ?

Run HijackThis
Right click on HijackThis & select Run as Administrator
Select Scan. Check the boxes next to all the entries listed below (if present):

O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)

Now close all other open windows and then click on Fix Checked. Close HijackThis.

ESET online scannner

  • Please go Here then click on: Image
    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • Select the option YES, I accept the Terms of Use then click on: Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on: Image
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: OS Frequently Crashes, Not Recognizing Driver Updates

Unread postby briolette » March 25th, 2010, 7:40 pm

Yes, deltalima, some self-help website that I frequented before coming here was touting a registry cleaner that I believe I used once on this computer sometime last year. It wasn't long afterwards that I found myself here where I was warned that such software is unsafe and ill-advised. I promptly refrained from using it, or any other, for that matter, & uninstalled it via Add/Remove Programs. However, there is still evidence of a back-up file from that program in the root directory (Eusing Registry Cleaner).

I ran the ESET Scanner but the only log.txt file that it produced is as follows. Should I run it again?

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
briolette
Regular Member
 
Posts: 81
Joined: January 8th, 2009, 11:18 am

Re: OS Frequently Crashes, Not Recognizing Driver Updates

Unread postby deltalima » March 26th, 2010, 7:44 am

Hi briolette,

I ran the ESET Scanner but the only log.txt file that it produced is as follows. Should I run it again?


Yes, please run the scan again.


Create a batch file
  1. Open Notepad.
  2. Copy/paste the following text into the empty Notepad window.
    Code: Select all
    @echo off
    cmd /c chkdsk c: |find /v "percent" >> checkhd.txt
    start notepad checkhd.txt
    Del %0
    
  3. Save the file as xxx.bat on your desktop. Save it with the file type... all types *.*.
  4. Right click the file xxx.bat & select Run as Administrator

results.txt should open in Notepad automatically when the script has complete, post the contents of this file in your next response.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: OS Frequently Crashes, Not Recognizing Driver Updates

Unread postby briolette » March 26th, 2010, 9:01 am

Hi, deltalima...I am about to start ESET again, but I am posting the CHKDSK log ahead of it, because ESET took approximately 8 hrs to complete yesterday. By the time it was done, it was the wee hours of the morning in the UK. Today, I will disable my virusware, which I neglected to do the first time, in hopes that it'll run a little faster.

CHKDSK Log:

The type of the file system is NTFS.
Volume label is SQ004372V01.

WARNING! F parameter not specified.
Running CHKDSK in read-only mode.

CHKDSK is verifying files (stage 1 of 3)...
File verification completed.
627 large file records processed.

0 bad file records processed.

0 EA records processed.

44 reparse records processed.

CHKDSK is verifying indexes (stage 2 of 3)...
Index verification completed.
0 unindexed files processed.

CHKDSK is verifying security descriptors (stage 3 of 3)...
Security descriptor verification completed.
20527 data files processed.

CHKDSK is verifying Usn Journal...
Usn Journal verification completed.
Windows has checked the file system and found no problems.

109442047 KB total disk space.
25196268 KB in 97810 files.
61496 KB in 20528 indexes.
0 KB in bad sectors.
233727 KB in use by the system.
65536 KB occupied by the log file.
83950556 KB available on disk.

4096 bytes in each allocation unit.
27360511 total allocation units on disk.
20987639 allocation units available on disk.
briolette
Regular Member
 
Posts: 81
Joined: January 8th, 2009, 11:18 am
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 54 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware